diff --git a/SOURCES/0001-Add-AlmaLinux-8-support.patch b/SOURCES/0001-Add-AlmaLinux-8-support.patch
index 388566b..952cd44 100644
--- a/SOURCES/0001-Add-AlmaLinux-8-support.patch
+++ b/SOURCES/0001-Add-AlmaLinux-8-support.patch
@@ -1,8 +1,8 @@
 diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 52d841098..9507f9864 100644
+index aef21154f..a8d8360c6 100644
 --- a/CMakeLists.txt
 +++ b/CMakeLists.txt
-@@ -71,6 +71,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui
+@@ -76,6 +76,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui
  # unless explicitly asked for.
  option(SSG_PRODUCT_ALINUX2 "If enabled, the Alibaba Cloud Linux 2 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
  option(SSG_PRODUCT_ALINUX3 "If enabled, the Alibaba Cloud Linux 3 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
@@ -10,7 +10,7 @@ index 52d841098..9507f9864 100644
  option(SSG_PRODUCT_ANOLIS8 "If enabled, the Anolis OS 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
  option(SSG_PRODUCT_ANOLIS23 "If enabled, the Anolis OS 23 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
  option(SSG_PRODUCT_CHROMIUM "If enabled, the Chromium SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
-@@ -283,6 +284,7 @@ message(STATUS " ")
+@@ -302,6 +303,7 @@ message(STATUS " ")
  message(STATUS "Products:")
  message(STATUS "Alibaba Cloud Linux 2: ${SSG_PRODUCT_ALINUX2}")
  message(STATUS "Alibaba Cloud Linux 3: ${SSG_PRODUCT_ALINUX3}")
@@ -18,7 +18,7 @@ index 52d841098..9507f9864 100644
  message(STATUS "Anolis OS 8: ${SSG_PRODUCT_ANOLIS8}")
  message(STATUS "Anolis OS 23: ${SSG_PRODUCT_ANOLIS23}")
  message(STATUS "Chromium: ${SSG_PRODUCT_CHROMIUM}")
-@@ -349,6 +351,9 @@ endif()
+@@ -371,6 +373,9 @@ endif()
  if(SSG_PRODUCT_ALINUX3)
      add_subdirectory("products/alinux3" "alinux3")
  endif()
@@ -29,10 +29,10 @@ index 52d841098..9507f9864 100644
      add_subdirectory("products/anolis8" "anolis8")
  endif()
 diff --git a/build_product b/build_product
-index ba8fb5d68..530afe68d 100755
+index 34c74f12a..19f91ffff 100755
 --- a/build_product
 +++ b/build_product
-@@ -307,6 +307,7 @@ set_explict_build_targets() {
+@@ -321,6 +321,7 @@ set_explict_build_targets() {
  all_cmake_products=(
  	ALINUX2
  	ALINUX3
@@ -41,12 +41,12 @@ index ba8fb5d68..530afe68d 100755
  	ANOLIS23
  	CHROMIUM
 diff --git a/cmake/SSGCommon.cmake b/cmake/SSGCommon.cmake
-index 62909dbf2..d85193dcf 100644
+index ea0f67644..d511ffe95 100644
 --- a/cmake/SSGCommon.cmake
 +++ b/cmake/SSGCommon.cmake
-@@ -831,7 +831,7 @@ macro(ssg_build_product PRODUCT)
-     add_dependencies(html-stats ${PRODUCT}-html-stats)
-     add_dependencies(html-profile-stats ${PRODUCT}-html-profile-stats)
+@@ -837,7 +837,7 @@ macro(ssg_build_product PRODUCT)
+     ssg_render_policies_for_product(${PRODUCT})
+     add_dependencies(render-policies ${PRODUCT}-render-policies)
  
 -    if(SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "rhel(7|8)")
 +    if(SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "almalinux8")
@@ -66,10 +66,10 @@ index 2b00bd908..4fc431b04 100644
  - ensure_gpgcheck_globally_activated
  - ensure_gpgcheck_local_packages
 diff --git a/controls/anssi.yml b/controls/anssi.yml
-index 35e111d11..6f813c160 100644
+index 665fd4073..884901fb0 100644
 --- a/controls/anssi.yml
 +++ b/controls/anssi.yml
-@@ -1155,7 +1155,7 @@ controls:
+@@ -1157,7 +1157,7 @@ controls:
      - ensure_gpgcheck_never_disabled
      - ensure_gpgcheck_globally_activated
      - ensure_gpgcheck_local_packages
@@ -79,20 +79,20 @@ index 35e111d11..6f813c160 100644
  
    - id: R60
 diff --git a/controls/cis_rhel8.yml b/controls/cis_rhel8.yml
-index afa162a66..4584a123a 100644
+index d81729d59..fd31d9a54 100644
 --- a/controls/cis_rhel8.yml
 +++ b/controls/cis_rhel8.yml
-@@ -349,7 +349,7 @@ controls:
+@@ -351,7 +351,7 @@ controls:
        - l1_workstation
      status: manual
      related_rules:
 -      - ensure_redhat_gpgkey_installed
 +      - ensure_almalinux_gpgkey_installed
  
-   - id: 1.2.3
+   - id: 1.2.2
      title: Ensure gpgcheck is globally activated (Automated)
 diff --git a/controls/cis_rhel9.yml b/controls/cis_rhel9.yml
-index b97ce59ea..0fbb5ffe3 100644
+index d3d2fe87d..53fd01e15 100644
 --- a/controls/cis_rhel9.yml
 +++ b/controls/cis_rhel9.yml
 @@ -306,7 +306,7 @@ controls:
@@ -104,6 +104,19 @@ index b97ce59ea..0fbb5ffe3 100644
  
    - id: 1.2.2
      title: Ensure gpgcheck is globally activated (Automated)
+diff --git a/controls/pcidss_4.yml b/controls/pcidss_4.yml
+index 0936fe934..0e557fdcd 100644
+--- a/controls/pcidss_4.yml
++++ b/controls/pcidss_4.yml
+@@ -1547,7 +1547,7 @@ controls:
+         - base
+       status: automated
+       rules:
+-        - ensure_redhat_gpgkey_installed
++        - ensure_almalinux_gpgkey_installed
+         - ensure_suse_gpgkey_installed
+         - ensure_gpgcheck_globally_activated
+         - ensure_gpgcheck_never_disabled
 diff --git a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml
 index 6d494547b..71d2df788 100644
 --- a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml
@@ -119,103 +132,24 @@ index 6d494547b..71d2df788 100644
              - ensure_oracle_gpgkey_installed
  
          status: automated
-diff --git a/linux_os/guide/services/avahi/avahi_configuration/avahi_check_ttl/rule.yml b/linux_os/guide/services/avahi/avahi_configuration/avahi_check_ttl/rule.yml
-index 14ea150a7..0f9407b40 100644
---- a/linux_os/guide/services/avahi/avahi_configuration/avahi_check_ttl/rule.yml
-+++ b/linux_os/guide/services/avahi/avahi_configuration/avahi_check_ttl/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Check Avahi Responses'' TTL Field'
- 
-diff --git a/linux_os/guide/services/avahi/avahi_configuration/avahi_ip_only/rule.yml b/linux_os/guide/services/avahi/avahi_configuration/avahi_ip_only/rule.yml
-index 36bb0308b..949fda551 100644
---- a/linux_os/guide/services/avahi/avahi_configuration/avahi_ip_only/rule.yml
-+++ b/linux_os/guide/services/avahi/avahi_configuration/avahi_ip_only/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Serve Avahi Only via Required Protocol'
- 
-diff --git a/linux_os/guide/services/avahi/avahi_configuration/avahi_prevent_port_sharing/rule.yml b/linux_os/guide/services/avahi/avahi_configuration/avahi_prevent_port_sharing/rule.yml
-index 69c83eef5..a7d9e163b 100644
---- a/linux_os/guide/services/avahi/avahi_configuration/avahi_prevent_port_sharing/rule.yml
-+++ b/linux_os/guide/services/avahi/avahi_configuration/avahi_prevent_port_sharing/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Prevent Other Programs from Using Avahi''s Port'
- 
-diff --git a/linux_os/guide/services/avahi/avahi_configuration/avahi_restrict_published_information/rule.yml b/linux_os/guide/services/avahi/avahi_configuration/avahi_restrict_published_information/rule.yml
-index 0db51bd1b..b7cf62ece 100644
---- a/linux_os/guide/services/avahi/avahi_configuration/avahi_restrict_published_information/rule.yml
-+++ b/linux_os/guide/services/avahi/avahi_configuration/avahi_restrict_published_information/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Restrict Information Published by Avahi'
- 
-diff --git a/linux_os/guide/services/avahi/disable_avahi_group/package_avahi-autoipd_removed/rule.yml b/linux_os/guide/services/avahi/disable_avahi_group/package_avahi-autoipd_removed/rule.yml
-index e88bbf4ef..a49c65b2e 100644
---- a/linux_os/guide/services/avahi/disable_avahi_group/package_avahi-autoipd_removed/rule.yml
-+++ b/linux_os/guide/services/avahi/disable_avahi_group/package_avahi-autoipd_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Uninstall avahi-autoipd Server Package'
- 
-diff --git a/linux_os/guide/services/avahi/disable_avahi_group/package_avahi_removed/rule.yml b/linux_os/guide/services/avahi/disable_avahi_group/package_avahi_removed/rule.yml
-index ae6e5f38f..9a72ea715 100644
---- a/linux_os/guide/services/avahi/disable_avahi_group/package_avahi_removed/rule.yml
-+++ b/linux_os/guide/services/avahi/disable_avahi_group/package_avahi_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall avahi Server Package'
- 
-diff --git a/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml b/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml
-index 9994d5921..5f5523d1d 100644
---- a/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml
-+++ b/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Avahi Server Software'
+diff --git a/controls/stig_rhel9.yml b/controls/stig_rhel9.yml
+index 5449c8296..0975a82e4 100644
+--- a/controls/stig_rhel9.yml
++++ b/controls/stig_rhel9.yml
+@@ -384,7 +384,7 @@ controls:
+             - medium
+         title: RHEL 9 must ensure cryptographic verification of vendor software packages.
+         rules:
+-            - ensure_redhat_gpgkey_installed
++            - ensure_almalinux_gpgkey_installed
+         status: automated
  
+     -   id: RHEL-09-214015
 diff --git a/linux_os/guide/services/base/package_abrt_removed/rule.yml b/linux_os/guide/services/base/package_abrt_removed/rule.yml
-index 1c823d798..49db82556 100644
+index e04cfe6ff..27ad8a3f0 100644
 --- a/linux_os/guide/services/base/package_abrt_removed/rule.yml
 +++ b/linux_os/guide/services/base/package_abrt_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Uninstall Automatic Bug Reporting Tool (abrt)'
- 
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040001
@@ -224,78 +158,6 @@ index 1c823d798..49db82556 100644
  
  {{{ complete_ocil_entry_package(package="abrt") }}}
  
-diff --git a/linux_os/guide/services/base/package_psacct_installed/rule.yml b/linux_os/guide/services/base/package_psacct_installed/rule.yml
-index b5a0e7174..0b6a33ff6 100644
---- a/linux_os/guide/services/base/package_psacct_installed/rule.yml
-+++ b/linux_os/guide/services/base/package_psacct_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Install the psacct package'
- 
-diff --git a/linux_os/guide/services/base/service_abrtd_disabled/rule.yml b/linux_os/guide/services/base/service_abrtd_disabled/rule.yml
-index 5ac0b0ee9..434932977 100644
---- a/linux_os/guide/services/base/service_abrtd_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_abrtd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,uos20
- 
- title: 'Disable Automatic Bug Reporting Tool (abrtd)'
- 
-diff --git a/linux_os/guide/services/base/service_acpid_disabled/rule.yml b/linux_os/guide/services/base/service_acpid_disabled/rule.yml
-index 51894a447..8435eba24 100644
---- a/linux_os/guide/services/base/service_acpid_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_acpid_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Advanced Configuration and Power Interface (acpid)'
- 
-diff --git a/linux_os/guide/services/base/service_certmonger_disabled/rule.yml b/linux_os/guide/services/base/service_certmonger_disabled/rule.yml
-index f7813a663..a7de82ff1 100644
---- a/linux_os/guide/services/base/service_certmonger_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_certmonger_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Certmonger Service (certmonger)'
- 
-diff --git a/linux_os/guide/services/base/service_cockpit_disabled/rule.yml b/linux_os/guide/services/base/service_cockpit_disabled/rule.yml
-index dcf0885f1..3a7bd94b7 100644
---- a/linux_os/guide/services/base/service_cockpit_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_cockpit_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable Cockpit Management Server'
- 
-diff --git a/linux_os/guide/services/base/service_cpupower_disabled/rule.yml b/linux_os/guide/services/base/service_cpupower_disabled/rule.yml
-index 39b7cde75..f24b42210 100644
---- a/linux_os/guide/services/base/service_cpupower_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_cpupower_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable CPU Speed (cpupower)'
- 
 diff --git a/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda b/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda
 index 1f6a233ed..9f3a4d6b4 100644
 --- a/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda
@@ -306,676 +168,23 @@ index 1f6a233ed..9f3a4d6b4 100644
  
  kdump --disable
 diff --git a/linux_os/guide/services/base/service_kdump_disabled/rule.yml b/linux_os/guide/services/base/service_kdump_disabled/rule.yml
-index 80fe7b688..1aa2d2a63 100644
+index 45a7019bf..764d594c3 100644
 --- a/linux_os/guide/services/base/service_kdump_disabled/rule.yml
 +++ b/linux_os/guide/services/base/service_kdump_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable KDump Kernel Crash Analyzer (kdump)'
- 
-@@ -41,7 +41,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      stigid@ol7: OL07-00-021300
      stigid@ol8: OL08-00-010670
      stigid@rhel7: RHEL-07-021300
 -    stigid@rhel8: RHEL-08-010670
 +    stigid@almalinux8: RHEL-08-010670
+     stigid@rhel9: RHEL-09-213115
      stigid@sle12: SLES-12-010840
      stigid@sle15: SLES-15-040190
-     stigid@ubuntu2004: UBTU-20-010413
-diff --git a/linux_os/guide/services/base/service_mdmonitor_disabled/rule.yml b/linux_os/guide/services/base/service_mdmonitor_disabled/rule.yml
-index e8a285d1f..c60c2615d 100644
---- a/linux_os/guide/services/base/service_mdmonitor_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_mdmonitor_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Software RAID Monitor (mdmonitor)'
- 
-diff --git a/linux_os/guide/services/base/service_netconsole_disabled/rule.yml b/linux_os/guide/services/base/service_netconsole_disabled/rule.yml
-index 2e45b969e..4a710b4a2 100644
---- a/linux_os/guide/services/base/service_netconsole_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_netconsole_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Network Console (netconsole)'
- 
-diff --git a/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml b/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml
-index 2d3189bc1..1453bf488 100644
---- a/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20
-+prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,uos20
- 
- title: 'Disable ntpdate Service (ntpdate)'
- 
-diff --git a/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml b/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml
-index ffa0e5d82..4c2d7995b 100644
---- a/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20
-+prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,uos20
- 
- title: 'Disable Odd Job Daemon (oddjobd)'
- 
-diff --git a/linux_os/guide/services/base/service_portreserve_disabled/rule.yml b/linux_os/guide/services/base/service_portreserve_disabled/rule.yml
-index 6539144f3..9e06c22bf 100644
---- a/linux_os/guide/services/base/service_portreserve_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_portreserve_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Portreserve (portreserve)'
- 
-diff --git a/linux_os/guide/services/base/service_psacct_enabled/rule.yml b/linux_os/guide/services/base/service_psacct_enabled/rule.yml
-index 591897122..ec402d363 100644
---- a/linux_os/guide/services/base/service_psacct_enabled/rule.yml
-+++ b/linux_os/guide/services/base/service_psacct_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Enable Process Accounting (psacct)'
- 
-diff --git a/linux_os/guide/services/base/service_qpidd_disabled/rule.yml b/linux_os/guide/services/base/service_qpidd_disabled/rule.yml
-index 62bebd735..eb6e1efc8 100644
---- a/linux_os/guide/services/base/service_qpidd_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_qpidd_disabled/rule.yml
-@@ -1,7 +1,7 @@
- documentation_complete: true
- 
- # package is unlikely to appear on a RHEL9 system, don't extend to RHEL10
--prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,uos20
- 
- title: 'Disable Apache Qpid (qpidd)'
- 
-diff --git a/linux_os/guide/services/base/service_quota_nld_disabled/rule.yml b/linux_os/guide/services/base/service_quota_nld_disabled/rule.yml
-index 604f053c0..be4a9ca10 100644
---- a/linux_os/guide/services/base/service_quota_nld_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_quota_nld_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Quota Netlink (quota_nld)'
- 
-diff --git a/linux_os/guide/services/base/service_rdisc_disabled/rule.yml b/linux_os/guide/services/base/service_rdisc_disabled/rule.yml
-index 3a9b0cd98..d5bd83bf0 100644
---- a/linux_os/guide/services/base/service_rdisc_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_rdisc_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,uos20
- 
- title: 'Disable Network Router Discovery Daemon (rdisc)'
- 
-diff --git a/linux_os/guide/services/base/service_rhnsd_disabled/rule.yml b/linux_os/guide/services/base/service_rhnsd_disabled/rule.yml
-index 41571146d..55cccff87 100644
---- a/linux_os/guide/services/base/service_rhnsd_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_rhnsd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable Red Hat Network Service (rhnsd)'
- 
-diff --git a/linux_os/guide/services/base/service_rhsmcertd_disabled/rule.yml b/linux_os/guide/services/base/service_rhsmcertd_disabled/rule.yml
-index 022d1c20c..4498e4b66 100644
---- a/linux_os/guide/services/base/service_rhsmcertd_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_rhsmcertd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Red Hat Subscription Manager Daemon (rhsmcertd)'
- 
-diff --git a/linux_os/guide/services/base/service_saslauthd_disabled/rule.yml b/linux_os/guide/services/base/service_saslauthd_disabled/rule.yml
-index d9bda04aa..107c30636 100644
---- a/linux_os/guide/services/base/service_saslauthd_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_saslauthd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Cyrus SASL Authentication Daemon (saslauthd)'
- 
-diff --git a/linux_os/guide/services/base/service_sysstat_disabled/rule.yml b/linux_os/guide/services/base/service_sysstat_disabled/rule.yml
-index c35775de9..926651cdb 100644
---- a/linux_os/guide/services/base/service_sysstat_disabled/rule.yml
-+++ b/linux_os/guide/services/base/service_sysstat_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable System Statistics Reset Service (sysstat)'
- 
-diff --git a/linux_os/guide/services/cron_and_at/disable_anacron/rule.yml b/linux_os/guide/services/cron_and_at/disable_anacron/rule.yml
-index 932061531..0ac567a3d 100644
---- a/linux_os/guide/services/cron_and_at/disable_anacron/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/disable_anacron/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Disable anacron Service'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml
-index 77b163e60..b8b845a80 100644
---- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Group Who Owns cron.d'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml
-index ff0443ac5..45007afd6 100644
---- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Group Who Owns cron.daily'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml
-index 63dd951d7..479e9df7a 100644
---- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Group Who Owns cron.hourly'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml
-index 6d4493560..cbe4eba4d 100644
---- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Group Who Owns cron.monthly'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml
-index 687b84698..5acfc2574 100644
---- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Group Who Owns cron.weekly'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml
-index b980bc125..841109a6e 100644
---- a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Group Who Owns Crontab'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml
-index c2d050d27..f3a64820d 100644
---- a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Owner on cron.d'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml
-index 6024de5c6..b4c1da9e1 100644
---- a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Owner on cron.daily'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml
-index 46320b462..f020455c2 100644
---- a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Owner on cron.hourly'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml
-index 18afaf1da..e6088935b 100644
---- a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Owner on cron.monthly'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml
-index d76c2031c..8005bf3a3 100644
---- a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Owner on cron.weekly'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml
-index b9c4bcce4..d2e5b6862 100644
---- a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Owner on crontab'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml
-index bdc53cc7c..1b7f39525 100644
---- a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Permissions on cron.d'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml
-index 24b4cf5e5..0733a954b 100644
---- a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Permissions on cron.daily'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml
-index 6e0da2bac..787942544 100644
---- a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Permissions on cron.hourly'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml
-index 5f5e5f6ec..bd8dd3930 100644
---- a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Permissions on cron.monthly'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml
-index c4ea83653..089202790 100644
---- a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Permissions on cron.weekly'
- 
-diff --git a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml
-index e29f65023..c8c9f13f9 100644
---- a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Permissions on crontab'
- 
-diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml
-index 169db9bc0..ba14b6a92 100644
---- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
- 
- title: 'Ensure that /etc/at.deny does not exist'
- 
-diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml
-index ff1fb5c57..8871a30ab 100644
---- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
- 
- title: 'Ensure that /etc/cron.deny does not exist'
- 
-diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml
-index dfa5e7fc6..34518a56a 100644
---- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Group Who Owns /etc/at.allow file'
- 
-diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml
-index 66b4a228b..762d3ef75 100644
---- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Group Who Owns /etc/cron.allow file'
- 
-diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml
-index 843e6af80..117f4a4a5 100644
---- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify User Who Owns /etc/cron.allow file'
- 
-diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml
-index d0e6dfd0c..7bfe84cc4 100644
---- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Permissions on /etc/at.allow file'
- 
-diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml
-index 2b5f5e207..8a0ee1821 100644
---- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Permissions on /etc/cron.allow file'
- 
-diff --git a/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml b/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml
-index 53b236464..e7113fab9 100644
---- a/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,uos20
- 
- title: 'Disable At Service (atd)'
- 
-diff --git a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml
-index b2f6cddb1..397eae7ed 100644
---- a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable cron Service'
- 
-diff --git a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_configure_logging/rule.yml b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_configure_logging/rule.yml
-index 6baf90263..81a9ad03d 100644
---- a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_configure_logging/rule.yml
-+++ b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_configure_logging/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Configure Logging'
- 
-diff --git a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_bootp/rule.yml b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_bootp/rule.yml
-index 1d825698a..8c28acb91 100644
---- a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_bootp/rule.yml
-+++ b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_bootp/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Deny BOOTP Queries'
- 
-diff --git a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_decline/rule.yml b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_decline/rule.yml
-index 4b0fa9a59..f50fe476f 100644
---- a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_decline/rule.yml
-+++ b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_decline/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Deny Decline Messages'
- 
-diff --git a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_disable_ddns/rule.yml b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_disable_ddns/rule.yml
-index e9cdf7996..71db5eef0 100644
---- a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_disable_ddns/rule.yml
-+++ b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_disable_ddns/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Do Not Use Dynamic DNS'
- 
-diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_client/sysconfig_networking_bootproto_ifcfg/rule.yml b/linux_os/guide/services/dhcp/disabling_dhcp_client/sysconfig_networking_bootproto_ifcfg/rule.yml
-index 6c9c0b02b..bda84dff8 100644
---- a/linux_os/guide/services/dhcp/disabling_dhcp_client/sysconfig_networking_bootproto_ifcfg/rule.yml
-+++ b/linux_os/guide/services/dhcp/disabling_dhcp_client/sysconfig_networking_bootproto_ifcfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable DHCP Client in ifcfg'
- 
-diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml b/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml
-index cd80412b3..047485912 100644
---- a/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml
-+++ b/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall DHCP Server Package'
- 
-diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml b/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml
-index 0b54e6c74..8ce6c9efc 100644
---- a/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml
-+++ b/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disable DHCP Service'
- 
-diff --git a/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml b/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml
-index 392785165..7872555cc 100644
---- a/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml
-+++ b/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204,uos20
- 
- title: 'Uninstall bind Package'
- 
-diff --git a/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml b/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml
-index 87843736d..5825bf707 100644
---- a/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml
-+++ b/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disable named Service'
- 
-diff --git a/linux_os/guide/services/dns/dns_server_protection/dns_server_authenticate_zone_transfers/rule.yml b/linux_os/guide/services/dns/dns_server_protection/dns_server_authenticate_zone_transfers/rule.yml
-index f8220f537..239b7f2e7 100644
---- a/linux_os/guide/services/dns/dns_server_protection/dns_server_authenticate_zone_transfers/rule.yml
-+++ b/linux_os/guide/services/dns/dns_server_protection/dns_server_authenticate_zone_transfers/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Authenticate Zone Transfers'
- 
-diff --git a/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_dynamic_updates/rule.yml b/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_dynamic_updates/rule.yml
-index 175cc9872..a271f9e87 100644
---- a/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_dynamic_updates/rule.yml
-+++ b/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_dynamic_updates/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Dynamic Updates'
- 
-diff --git a/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_zone_transfers/rule.yml b/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_zone_transfers/rule.yml
-index 05aa23441..8c4416440 100644
---- a/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_zone_transfers/rule.yml
-+++ b/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_zone_transfers/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Zone Transfers from the Nameserver'
- 
 diff --git a/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml b/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml
-index c2de306f6..d6af16a9b 100644
+index 67fc86c42..a397633e8 100644
 --- a/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml
 +++ b/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Configure Fapolicy Module to Employ a Deny-all, Permit-by-exception Policy to Allow the Execution of Authorized Software Programs.'
- 
-@@ -26,7 +26,7 @@ references:
+@@ -25,7 +25,7 @@ references:
    nist: CM-7 (2),CM-7 (5) (b),CM-6 b
    srg: SRG-OS-000368-GPOS-00154,SRG-OS-000370-GPOS-00155,SRG-OS-000480-GPOS-00232
    stigid@ol8: OL08-00-040137
@@ -984,7 +193,7 @@ index c2de306f6..d6af16a9b 100644
  
  ocil_clause: 'fapolicyd is not running in enforcement mode with a deny-all, permit-by-exception policy'
  
-@@ -41,7 +41,7 @@ ocil: |-
+@@ -40,7 +40,7 @@ ocil: |-
  
      Check that fapolicyd employs a deny-all policy on system mounts with the following commands:
  
@@ -993,7 +202,7 @@ index c2de306f6..d6af16a9b 100644
      {{% set product_short_name = "OL" if "ol" in product else "RHEL" %}}
      For {{{ product_short_name }}} 8.5 systems and older:
      $ sudo tail /etc/fapolicyd/fapolicyd.rules
-@@ -61,7 +61,7 @@ fixtext: |-
+@@ -60,7 +60,7 @@ fixtext: |-
  
      permissive = 1
  
@@ -1003,992 +212,62 @@ index c2de306f6..d6af16a9b 100644
      Build the whitelist in the "/etc/fapolicyd/fapolicyd.rules" file ensuring the last rule is "deny perm=any all : all".
  
 diff --git a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
-index febad1cc8..4c1608be6 100644
+index 52fc6fe69..03fb0c022 100644
 --- a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
 +++ b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Install fapolicyd Package'
- 
-@@ -23,7 +23,7 @@ references:
+@@ -22,7 +22,7 @@ references:
      nist: CM-6(a),SI-4(22)
      srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230
      stigid@ol8: OL08-00-040135
 -    stigid@rhel8: RHEL-08-040135
 +    stigid@almalinux8: RHEL-08-040135
+     stigid@rhel9: RHEL-09-433010
  
  ocil_clause: 'the fapolicyd package is not installed'
- 
 diff --git a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
-index 57e01f723..f1efa8bba 100644
+index d7dd2954b..f7c17fee5 100644
 --- a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
 +++ b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Enable the File Access Policy Service'
- 
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230
      stigid@ol8: OL08-00-040136
 -    stigid@rhel8: RHEL-08-040136
 +    stigid@almalinux8: RHEL-08-040136
+     stigid@rhel9: RHEL-09-433015
  
  ocil_clause: 'the service is not enabled'
- 
 diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
-index f88eea4f0..52da81382 100644
+index 915ca1269..a27c61b9c 100644
 --- a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
 +++ b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall vsftpd Package'
- 
-@@ -41,7 +41,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      stigid@ol7: OL07-00-040690
      stigid@ol8: OL08-00-040360
      stigid@rhel7: RHEL-07-040690
 -    stigid@rhel8: RHEL-08-040360
 +    stigid@almalinux8: RHEL-08-040360
+     stigid@rhel9: RHEL-09-215015
      stigid@sle12: SLES-12-030011
      stigid@sle15: SLES-15-010030
- 
-diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml
-index dc79102fd..87f348bad 100644
---- a/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml
-+++ b/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disable vsftpd Service'
- 
-diff --git a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_disable_uploads/rule.yml b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_disable_uploads/rule.yml
-index f94beaf66..72143561f 100644
---- a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_disable_uploads/rule.yml
-+++ b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_disable_uploads/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Disable FTP Uploads if Possible'
- 
-diff --git a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_home_partition/rule.yml b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_home_partition/rule.yml
-index 628186475..6c59fe879 100644
---- a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_home_partition/rule.yml
-+++ b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_home_partition/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Place the FTP Home Directory on its Own Partition'
- 
-diff --git a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_log_transactions/rule.yml b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_log_transactions/rule.yml
-index 3f9a0e0d4..04625628a 100644
---- a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_log_transactions/rule.yml
-+++ b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_log_transactions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Enable Logging of All FTP Transactions'
- 
-diff --git a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_present_banner/rule.yml b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_present_banner/rule.yml
-index 3cacb8574..0ce945f0c 100644
---- a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_present_banner/rule.yml
-+++ b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_present_banner/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,sle12
-+prodtype: fedora,rhel7,rhel8,almalinux8,sle12
- 
- title: 'Create Warning Banners for All FTP Users'
- 
-diff --git a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_restrict_users/ftp_restrict_to_anon/rule.yml b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_restrict_users/ftp_restrict_to_anon/rule.yml
-index 2782961b0..e74183f3a 100644
---- a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_restrict_users/ftp_restrict_to_anon/rule.yml
-+++ b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_restrict_users/ftp_restrict_to_anon/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Restrict Access to Anonymous Users if Possible'
- 
-diff --git a/linux_os/guide/services/ftp/ftp_use_vsftpd/package_vsftpd_installed/rule.yml b/linux_os/guide/services/ftp/ftp_use_vsftpd/package_vsftpd_installed/rule.yml
-index 6aa51e736..289415f17 100644
---- a/linux_os/guide/services/ftp/ftp_use_vsftpd/package_vsftpd_installed/rule.yml
-+++ b/linux_os/guide/services/ftp/ftp_use_vsftpd/package_vsftpd_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Install vsftpd Package'
- 
-diff --git a/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml b/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml
-index 044177ba3..f063d8cbe 100644
---- a/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml
-+++ b/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall httpd Package'
- 
-diff --git a/linux_os/guide/services/http/disabling_httpd/service_httpd_disabled/rule.yml b/linux_os/guide/services/http/disabling_httpd/service_httpd_disabled/rule.yml
-index c650de2a3..1f7442551 100644
---- a/linux_os/guide/services/http/disabling_httpd/service_httpd_disabled/rule.yml
-+++ b/linux_os/guide/services/http/disabling_httpd/service_httpd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sel12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,almalinux8,rhel9,sel12,sle15
- 
- title: 'Disable httpd Service'
- 
-diff --git a/linux_os/guide/services/http/disabling_nginx/package_nginx_removed/rule.yml b/linux_os/guide/services/http/disabling_nginx/package_nginx_removed/rule.yml
-index 171b5262d..eb0826aec 100644
---- a/linux_os/guide/services/http/disabling_nginx/package_nginx_removed/rule.yml
-+++ b/linux_os/guide/services/http/disabling_nginx/package_nginx_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: fedora,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall nginx Package'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml
-index bb71b36f9..38cbb050d 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Configure Error Log Format'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml
-index 3a9b317b7..e04b503d3 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Configure The Number of Allowed Simultaneous Requests'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml
-index 136cd7cca..770217420 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Scan All Uploaded Content for Malicious Software'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_firewall/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_firewall/rule.yml
-index 2d0a5c514..8de48bb43 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_firewall/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_firewall/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Configure firewall to Allow Access to the Web Server'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_remote_session_encryption/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_remote_session_encryption/rule.yml
-index afc9519f7..09dc97cbd 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_remote_session_encryption/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_remote_session_encryption/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Ensure Remote Administrative Access Is Encrypted'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_etc_httpd_conf/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_etc_httpd_conf/rule.yml
-index 91174c07e..50ceb9d0b 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_etc_httpd_conf/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_etc_httpd_conf/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Set Permissions on the /etc/httpd/conf/ Directory'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_var_log_httpd/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_var_log_httpd/rule.yml
-index dedc508f9..5f0e74c81 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_var_log_httpd/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_var_log_httpd/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Set Permissions on the /var/log/httpd/ Directory'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_d_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_d_files/rule.yml
-index d8631eb95..1fc8f7b4d 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_d_files/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_d_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Set Permissions on All Configuration Files Inside /etc/httpd/conf.d/'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_files/rule.yml
-index 5227203b8..e31765b0c 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_files/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Set Permissions on All Configuration Files Inside /etc/httpd/conf/'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_modules_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_modules_files/rule.yml
-index 1af8689b8..a0623cc71 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_modules_files/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_modules_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Set Permissions on All Configuration Files Inside /etc/httpd/conf.modules.d/'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml
-index e09f15a6b..8be87c58a 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'HTTPD Log Files Must Be Owned By Root'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_perl_securely/httpd_configure_perl_taint/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_perl_securely/httpd_configure_perl_taint/rule.yml
-index e04cdfd5b..827288f8f 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_configure_perl_securely/httpd_configure_perl_taint/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_perl_securely/httpd_configure_perl_taint/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Configure HTTP PERL Scripts To Use TAINT Option'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_anonymous_content_sharing/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_anonymous_content_sharing/rule.yml
-index 130a822f7..dd60cb4ac 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_anonymous_content_sharing/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_anonymous_content_sharing/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Web Content Directories Must Not Be Shared Anonymously'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_configure_script_permissions/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_configure_script_permissions/rule.yml
-index 28cab3652..226e53e49 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_configure_script_permissions/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_configure_script_permissions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Remove Write Permissions From Filesystem Paths And Server Scripts'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_disable_anonymous_ftp_access/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_disable_anonymous_ftp_access/rule.yml
-index 81f39f7be..49ce8bcd1 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_disable_anonymous_ftp_access/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_disable_anonymous_ftp_access/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Anonymous FTP Access'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_ignore_htaccess_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_ignore_htaccess_files/rule.yml
-index cb6e4ef56..813459fdf 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_ignore_htaccess_files/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_ignore_htaccess_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Ignore HTTPD .htaccess Files'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_limit_available_methods/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_limit_available_methods/rule.yml
-index fb02b8d46..93de1f84f 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_limit_available_methods/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_limit_available_methods/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Limit Available Methods'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_critical_directories/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_critical_directories/rule.yml
-index 2194e2685..496484d06 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_critical_directories/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_critical_directories/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Restrict Other Critical Directories'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_root_directory/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_root_directory/rule.yml
-index a02162aa3..87ec21b7b 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_root_directory/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_root_directory/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Restrict Root Directory'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_web_directory/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_web_directory/rule.yml
-index cb5e5231f..0f53af528 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_web_directory/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_web_directory/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Restrict Web Directory'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_disable_mime_types/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_disable_mime_types/rule.yml
-index ea7ab8bf6..89776d624 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_disable_mime_types/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_disable_mime_types/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'MIME types for csh or sh shell programs must be disabled'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_enable_error_logging/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_enable_error_logging/rule.yml
-index f324b60e8..bc49ebc18 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_enable_error_logging/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_enable_error_logging/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Enable HTTPD Error Logging'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_enable_loglevel/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_enable_loglevel/rule.yml
-index e8bb96b21..d3d67773c 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_enable_loglevel/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_enable_loglevel/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Enable HTTPD LogLevel'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_enable_system_logging/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_enable_system_logging/rule.yml
-index 33b9a33ed..2d953da28 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_enable_system_logging/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_enable_system_logging/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Enable HTTPD System Logging'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_entrust_passwords/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_entrust_passwords/rule.yml
-index fcf1c504e..b4d29e35f 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_entrust_passwords/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_entrust_passwords/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'The web server password(s) must be entrusted to the SA or Web Manager'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cache_support/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cache_support/rule.yml
-index 97b49e069..47d230736 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cache_support/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cache_support/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Cache Support'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cgi_support/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cgi_support/rule.yml
-index 20ec65bd1..34d59440b 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cgi_support/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cgi_support/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable CGI Support'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_digest_authentication/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_digest_authentication/rule.yml
-index 5bef09023..ac5afa64f 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_digest_authentication/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_digest_authentication/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable HTTP Digest Authentication'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_enable_log_config/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_enable_log_config/rule.yml
-index 250f3ba6c..6fbb59093 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_enable_log_config/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_enable_log_config/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Enable log_config_module For HTTPD Logging'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_ldap_support/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_ldap_support/rule.yml
-index 6afbb5034..e3e7380ad 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_ldap_support/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_ldap_support/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable LDAP Support'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mime_magic/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mime_magic/rule.yml
-index a49a797d9..31d622a1c 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mime_magic/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mime_magic/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable MIME Magic'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mod_rewrite/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mod_rewrite/rule.yml
-index e72cd1b13..35f2881e6 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mod_rewrite/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mod_rewrite/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable HTTP mod_rewrite'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_proxy_support/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_proxy_support/rule.yml
-index 49ddb85ae..013c1e904 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_proxy_support/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_proxy_support/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Proxy Support'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_activity_status/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_activity_status/rule.yml
-index 59b00d06d..d5ed46a41 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_activity_status/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_activity_status/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Server Activity Status'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_configuration_display/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_configuration_display/rule.yml
-index 3b7a1c74e..433352308 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_configuration_display/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_configuration_display/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Web Server Configuration Display'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_side_includes/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_side_includes/rule.yml
-index 119cfb6a2..cf8848f97 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_side_includes/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_side_includes/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Server Side Includes'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_url_correction/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_url_correction/rule.yml
-index b11038c34..875c149a4 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_url_correction/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_url_correction/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable URL Correction on Misspelled Entries'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_webdav/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_webdav/rule.yml
-index 0dbde818c..b0ea54cab 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_webdav/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_webdav/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable WebDAV (Distributed Authoring and Versioning)'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_security/httpd_install_mod_security/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_security/httpd_install_mod_security/rule.yml
-index 8389ba24a..a1e675f5a 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_security/httpd_install_mod_security/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_security/httpd_install_mod_security/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Install mod_security'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_tls/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_tls/rule.yml
-index 4fcb67426..e1802d1e4 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_tls/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_tls/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Enable Transport Layer Security (TLS) Encryption'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_valid_server_cert/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_valid_server_cert/rule.yml
-index 2fbe3e264..451af3fc6 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_valid_server_cert/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_valid_server_cert/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Configure A Valid Server Certificate'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_install_mod_ssl/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_install_mod_ssl/rule.yml
-index f845c3e93..46eb5cf8f 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_install_mod_ssl/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_install_mod_ssl/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Install mod_ssl'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_require_client_certs/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_require_client_certs/rule.yml
-index 084292515..113b317de 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_require_client_certs/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_require_client_certs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Require Client Certificates'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_nipr_accredited_dmz/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_nipr_accredited_dmz/rule.yml
-index 65c10b743..ee0f8eda0 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_nipr_accredited_dmz/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_nipr_accredited_dmz/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'A public web server, if hosted on the NIPRNet, must be isolated in an accredited DoD DMZ extension'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_no_compilers_in_prod/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_no_compilers_in_prod/rule.yml
-index c0a8e19c5..d75e3f3f5 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_no_compilers_in_prod/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_no_compilers_in_prod/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Installation of a compiler on production web server is prohibited'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_private_server_on_separate_subnet/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_private_server_on_separate_subnet/rule.yml
-index 177fc6b1b..7515622f0 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_private_server_on_separate_subnet/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_private_server_on_separate_subnet/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'A private web server must be located on a separate controlled access subnet'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_public_resources_not_shared/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_public_resources_not_shared/rule.yml
-index 7b93fe2d0..ca9dbde38 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_public_resources_not_shared/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_public_resources_not_shared/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Public web server resources must not be shared with private assets'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_remove_backups/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_remove_backups/rule.yml
-index c26a075a9..792943451 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_remove_backups/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_remove_backups/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Backup interactive scripts on the production web server are prohibited'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_serversignature_off/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_serversignature_off/rule.yml
-index 433ce96d0..56729d6b3 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_serversignature_off/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_serversignature_off/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Set httpd ServerSignature Directive to Off'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_servertokens_prod/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_servertokens_prod/rule.yml
-index af49aaebc..9aa5d9a26 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_servertokens_prod/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_servertokens_prod/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Set httpd ServerTokens Directive to Prod'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_banner_page/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_banner_page/rule.yml
-index f885d2ce0..d573f4428 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_banner_page/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_banner_page/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Configure A Banner Page For Each Website'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_documentroot/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_documentroot/rule.yml
-index b3a76b83b..de57edf1a 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_documentroot/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_documentroot/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Each Web Content Directory Must Contain An index.html File'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_disable_content_symlinks/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_disable_content_symlinks/rule.yml
-index ea3b87ed1..f75f96121 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_disable_content_symlinks/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_disable_content_symlinks/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Web Content Symbolic Links'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_encrypt_file_uploads/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_encrypt_file_uploads/rule.yml
-index f84d6d5c2..0773ee070 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_encrypt_file_uploads/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_encrypt_file_uploads/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Encrypt All File Uploads'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_limit_java_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_limit_java_files/rule.yml
-index 4e5193793..62902b85b 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_limit_java_files/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_limit_java_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Remove .java And .jpp Files'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_remove_robots_file/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_remove_robots_file/rule.yml
-index cc7c33d1d..e585f723d 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_remove_robots_file/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_remove_robots_file/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'The robots.txt Files Must Not Exist'
- 
-diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/partition_for_web_content/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/partition_for_web_content/rule.yml
-index 6d7e27f43..bd29cf0ba 100644
---- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/partition_for_web_content/rule.yml
-+++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/partition_for_web_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Ensure Web Content Located on Separate partition'
- 
-diff --git a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_cert/rule.yml b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_cert/rule.yml
-index 9029d1aa5..d4ae26520 100644
---- a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_cert/rule.yml
-+++ b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_cert/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Configure Dovecot to Use the SSL Certificate file'
- 
-diff --git a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_key/rule.yml b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_key/rule.yml
-index 91009af0b..50d730e9b 100644
---- a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_key/rule.yml
-+++ b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_key/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Configure Dovecot to Use the SSL Key file'
- 
-diff --git a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_disable_plaintext_auth/rule.yml b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_disable_plaintext_auth/rule.yml
-index cd829dd80..cfedf22c6 100644
---- a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_disable_plaintext_auth/rule.yml
-+++ b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_disable_plaintext_auth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Plaintext Authentication'
- 
-diff --git a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_enable_ssl/rule.yml b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_enable_ssl/rule.yml
-index d88e1120b..5744fe457 100644
---- a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_enable_ssl/rule.yml
-+++ b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_enable_ssl/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Enable the SSL flag in /etc/dovecot.conf'
- 
-diff --git a/linux_os/guide/services/imap/disabling_cyrus-imapd/package_cyrus-imapd_removed/rule.yml b/linux_os/guide/services/imap/disabling_cyrus-imapd/package_cyrus-imapd_removed/rule.yml
-index 9d039807d..1ee966ca3 100644
---- a/linux_os/guide/services/imap/disabling_cyrus-imapd/package_cyrus-imapd_removed/rule.yml
-+++ b/linux_os/guide/services/imap/disabling_cyrus-imapd/package_cyrus-imapd_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: fedora,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall cyrus-imapd Package'
- 
-diff --git a/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml b/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml
-index 87b82fee6..83729c9e4 100644
---- a/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml
-+++ b/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall dovecot Package'
- 
-diff --git a/linux_os/guide/services/imap/disabling_dovecot/service_dovecot_disabled/rule.yml b/linux_os/guide/services/imap/disabling_dovecot/service_dovecot_disabled/rule.yml
-index 5968c1a2f..6918a9e23 100644
---- a/linux_os/guide/services/imap/disabling_dovecot/service_dovecot_disabled/rule.yml
-+++ b/linux_os/guide/services/imap/disabling_dovecot/service_dovecot_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: alinux3,anolis23,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disable Dovecot Service'
- 
 diff --git a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
-index 87375c0d9..6d49d9ec8 100644
+index 13751ebbd..49e09ac22 100644
 --- a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
 +++ b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
-@@ -2,7 +2,7 @@ documentation_complete: true
- 
- # new major OS versions will most likely not be applicable because of the
- # kerberos version higher than 1.17-18
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable Kerberos by removing host keytab'
- 
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      ospp: FTP_ITC_EXT.1
      srg: SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010161
 -    stigid@rhel8: RHEL-08-010161
 +    stigid@almalinux8: RHEL-08-010161
+     stigid@rhel9: RHEL-09-611205
  
  platforms:
-     - krb5_server_older_than_1_17-18 and krb5_workstation_older_than_1_17-18
 diff --git a/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml b/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml
-index 88a8417bc..ad70f3e7c 100644
+index 36dc8de85..e64652a1b 100644
 --- a/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml
 +++ b/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml
-@@ -2,7 +2,7 @@ documentation_complete: true
- 
- # new major OS versions will most likely not be applicable because of the
- # kerberos version higher than 1.17-18
--prodtype: ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Remove the Kerberos Server Package'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      nist: IA-7,IA-7.1
      srg: SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010163
@@ -1997,30 +276,6 @@ index 88a8417bc..ad70f3e7c 100644
  
  platforms:
      - krb5_server_older_than_1_17-18
-diff --git a/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml b/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml
-index a4bd1fc3c..727dc22a3 100644
---- a/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml
-+++ b/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
-   
--prodtype: rhcos4,rhel7,rhel8,rhel9
-+prodtype: rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Uninstall 389-ds-base Package'
- 
-diff --git a/linux_os/guide/services/ldap/openldap_client/enable_ldap_client/rule.yml b/linux_os/guide/services/ldap/openldap_client/enable_ldap_client/rule.yml
-index 3683bb50d..6a9628612 100644
---- a/linux_os/guide/services/ldap/openldap_client/enable_ldap_client/rule.yml
-+++ b/linux_os/guide/services/ldap/openldap_client/enable_ldap_client/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Enable the LDAP Client For Use in Authconfig'
- 
 diff --git a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh
 index 646e63f4b..cb346ebf4 100644
 --- a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh
@@ -2031,93 +286,11 @@ index 646e63f4b..cb346ebf4 100644
  
  
  # Use LDAP for authentication
-diff --git a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/rule.yml b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/rule.yml
-index 9092dccbd..838330b0f 100644
---- a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/rule.yml
-+++ b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Configure LDAP Client to Use TLS For All Transactions'
- 
-diff --git a/linux_os/guide/services/ldap/openldap_client/ldap_client_tls_cacertpath/rule.yml b/linux_os/guide/services/ldap/openldap_client/ldap_client_tls_cacertpath/rule.yml
-index e05e43a9f..9ea470b87 100644
---- a/linux_os/guide/services/ldap/openldap_client/ldap_client_tls_cacertpath/rule.yml
-+++ b/linux_os/guide/services/ldap/openldap_client/ldap_client_tls_cacertpath/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Configure Certificate Directives for LDAP Use of TLS'
- 
-diff --git a/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml b/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml
-index 2ec31a290..309750ccc 100644
---- a/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml
-+++ b/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml
-@@ -8,7 +8,7 @@
- 
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Ensure LDAP client is not installed'
- 
-diff --git a/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml b/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml
-index bf75fffce..cac047f38 100644
---- a/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml
-+++ b/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml
-@@ -11,7 +11,7 @@
- 
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall openldap-servers Package'
- 
-diff --git a/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml b/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml
-index c94722d9e..287338250 100644
---- a/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml
-+++ b/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,rhel8,rhel9
-+prodtype: alinux2,alinux3,anolis23,anolis8,rhel8,almalinux8,rhel9
- 
- title: 'Disable LDAP Server (slapd)'
- 
-diff --git a/linux_os/guide/services/mail/has_nonlocal_mta/rule.yml b/linux_os/guide/services/mail/has_nonlocal_mta/rule.yml
-index 565693471..1c9917262 100644
---- a/linux_os/guide/services/mail/has_nonlocal_mta/rule.yml
-+++ b/linux_os/guide/services/mail/has_nonlocal_mta/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Ensure Mail Transfer Agent is not Listening on any non-loopback Address'
- 
 diff --git a/linux_os/guide/services/mail/package_mailx_installed/rule.yml b/linux_os/guide/services/mail/package_mailx_installed/rule.yml
-index fcdc7f07b..398e475b2 100644
+index ebbfcfc12..2ed44e12a 100644
 --- a/linux_os/guide/services/mail/package_mailx_installed/rule.yml
 +++ b/linux_os/guide/services/mail/package_mailx_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
- 
- title: 'The mailx Package Is Installed'
- 
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      stigid@ol7: OL07-00-020028
      stigid@ol8: OL08-00-010358
      stigid@rhel7: RHEL-07-020028
@@ -2140,48 +313,40 @@ index a2b8325d2..1b7a24e1f 100644
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
-index 3674a8609..13f1c6ec4 100644
+index 77344dee5..39201604d 100644
 --- a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
 +++ b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Uninstall Sendmail Package'
- 
-@@ -35,7 +35,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040002
 -    stigid@rhel8: RHEL-08-040002
 +    stigid@almalinux8: RHEL-08-040002
+     stigid@rhel9: RHEL-09-215020
  
  {{{ complete_ocil_entry_package(package="sendmail") }}}
- 
 diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
-index cf67161e3..9ac592066 100644
+index 3a86771d6..bacfaa7d0 100644
 --- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
 +++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_debian
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
-index a6bc6cb16..746f87283 100644
+index 743d47775..54354e10c 100644
 --- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
 +++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_debian
  
  {{{ bash_instantiate_variables("var_postfix_root_mail_alias") }}}
  
 diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml
-index 1f8ff5831..09393bc47 100644
+index d81aa3e41..f027ffa73 100644
 --- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml
 +++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml
 @@ -29,7 +29,7 @@ references:
@@ -2190,9 +355,9 @@ index 1f8ff5831..09393bc47 100644
      stigid@ol8: OL08-00-030030
 -    stigid@rhel8: RHEL-08-030030
 +    stigid@almalinux8: RHEL-08-030030
+     stigid@rhel9: RHEL-09-252060
  
  ocil_clause: 'the alias is not set or is not root'
- 
 diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml
 index c5e7ae18c..1ab2a0a40 100644
 --- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml
@@ -2213,342 +378,58 @@ index befe1acf3..e36b1fd3e 100644
  
  {{{ bash_instantiate_variables("var_postfix_inet_interfaces") }}}
  
-diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml
-index 6366a2d1a..3f5c8b483 100644
---- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml
-+++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Postfix Network Listening'
- 
-diff --git a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_banner/rule.yml b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_banner/rule.yml
-index e169429a7..d9f0688b9 100644
---- a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_banner/rule.yml
-+++ b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_banner/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Configure SMTP Greeting Banner'
- 
 diff --git a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
-index 379999e33..f6820af4f 100644
+index 4f38c42c8..b76e0f884 100644
 --- a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
 +++ b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Prevent Unrestricted Mail Relaying'
- 
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      stigid@ol7: OL07-00-040680
      stigid@ol8: OL08-00-040290
      stigid@rhel7: RHEL-07-040680
 -    stigid@rhel8: RHEL-08-040290
 +    stigid@almalinux8: RHEL-08-040290
+     stigid@rhel9: RHEL-09-252050
  
  ocil_clause: 'the "smtpd_client_restrictions" parameter contains any entries other than "permit_mynetworks" and "reject"'
- 
-diff --git a/linux_os/guide/services/mail/service_postfix_enabled/rule.yml b/linux_os/guide/services/mail/service_postfix_enabled/rule.yml
-index 40e23a91d..714b90457 100644
---- a/linux_os/guide/services/mail/service_postfix_enabled/rule.yml
-+++ b/linux_os/guide/services/mail/service_postfix_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enable Postfix Service'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/package_rpcbind_removed/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/package_rpcbind_removed/rule.yml
-index 1fc438cc4..753aa25b0 100644
---- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/package_rpcbind_removed/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/package_rpcbind_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall rpcbind Package'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_nfslock_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_nfslock_disabled/rule.yml
-index 2524bf798..e398c3121 100644
---- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_nfslock_disabled/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_nfslock_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Disable Network File System Lock Service (nfslock)'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml
-index a85028384..bbf0b2741 100644
---- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disable rpcbind Service'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcgssd_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcgssd_disabled/rule.yml
-index 965d781c1..3119d78b3 100644
---- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcgssd_disabled/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcgssd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Disable Secure RPC Client Service (rpcgssd)'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcidmapd_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcidmapd_disabled/rule.yml
-index 9dded9361..672b5bdfe 100644
---- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcidmapd_disabled/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcidmapd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Disable RPC ID Mapping Service (rpcidmapd)'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_tcp_port/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_tcp_port/rule.yml
-index 322d59243..c93b5d147 100644
---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_tcp_port/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_tcp_port/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Configure lockd to use static TCP port'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_udp_port/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_udp_port/rule.yml
-index ca67db926..a1aaad355 100644
---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_udp_port/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_udp_port/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Configure lockd to use static UDP port'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_mountd_port/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_mountd_port/rule.yml
-index 7d8839f55..563cd0791 100644
---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_mountd_port/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_mountd_port/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Configure mountd to use static port'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_statd_port/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_statd_port/rule.yml
-index adcc2e18e..c9a2bc064 100644
---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_statd_port/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_statd_port/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Configure statd to use static port'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/nfs_no_anonymous/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/nfs_no_anonymous/rule.yml
-index 73a0d70b6..36a53e464 100644
---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/nfs_no_anonymous/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/nfs_no_anonymous/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Specify UID and GID for Anonymous NFS Connections'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml
-index 083e7b30e..934468386 100644
---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disable Network File System (nfs)'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_rpcsvcgssd_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_rpcsvcgssd_disabled/rule.yml
-index c7d1c7a2b..b61ccdfdd 100644
---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_rpcsvcgssd_disabled/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_rpcsvcgssd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Disable Secure RPC Server Service (rpcsvcgssd)'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml
-index a48edf779..045343f82 100644
---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Mount Remote Filesystems with Kerberos Security'
- 
 diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
-index 6911a7163..7b6f02703 100644
+index 0b3c6a1a1..0891eef6f 100644
 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
 +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Mount Remote Filesystems with nodev'
- 
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010640
 -    stigid@rhel8: RHEL-08-010640
 +    stigid@almalinux8: RHEL-08-010640
+     stigid@rhel9: RHEL-09-231065
  
  ocil_clause: 'the setting does not show'
- 
 diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
-index 95c902246..e16d08d88 100644
+index c8da85560..c93e7f926 100644
 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
 +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Mount Remote Filesystems with noexec'
- 
-@@ -34,7 +34,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      stigid@ol7: OL07-00-021021
      stigid@ol8: OL08-00-010630
      stigid@rhel7: RHEL-07-021021
 -    stigid@rhel8: RHEL-08-010630
 +    stigid@almalinux8: RHEL-08-010630
+     stigid@rhel9: RHEL-09-231070
      stigid@sle12: SLES-12-010820
      stigid@sle15: SLES-15-040170
- 
 diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
-index c2805a5cd..97ab97ff9 100644
+index 96ef1d137..b82157d88 100644
 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
 +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Mount Remote Filesystems with nosuid'
- 
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      stigid@ol7: OL07-00-021020
      stigid@ol8: OL08-00-010650
      stigid@rhel7: RHEL-07-021020
 -    stigid@rhel8: RHEL-08-010650
 +    stigid@almalinux8: RHEL-08-010650
+     stigid@rhel9: RHEL-09-231075
      stigid@sle12: SLES-12-010810
      stigid@sle15: SLES-15-040160
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/no_insecure_locks_exports/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/no_insecure_locks_exports/rule.yml
-index daaf44ae3..548c4d838 100644
---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/no_insecure_locks_exports/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/no_insecure_locks_exports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Ensure Insecure File Locking is Not Allowed'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/restrict_nfs_clients_to_privileged_ports/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/restrict_nfs_clients_to_privileged_ports/rule.yml
-index 0978d54c4..001457052 100644
---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/restrict_nfs_clients_to_privileged_ports/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/restrict_nfs_clients_to_privileged_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Restrict NFS Clients to Privileged Ports'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml
-index b666538f2..579cae284 100644
---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Use Kerberos Security on All Exports'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_root_squashing_all_exports/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_root_squashing_all_exports/rule.yml
-index c5983cbe8..0f39d0ff8 100644
---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_root_squashing_all_exports/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_root_squashing_all_exports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Use Root-Squashing on All Exports'
- 
-diff --git a/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml b/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml
-index 3de7c8db0..95b36f0a6 100644
---- a/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml
-+++ b/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Uninstall nfs-utils Package'
- 
 diff --git a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh
 index 524cdc7d0..2678708d2 100644
 --- a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh
@@ -2571,26 +452,18 @@ index c435df983..b80ffbf7b 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
-index 0e9ab7fe9..dd3b6f4ce 100644
+index 87f4bbadd..2da6b80af 100644
 --- a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
 +++ b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Disable chrony daemon from acting as server'
- 
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-030741
 -    stigid@rhel8: RHEL-08-030741
 +    stigid@almalinux8: RHEL-08-030741
+     stigid@rhel9: RHEL-09-252025
  
  ocil_clause: 'the "port" option is not set to "0", is commented out, or is missing'
- 
 diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh
 index 25b768688..a1e46bc12 100644
 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh
@@ -2613,26 +486,18 @@ index c435df983..b80ffbf7b 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
-index 782106734..2e304b52e 100644
+index 7384d0e0e..108ab2c7f 100644
 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
 +++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Disable network management of chrony daemon'
- 
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-030742
 -    stigid@rhel8: RHEL-08-030742
 +    stigid@almalinux8: RHEL-08-030742
+     stigid@rhel9: RHEL-09-252030
  
  ocil_clause: 'the "cmdport" option is not set to "0", is commented out, or is missing'
- 
 diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml
 index c435df983..b80ffbf7b 100644
 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml
@@ -2645,26 +510,18 @@ index c435df983..b80ffbf7b 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
-index b7bef7d30..7e0139491 100644
+index 03acce756..51cdc3fbe 100644
 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
 +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Configure Time Service Maxpoll Interval'
- 
-@@ -95,7 +95,7 @@ references:
+@@ -94,7 +94,7 @@ references:
      stigid@ol7: OL07-00-040500
      stigid@ol8: OL08-00-030740
      stigid@rhel7: RHEL-07-040500
 -    stigid@rhel8: RHEL-08-030740
 +    stigid@almalinux8: RHEL-08-030740
+     stigid@rhel9: RHEL-09-252020
      stigid@sle12: SLES-12-030300
      stigid@sle15: SLES-15-010400
-     stigid@ubuntu2004: UBTU-20-010435
 diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh
 index 6b76902a1..3925ca7b9 100644
 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh
@@ -2686,18 +543,6 @@ index c435df983..b80ffbf7b 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml
-index f6a0da73f..df056993c 100644
---- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml
-+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
- 
- title: 'Specify Additional Remote NTP Servers'
- 
 diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh
 index 6bf4f9aae..fea88a083 100644
 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh
@@ -2719,18 +564,6 @@ index c435df983..b80ffbf7b 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml
-index c74221c05..bea6b54d6 100644
---- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml
-+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4
-+prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Specify a Remote NTP Server'
- 
 diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml
 index 63880e804..076146db2 100644
 --- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml
@@ -2773,15 +606,10 @@ index e1d712f25..325ed08c1 100644
  {{%- endif %}}
  
 diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml
-index a1f8c234b..3c2f71739 100644
+index f6c62f1e6..e1127ab4c 100644
 --- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml
 +++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml
-@@ -1,11 +1,11 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
+@@ -4,7 +4,7 @@ documentation_complete: true
  title: 'Ensure that chronyd is running under chrony user account'
  
  {{%- set ok_by_default = false %}}
@@ -2857,7 +685,7 @@ index 69908e41f..0c506bca3 100644
  
  
 diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml
-index 0b386f6bc..20ec745c8 100644
+index 556495bcc..5eb0649f8 100644
 --- a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml
 +++ b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml
 @@ -23,7 +23,7 @@ references:
@@ -2866,9 +694,9 @@ index 0b386f6bc..20ec745c8 100644
      stigid@ol8: OL08-00-030740
 -    stigid@rhel8: RHEL-08-030740
 +    stigid@almalinux8: RHEL-08-030740
+     stigid@rhel9: RHEL-09-252020
  
  ocil_clause: 'an authoritative remote time server is not configured or configured with pool directive'
- 
 diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh
 index b2427c1d5..2d62ca68b 100644
 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh
@@ -3040,125 +868,19 @@ index f8a77aeee..33166cac2 100644
  # reboot = false
  # strategy = enable
  # complexity = low
-diff --git a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml
-index 8b7f66876..e756f45f5 100644
---- a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml
-+++ b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15
-+prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
- 
- title: 'Enable the NTP Daemon'
- 
-diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml
-index 4bef92d96..b388bd537 100644
---- a/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml
-+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall xinetd Package'
- 
-diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml
-index 06ffe16cb..95d2c87ec 100644
---- a/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml
-+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml
-@@ -1,7 +1,7 @@
- documentation_complete: true
- 
- # package is unlikely to appear on a RHEL9 system, don't extend to RHEL10
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Disable xinetd Service'
- 
-diff --git a/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml
-index c5f90c495..cad45cb27 100644
---- a/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml
-+++ b/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Remove NIS Client'
- 
-diff --git a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml
-index b057fc5a8..9a498570a 100644
---- a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml
-+++ b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Uninstall ypserv Package'
- 
-diff --git a/linux_os/guide/services/obsolete/nis/service_ypbind_disabled/rule.yml b/linux_os/guide/services/obsolete/nis/service_ypbind_disabled/rule.yml
-index ce41faf92..b2a4c7c4c 100644
---- a/linux_os/guide/services/obsolete/nis/service_ypbind_disabled/rule.yml
-+++ b/linux_os/guide/services/obsolete/nis/service_ypbind_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Disable ypbind Service'
- 
-diff --git a/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml b/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml
-index b302496d1..232671690 100644
---- a/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml
-+++ b/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,rhel8,rhel9
-+prodtype: alinux2,alinux3,anolis23,anolis8,rhel8,almalinux8,rhel9
- 
- title: 'Disable ypserv Service'
- 
-diff --git a/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml b/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml
-index b7beb612c..2236ac031 100644
---- a/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml
-+++ b/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml
-@@ -6,7 +6,7 @@
- 
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall rsync Package'
- 
 diff --git a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
-index 7ba8c1008..03df9fc97 100644
+index ec023c163..6a9998c70 100644
 --- a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
 +++ b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Remove Host-Based Authentication Files'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      stigid@ol7: OL07-00-040550
      stigid@ol8: OL08-00-010460
      stigid@rhel7: RHEL-07-040550
 -    stigid@rhel8: RHEL-08-010460
 +    stigid@almalinux8: RHEL-08-010460
+     stigid@rhel9: RHEL-09-252070
      stigid@sle12: SLES-12-010410
      stigid@sle15: SLES-15-040030
- 
 diff --git a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml
 index 9c6fc297c..7db8e8320 100644
 --- a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml
@@ -3180,234 +902,110 @@ index e64838b15..baaa07631 100644
  find /root -xdev -type f -name ".rhosts" -exec rm -f {} \;
  find /home -maxdepth 2 -xdev -type f -name ".rhosts" -exec rm -f {} \;
 diff --git a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
-index 8eb7f2db5..8ad951a1a 100644
+index 15af7c169..a1997bbae 100644
 --- a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
 +++ b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Remove User Host-Based Authentication Files'
- 
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      stigid@ol7: OL07-00-040540
      stigid@ol8: OL08-00-010470
      stigid@rhel7: RHEL-07-040540
 -    stigid@rhel8: RHEL-08-010470
 +    stigid@almalinux8: RHEL-08-010470
+     stigid@rhel9: RHEL-09-252075
      stigid@sle12: SLES-12-010400
      stigid@sle15: SLES-15-040020
- 
 diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
-index ccfe39dee..60b881114 100644
+index 9d2888a1b..46baea6a4 100644
 --- a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall rsh-server Package'
- 
 @@ -39,7 +39,7 @@ references:
      stigid@ol7: OL07-00-020000
      stigid@ol8: OL08-00-040010
      stigid@rhel7: RHEL-07-020000
 -    stigid@rhel8: RHEL-08-040010
 +    stigid@almalinux8: RHEL-08-040010
+     stigid@rhel9: RHEL-09-215035
      stigid@ubuntu2004: UBTU-20-010406
  
- {{{ complete_ocil_entry_package(package="rsh-server") }}}
+@@ -50,7 +50,7 @@ template:
+     vars:
+         pkgname: rsh-server
+ 
+-{{% if product in ["rhel8", "rhel9"] %}}
++{{% if product in ["rhel8", "almalinux8", "rhel9"] %}}
+ warnings:
+     - general:
+         The package is not available in {{{ full_name }}}.
 diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
-index 45e79f6de..18a1e2cc2 100644
+index fa615a76d..b1687e9d9 100644
 --- a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall rsh Package'
- 
-diff --git a/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml b/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml
-index 8b94664dc..69b3cc377 100644
---- a/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml
-+++ b/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15
- 
- title: 'Disable rexec Service'
- 
-diff --git a/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml b/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml
-index 1b5db8e51..2fbbb79a5 100644
---- a/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml
-+++ b/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml
-@@ -1,7 +1,7 @@
- documentation_complete: true
- 
- # potentially obsolete, rsh-server is not available in RHEL9
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Disable rlogin Service'
- 
-diff --git a/linux_os/guide/services/obsolete/r_services/service_rsh_disabled/rule.yml b/linux_os/guide/services/obsolete/r_services/service_rsh_disabled/rule.yml
-index fa3fbd472..0af455948 100644
---- a/linux_os/guide/services/obsolete/r_services/service_rsh_disabled/rule.yml
-+++ b/linux_os/guide/services/obsolete/r_services/service_rsh_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: alinux2,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Disable rsh Service'
- 
-diff --git a/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml b/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml
-index 976fdaaec..01c2f61b2 100644
---- a/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml
-+++ b/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure rsyncd service is disabled'
+@@ -58,7 +58,7 @@ template:
+         pkgname@ubuntu2004: rsh-client
+         pkgname@ubuntu2204: rsh-client
  
+-{{% if product in ["rhel8", "rhel9"] %}}
++{{% if product in ["rhel8", "almalinux8", "rhel9"] %}}
+ warnings:
+     - general:
+         The package is not available in {{{ full_name }}}.
 diff --git a/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml
-index 0331db92e..1cbe94b4c 100644
+index 2b6b3a9c9..11f9b5a34 100644
 --- a/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Uninstall talk-server Package'
+@@ -32,7 +32,7 @@ template:
+     vars:
+         pkgname: talk-server
  
+-{{% if product in ["rhel8", "rhel9"] %}}
++{{% if product in ["rhel8", "almalinux8", "rhel9"] %}}
+ warnings:
+     - general:
+         The package is not available in {{{ full_name }}}.
 diff --git a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
-index 14317060b..8d9b49ceb 100644
+index fd15f0f82..f79aedf92 100644
 --- a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall talk Package'
+@@ -40,7 +40,7 @@ template:
+     vars:
+         pkgname: talk
  
+-{{% if product in ["rhel8", "rhel9"] %}}
++{{% if product in ["rhel8", "almalinux8", "rhel9"] %}}
+ warnings:
+     - general:
+         The package is not available in {{{ full_name }}}.
 diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
-index 080785dd8..5bc855e65 100644
+index 9a4aae595..0f5b2853c 100644
 --- a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Uninstall telnet-server Package'
- 
-@@ -54,7 +54,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-021710
      stigid@ol8: OL08-00-040000
      stigid@rhel7: RHEL-07-021710
 -    stigid@rhel8: RHEL-08-040000
 +    stigid@almalinux8: RHEL-08-040000
+     stigid@rhel9: RHEL-09-215040
      stigid@sle12: SLES-12-030000
      stigid@sle15: SLES-15-010180
- 
-diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml
-index 2571d5072..83c855863 100644
---- a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml
-+++ b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Remove telnet Clients'
- 
-diff --git a/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml b/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml
-index a38c0cc48..1205b52bb 100644
---- a/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml
-+++ b/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Disable telnet Service'
- 
 diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
-index 9268c850c..a1c0b26ee 100644
+index 10bea8cdb..48157c113 100644
 --- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Uninstall tftp-server Package'
- 
-@@ -41,7 +41,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-040700
      stigid@ol8: OL08-00-040190
      stigid@rhel7: RHEL-07-040700
 -    stigid@rhel8: RHEL-08-040190
 +    stigid@almalinux8: RHEL-08-040190
+     stigid@rhel9: RHEL-09-215060
  
  {{{ complete_ocil_entry_package(package="tftp-server") }}}
- 
-diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml
-index 35e0a2f93..adecc4f84 100644
---- a/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml
-+++ b/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Remove tftp Daemon'
- 
-diff --git a/linux_os/guide/services/obsolete/tftp/service_tftp_disabled/rule.yml b/linux_os/guide/services/obsolete/tftp/service_tftp_disabled/rule.yml
-index 56889e4a6..136a095f0 100644
---- a/linux_os/guide/services/obsolete/tftp/service_tftp_disabled/rule.yml
-+++ b/linux_os/guide/services/obsolete/tftp/service_tftp_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,rhel7,rhel8,sle15
-+prodtype: alinux2,rhel7,rhel8,almalinux8,sle15
- 
- title: 'Disable tftp Service'
- 
 diff --git a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
-index 9dd7a8bdd..c04aa9bb5 100644
+index 10ca18526..f1d31a4f2 100644
 --- a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
 +++ b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
-@@ -1,13 +1,13 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Ensure tftp Daemon Uses Secure Mode'
- 
+@@ -6,7 +6,7 @@ title: 'Ensure tftp Daemon Uses Secure Mode'
  description: |-
      If running the Trivial File Transfer Protocol (TFTP) service is necessary,
      it should be configured to change its root directory at startup. To do so,
@@ -3416,12 +1014,13 @@ index 9dd7a8bdd..c04aa9bb5 100644
      ensure <tt>/etc/xinetd.d/tftp</tt> includes <tt>-s</tt> as a command line argument,
      as shown in the following example:
      <pre>server_args = -s {{{ xccdf_value("var_tftpd_secure_directory") }}}</pre>
-@@ -47,10 +47,10 @@ references:
+@@ -46,11 +46,11 @@ references:
      stigid@ol7: OL07-00-040720
      stigid@ol8: OL08-00-040350
      stigid@rhel7: RHEL-07-040720
 -    stigid@rhel8: RHEL-08-040350
 +    stigid@almalinux8: RHEL-08-040350
+     stigid@rhel9: RHEL-09-252055
  
  ocil_clause: |-
 -{{%- if product in ["rhel7","ol7","rhel8","ol8","rhv4"] %}}
@@ -3456,150 +1055,19 @@ index 9dd7a8bdd..c04aa9bb5 100644
      Configure the TFTP daemon to operate in secure mode by adding the following line to "/etc/xinetd.d/tftp" (or modify the line to have the required value):
  
      server_args = -s {{{ xccdf_value("var_tftpd_secure_directory") }}}
-diff --git a/linux_os/guide/services/printing/configure_printing/cups_disable_browsing/rule.yml b/linux_os/guide/services/printing/configure_printing/cups_disable_browsing/rule.yml
-index 07e050686..99d2c0082 100644
---- a/linux_os/guide/services/printing/configure_printing/cups_disable_browsing/rule.yml
-+++ b/linux_os/guide/services/printing/configure_printing/cups_disable_browsing/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Printer Browsing Entirely if Possible'
- 
-diff --git a/linux_os/guide/services/printing/configure_printing/cups_disable_printserver/rule.yml b/linux_os/guide/services/printing/configure_printing/cups_disable_printserver/rule.yml
-index 0455776f4..e37dae841 100644
---- a/linux_os/guide/services/printing/configure_printing/cups_disable_printserver/rule.yml
-+++ b/linux_os/guide/services/printing/configure_printing/cups_disable_printserver/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Print Server Capabilities'
- 
-diff --git a/linux_os/guide/services/printing/package_cups_removed/rule.yml b/linux_os/guide/services/printing/package_cups_removed/rule.yml
-index df44086ff..505489ac1 100644
---- a/linux_os/guide/services/printing/package_cups_removed/rule.yml
-+++ b/linux_os/guide/services/printing/package_cups_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall CUPS Package'
- 
-diff --git a/linux_os/guide/services/printing/service_cups_disabled/rule.yml b/linux_os/guide/services/printing/service_cups_disabled/rule.yml
-index a32b94c36..0078426f4 100644
---- a/linux_os/guide/services/printing/service_cups_disabled/rule.yml
-+++ b/linux_os/guide/services/printing/service_cups_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,anolis23,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable the CUPS Service'
- 
-diff --git a/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml b/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml
-index c2cc9410c..5f594bb49 100644
---- a/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml
-+++ b/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall squid Package'
- 
-diff --git a/linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml b/linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml
-index 2ca96be83..0efd63467 100644
---- a/linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml
-+++ b/linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disable Squid'
- 
-diff --git a/linux_os/guide/services/radius/package_freeradius_removed/rule.yml b/linux_os/guide/services/radius/package_freeradius_removed/rule.yml
-index 7c01c09b4..89f28d22e 100644
---- a/linux_os/guide/services/radius/package_freeradius_removed/rule.yml
-+++ b/linux_os/guide/services/radius/package_freeradius_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Remove the FreeRadius Server Package'
- 
 diff --git a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
-index 4e39496fc..d5f95bc94 100644
+index 2764446e3..fb9670d0b 100644
 --- a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
 +++ b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Enable the Hardware RNG Entropy Gatherer Service'
- 
-diff --git a/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml b/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml
-index 40f9fa887..0fb36eb1e 100644
---- a/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml
-+++ b/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Uninstall quagga Package'
- 
-diff --git a/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml b/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml
-index 15d2f4400..36bd768fd 100644
---- a/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml
-+++ b/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15
- 
- title: 'Disable Quagga Service'
- 
-diff --git a/linux_os/guide/services/smb/configuring_samba/mount_option_smb_client_signing/rule.yml b/linux_os/guide/services/smb/configuring_samba/mount_option_smb_client_signing/rule.yml
-index da59b70a6..c2835fbaa 100644
---- a/linux_os/guide/services/smb/configuring_samba/mount_option_smb_client_signing/rule.yml
-+++ b/linux_os/guide/services/smb/configuring_samba/mount_option_smb_client_signing/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Require Client SMB Packet Signing, if using mount.cifs'
- 
-diff --git a/linux_os/guide/services/smb/configuring_samba/package_samba-common_installed/rule.yml b/linux_os/guide/services/smb/configuring_samba/package_samba-common_installed/rule.yml
-index 1f7d56c19..4e5fb5081 100644
---- a/linux_os/guide/services/smb/configuring_samba/package_samba-common_installed/rule.yml
-+++ b/linux_os/guide/services/smb/configuring_samba/package_samba-common_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Install the Samba Common Package'
+@@ -23,7 +23,7 @@ references:
+     ospp: FCS_RBG_EXT.1
+     srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010473
+-    stigid@rhel8: RHEL-08-010471
++    stigid@almalinux8: RHEL-08-010471
+     stigid@rhel9: RHEL-09-211035
  
+ {{% if product == "ol8" %}}
 diff --git a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
 index a66068605..f25b95045 100644
 --- a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
@@ -3620,78 +1088,6 @@ index 9e1f01f53..d7d4c2651 100644
  ######################################################################
  #By Luke "Brisk-OH" Brisk
  #luke.brisk@boeing.com or luke.brisk@gmail.com
-diff --git a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/rule.yml b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/rule.yml
-index 103130bc8..77660a770 100644
---- a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/rule.yml
-+++ b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Require Client SMB Packet Signing, if using smbclient'
- 
-diff --git a/linux_os/guide/services/smb/configuring_samba/smb_server_disable_root/rule.yml b/linux_os/guide/services/smb/configuring_samba/smb_server_disable_root/rule.yml
-index 0cf80fb63..d9978cea7 100644
---- a/linux_os/guide/services/smb/configuring_samba/smb_server_disable_root/rule.yml
-+++ b/linux_os/guide/services/smb/configuring_samba/smb_server_disable_root/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Root Access to SMB Shares'
- 
-diff --git a/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml b/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml
-index 1b633c648..6173c3981 100644
---- a/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml
-+++ b/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall Samba Package'
- 
-diff --git a/linux_os/guide/services/smb/disabling_samba/service_smb_disabled/rule.yml b/linux_os/guide/services/smb/disabling_samba/service_smb_disabled/rule.yml
-index 0370bdb36..abcc1609f 100644
---- a/linux_os/guide/services/smb/disabling_samba/service_smb_disabled/rule.yml
-+++ b/linux_os/guide/services/smb/disabling_samba/service_smb_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disable Samba'
- 
-diff --git a/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml b/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml
-index 3f8d8cf5c..1a68caab8 100644
---- a/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml
-+++ b/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: debian10,debian11,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: debian10,debian11,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Uninstall net-snmp Package'
- 
-diff --git a/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml b/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml
-index 47810df3f..bada9a5ab 100644
---- a/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml
-+++ b/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disable snmpd Service'
- 
 diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/bash/shared.sh b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/bash/shared.sh
 index 084c89343..c38f2b927 100644
 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/bash/shared.sh
@@ -3702,18 +1098,6 @@ index 084c89343..c38f2b927 100644
  
  if grep -s "rwuser" /etc/snmp/snmpd.conf | grep -qv "^#"; then
  	sed -i "/^\s*#/b;/rwuser/ s/^/#/" /etc/snmp/snmpd.conf
-diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml
-index c2af07442..2c009ce79 100644
---- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml
-+++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,rhel9
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Ensure SNMP Read Write is disabled'
- 
 diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
 index 3b8653a60..5de223af4 100644
 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
@@ -3734,42 +1118,6 @@ index ce70b2c19..6e484b30e 100644
  
  {{{ bash_instantiate_variables("var_snmpd_ro_string", "var_snmpd_rw_string") }}}
  
-diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/rule.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/rule.yml
-index f02c9a7e0..ebf1a539c 100644
---- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/rule.yml
-+++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: debian10,debian11,fedora,ol7,ol8,rhel7,rhel8
-+prodtype: debian10,debian11,fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Ensure Default SNMP Password Is Not Used'
- 
-diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_use_newer_protocol/rule.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_use_newer_protocol/rule.yml
-index 309efb9aa..d8c7643df 100644
---- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_use_newer_protocol/rule.yml
-+++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_use_newer_protocol/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,rhel9
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Configure SNMP Service to Use Only SNMPv3 or Newer'
- 
-diff --git a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
-index 2262fb3b8..35c861e72 100644
---- a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
-+++ b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Group Who Owns SSH Server config file'
- 
 diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh
 index cd5171c1b..6301578ba 100644
 --- a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh
@@ -3846,18 +1194,6 @@ index b6bef987d..799d5044b 100644
  
  test_group="cac_testgroup"
  groupadd $test_group
-diff --git a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
-index 8785509dc..05ca4d2fb 100644
---- a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
-+++ b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Owner on SSH Server config file'
- 
 diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh
 index b36e8a3d7..494455df2 100644
 --- a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh
@@ -3924,31 +1260,19 @@ index 16878dc1d..6c3983a9d 100644
  
  test_user="cac_testuser"
  useradd $test_user
-diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
-index a69ba302e..0d18107c7 100644
---- a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
-+++ b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Permissions on SSH Server config file'
- 
 diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml
-index db40366db..c272a6cf1 100644
+index 6fc7992a1..28f5c07c7 100644
 --- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml
 +++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml
-@@ -59,7 +59,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-040420
      stigid@ol8: OL08-00-010490
      stigid@rhel7: RHEL-07-040420
 -    stigid@rhel8: RHEL-08-010490
 +    stigid@almalinux8: RHEL-08-010490
+     stigid@rhel9: RHEL-09-255120
      stigid@sle12: SLES-12-030220
      stigid@sle15: SLES-15-040250
- 
 diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh
 index 28325e1f7..d19148a0b 100644
 --- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh
@@ -3983,44 +1307,20 @@ index 48ecfbcac..c5a05db8b 100644
  FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
  chown root:ssh_keys "$FAKE_KEY"
 diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
-index 00d4222c8..d5da97ceb 100644
+index 9aaf68cb9..afc49df93 100644
 --- a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
 +++ b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      stigid@ol7: OL07-00-040410
      stigid@ol8: OL08-00-010480
      stigid@rhel7: RHEL-07-040410
 -    stigid@rhel8: RHEL-08-010480
 +    stigid@almalinux8: RHEL-08-010480
+     stigid@rhel9: RHEL-09-255125
      stigid@sle12: SLES-12-030210
      stigid@sle15: SLES-15-040240
- 
-diff --git a/linux_os/guide/services/ssh/firewalld_sshd_disabled/rule.yml b/linux_os/guide/services/ssh/firewalld_sshd_disabled/rule.yml
-index d49b5e58c..a948b56cd 100644
---- a/linux_os/guide/services/ssh/firewalld_sshd_disabled/rule.yml
-+++ b/linux_os/guide/services/ssh/firewalld_sshd_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Remove SSH Server firewalld Firewall exception (Unusual)'
- 
-diff --git a/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml b/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml
-index 36ac1f29d..604658671 100644
---- a/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml
-+++ b/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Install OpenSSH client software'
- 
 diff --git a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml
-index 984773361..e088ea707 100644
+index 2a665e70e..067893a82 100644
 --- a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml
 +++ b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml
 @@ -31,7 +31,7 @@ references:
@@ -4029,42 +1329,22 @@ index 984773361..e088ea707 100644
      stigid@rhel7: RHEL-07-040300
 -    stigid@rhel8: RHEL-08-040159
 +    stigid@almalinux8: RHEL-08-040159
+     stigid@rhel9: RHEL-09-255010
      stigid@ubuntu2004: UBTU-20-010042
  
- ocil_clause: 'the package is not installed'
 diff --git a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
-index 5d7fd206b..409ecabe0 100644
+index ba53a8c3d..dba3ca619 100644
 --- a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
 +++ b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
- 
- title: 'Enable the OpenSSH Service'
- 
-@@ -41,7 +41,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      stigid@ol7: OL07-00-040310
      stigid@ol8: OL08-00-040160
      stigid@rhel7: RHEL-07-040310
 -    stigid@rhel8: RHEL-08-040160
 +    stigid@almalinux8: RHEL-08-040160
+     stigid@rhel9: RHEL-09-255015
      stigid@sle12: SLES-12-030100
      stigid@sle15: SLES-15-010530
-     stigid@ubuntu2004: UBTU-20-010042
-diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml
-index afc6d539c..25b19221f 100644
---- a/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml
-+++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure session renegotiation for SSH client'
- 
 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/ansible/shared.yml
 index 1c878701e..be1bff4cf 100644
 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/ansible/shared.yml
@@ -4085,18 +1365,6 @@ index 3df859f35..e2ab18861 100644
  
  # put line into the file
  echo "setenv SSH_USE_STRONG_RNG 32" > /etc/profile.d/cc-ssh-strong-rng.csh
-diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml
-index cbd17bf07..6b50d0a8c 100644
---- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml
-+++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,rhel8
-+prodtype: ol8,rhel8,almalinux8
- 
- title: 'SSH client uses strong entropy to seed (for CSH like shells)'
- 
 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/ansible/shared.yml
 index 29c646020..1be957f95 100644
 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/ansible/shared.yml
@@ -4117,39 +1385,19 @@ index 13306db45..7a5ca21fc 100644
  
  # put line into the file
  echo "export SSH_USE_STRONG_RNG=32" > /etc/profile.d/cc-ssh-strong-rng.sh
-diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml
-index 53728a2b3..6021e093e 100644
---- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml
-+++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,rhel8
-+prodtype: ol8,rhel8,almalinux8
- 
- title: 'SSH client uses strong entropy to seed (Bash-like shells)'
- 
 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
-index 70d9bc7cc..590365cce 100644
+index e886b61d9..599e965d0 100644
 --- a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol9,rhel8,rhel9
-+prodtype: ol9,rhel8,almalinux8,rhel9
- 
- title: 'Verify the SSH Private Key Files Have a Passcode'
- 
-@@ -24,7 +24,7 @@ identifiers:
+@@ -23,7 +23,7 @@ identifiers:
  
  references:
      srg: SRG-OS-000067-GPOS-00035
 -    stigid@rhel8: RHEL-08-010100
 +    stigid@almalinux8: RHEL-08-010100
+     stigid@rhel9: RHEL-09-611190
  
  ocil_clause: 'no ssh private key is accessible without a passcode'
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
 index 5a97f74df..104b27f3f 100644
 --- a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
@@ -4161,18 +1409,6 @@ index 5a97f74df..104b27f3f 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
-index fb6956152..f4c76c7a2 100644
---- a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
-+++ b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable SSH Server firewalld Firewall Exception'
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml
 index 39102e5d7..2dcfeeb0f 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml
@@ -4204,7 +1440,7 @@ index f8d422c6c..aafcd046f 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh
-index 7c01208c4..8e6c9a53a 100644
+index c7212d5b8..dc1e8c4b9 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -4212,35 +1448,35 @@ index 7c01208c4..8e6c9a53a 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
  {{{ bash_instantiate_variables("var_sshd_disable_compression") }}}
- 
+ {{{ bash_sshd_remediation("Compression", "$var_sshd_disable_compression") }}}
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
-index 6d4760f4b..fac972e1a 100644
+index 40960565c..06d3b974e 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
-@@ -59,7 +59,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-010300
      stigid@ol8: OL08-00-020330
      stigid@rhel7: RHEL-07-010300
 -    stigid@rhel8: RHEL-08-020330
 +    stigid@almalinux8: RHEL-08-020330
+     stigid@rhel9: RHEL-09-255040
      stigid@sle12: SLES-12-030150
      stigid@sle15: SLES-15-040440
-     stigid@ubuntu2004: UBTU-20-010047
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
-index 84e5d497f..63794190a 100644
+index c45531648..522df4731 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      stigid@ol7: OL07-00-040430
      stigid@ol8: OL08-00-010522
      stigid@rhel7: RHEL-07-040430
 -    stigid@rhel8: RHEL-08-010522
 +    stigid@almalinux8: RHEL-08-010522
+     stigid@rhel9: RHEL-09-255135
  
  {{{ complete_ocil_entry_sshd_option(default="yes", option="GSSAPIAuthentication", value="no") }}}
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
-index 05de4709b..247057b8e 100644
+index 969e5a708..dc91af19a 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
 @@ -44,7 +44,7 @@ references:
@@ -4249,9 +1485,9 @@ index 05de4709b..247057b8e 100644
      stigid@rhel7: RHEL-07-040440
 -    stigid@rhel8: RHEL-08-010521
 +    stigid@almalinux8: RHEL-08-010521
+     stigid@rhel9: RHEL-09-255140
  
  {{{ complete_ocil_entry_sshd_option(default="yes", option="KerberosAuthentication", value="no") }}}
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml
 index 228a1166a..6ba91af43 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml
@@ -4273,20 +1509,20 @@ index 5a1ec5cf7..d240b4711 100644
  
  {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^RhostsRSAAuthentication', 'no', '%s %s') }}}
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
-index b5ff1dad5..7c415483e 100644
+index 479d26bc6..c04978f0f 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
-@@ -56,7 +56,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      stigid@ol7: OL07-00-040370
      stigid@ol8: OL08-00-010550
      stigid@rhel7: RHEL-07-040370
 -    stigid@rhel8: RHEL-08-010550
 +    stigid@almalinux8: RHEL-08-010550
+     stigid@rhel9: RHEL-09-255045
      stigid@sle12: SLES-12-030140
      stigid@sle15: SLES-15-020040
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
-index 0bb62b7c9..abd0e26ca 100644
+index 780b846b0..37e5ea9ae 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
 @@ -40,7 +40,7 @@ references:
@@ -4295,37 +1531,37 @@ index 0bb62b7c9..abd0e26ca 100644
      stigid@rhel7: RHEL-07-040380
 -    stigid@rhel8: RHEL-08-010520
 +    stigid@almalinux8: RHEL-08-010520
+     stigid@rhel9: RHEL-09-255150
      stigid@sle12: SLES-12-030200
      stigid@sle15: SLES-15-040230
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
-index 32174a5e8..fd2a31f60 100644
+index 6018d7002..1555669cf 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
-@@ -49,7 +49,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-040710
      stigid@ol8: OL08-00-040340
      stigid@rhel7: RHEL-07-040710
 -    stigid@rhel8: RHEL-08-040340
 +    stigid@almalinux8: RHEL-08-040340
+     stigid@rhel9: RHEL-09-255155
      stigid@sle15: SLES-15-040290
      stigid@ubuntu2004: UBTU-20-010048
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
-index 11a371a73..27717b830 100644
+index 4e168c61e..3492caa81 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
-@@ -53,7 +53,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      stigid@ol7: OL07-00-010460
      stigid@ol8: OL08-00-010830
      stigid@rhel7: RHEL-07-010460
 -    stigid@rhel8: RHEL-08-010830
 +    stigid@almalinux8: RHEL-08-010830
+     stigid@rhel9: RHEL-09-255085
      stigid@sle12: SLES-12-030151
      stigid@sle15: SLES-15-040440
-     stigid@ubuntu2004: UBTU-20-010047
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
-index 322890154..de933b808 100644
+index 65cf32d3c..c48920cdd 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
 @@ -43,7 +43,7 @@ references:
@@ -4334,24 +1570,24 @@ index 322890154..de933b808 100644
      stigid@rhel7: RHEL-07-040450
 -    stigid@rhel8: RHEL-08-010500
 +    stigid@almalinux8: RHEL-08-010500
+     stigid@rhel9: RHEL-09-255160
      stigid@sle12: SLES-12-030230
      stigid@sle15: SLES-15-040260
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
-index 595170d70..88ce6bec7 100644
+index 87aaf6326..e1f67cd59 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-040170
      stigid@ol8: OL08-00-010040
      stigid@rhel7: RHEL-07-040170
 -    stigid@rhel8: RHEL-08-010040
 +    stigid@almalinux8: RHEL-08-010040
+     stigid@rhel9: RHEL-09-255025
      stigid@sle12: SLES-12-030050
      stigid@sle15: SLES-15-010040
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml
-index 685504061..7ff5fd566 100644
+index 59b6850a0..6c6e70e01 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml
 @@ -38,7 +38,7 @@ references:
@@ -4360,11 +1596,11 @@ index 685504061..7ff5fd566 100644
      stigid@rhel7: RHEL-07-040360
 -    stigid@rhel8: RHEL-08-020350
 +    stigid@almalinux8: RHEL-08-020350
+     stigid@rhel9: RHEL-09-255165
      stigid@sle12: SLES-12-030130
      stigid@sle15: SLES-15-020120
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml
-index 9b1f144d7..0711b2bcd 100644
+index 8cb93257c..570980352 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -4373,9 +1609,9 @@ index 9b1f144d7..0711b2bcd 100644
      stigid@ol8: OL08-00-040161
 -    stigid@rhel8: RHEL-08-040161
 +    stigid@almalinux8: RHEL-08-040161
+     stigid@rhel9: RHEL-09-255090
  
  ocil_clause: 'it is commented out or is not set'
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
 index a31a14f8a..08ad17d7b 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
@@ -4397,51 +1633,51 @@ index 5b54ab892..4213bc152 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
-index 350284276..cd52923fd 100644
+index 80a054ce6..3f8a863ce 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
-@@ -66,7 +66,7 @@ references:
+@@ -64,7 +64,7 @@ references:
      stigid@ol7: OL07-00-040320
      stigid@ol8: OL08-00-010201
      stigid@rhel7: RHEL-07-040320
 -    stigid@rhel8: RHEL-08-010201
 +    stigid@almalinux8: RHEL-08-010201
+     stigid@rhel9: RHEL-09-255100
      stigid@sle12: SLES-12-030190
      stigid@sle15: SLES-15-010280
-     stigid@ubuntu2004: UBTU-20-010037
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml
-index c47506b42..0b8f7bd7f 100644
+index be6b3672f..869beb409 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh
-index 3cfe760fb..cba9bf0c4 100644
+index e777ce8fe..588ca64d7 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  
  {{{ bash_instantiate_variables("var_sshd_set_keepalive") }}}
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
-index 7ef1b837f..c431970da 100644
+index cc6387f6a..2f7cfa3ce 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
-@@ -58,7 +58,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      pcidss: Req-8.1.8
      pcidss4: "8.2.8"
      srg: SRG-OS-000163-GPOS-00072,SRG-OS-000279-GPOS-00109
 -    stigid@rhel8: RHEL-08-010200
 +    stigid@almalinux8: RHEL-08-010200
+     stigid@rhel9: RHEL-09-255095
      stigid@sle12: SLES-12-030191
      stigid@sle15: SLES-15-010320
-     stigid@ubuntu2004: UBTU-20-010036
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml
 index a7a2ed3d6..f4ba85ff9 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml
@@ -4483,32 +1719,11 @@ index fcdb800c2..77c3e82da 100644
  
  #!/bin/bash
  SSHD_CONFIG="/etc/ssh/sshd_config"
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml
-index a1cff08ea..94c1863c0 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,ol7,ol8,rhel7,rhel8,sle12,sle15,ubuntu2004
-+prodtype: alinux2,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2004
- 
- title: 'Use Only FIPS 140-2 Validated Ciphers'
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml
-index a467993d6..1d24c8731 100644
+index 4173ce47f..07b35af4d 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml
-@@ -16,7 +16,7 @@
- 
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2004
- 
- title: 'Use Only FIPS 140-2 Validated Key Exchange Algorithms'
- 
-@@ -49,7 +49,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-040712
      stigid@ol8: OL08-00-040342
      stigid@rhel7: RHEL-07-040712
@@ -4518,46 +1733,46 @@ index a467993d6..1d24c8731 100644
      stigid@sle15: SLES-15-040450
      stigid@ubuntu2004: UBTU-20-010045
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh
-index d9775be43..8abd5c4ee 100644
+index 4319832c0..313cc1c9d 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  source common.sh
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh
-index 5e7246205..6de325120 100644
+index 64199ace8..438c06875 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  source common.sh
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh
-index 11e8fe96d..00b69cd2c 100644
+index dfe21de81..9ec1188e8 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  source common.sh
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh
-index a2528cb30..0c8dcf1ba 100644
+index 63774b1e3..780664422 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  source common.sh
  
@@ -4573,49 +1788,37 @@ index 3fd2901a9..2e3d34fef 100644
  source common.sh
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh
-index 63213b5d1..7d20761ba 100644
+index a9ddcf7c1..e696c5c82 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  source common.sh
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh
-index 59dee5b9e..b0f66c148 100644
+index 682758a9d..7f2f9144a 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  source common.sh
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh
-index 0e12d5a2a..d825167a3 100644
+index 4cac68a12..e329787c3 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  source common.sh
  
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml
-index 2ddb6f7ab..e27d212ab 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,ol7,ol8,rhel7,rhel8,sle12,sle15,ubuntu2004
-+prodtype: alinux2,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2004
- 
- title: 'Use Only FIPS 140-2 Validated MACs'
- 
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh
 index edb2553d2..2bfd42c86 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh
@@ -4673,19 +1876,10 @@ index 5a98fc0eb..846cdd444 100644
  
  sed -i 's/^\s*MACs\s/# &/i' /etc/ssh/sshd_config
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
-index f1e9853d6..edd9ebea8 100644
+index d23f8b669..3f06a2fa3 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
-@@ -2,7 +2,7 @@ documentation_complete: true
- 
- # TODO: The plan is not to need this for RHEL>=8.4
- # TODO: Compliant setting is SSH_USE_STRONG_RNG set to 32 or more
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
- 
- title: 'SSH server uses strong entropy to seed'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      ospp: FCS_RBG_EXT.1.2
      srg: SRG-OS-000480-GPOS-00232,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010292
@@ -4695,74 +1889,18 @@ index f1e9853d6..edd9ebea8 100644
  ocil: |-
      To determine whether the SSH service is configured to use strong entropy seed,
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
-index 3a58720dd..5d2d9837a 100644
+index c3694805c..cfc34fb14 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,ubuntu2004
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,ubuntu2004
- 
- title: 'Prevent remote hosts from connecting to the proxy display'
- 
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      stigid@ol7: OL07-00-040711
      stigid@ol8: OL08-00-040341
      stigid@rhel7: RHEL-07-040711
 -    stigid@rhel8: RHEL-08-040341
 +    stigid@almalinux8: RHEL-08-040341
+     stigid@rhel9: RHEL-09-255175
      stigid@sle12: SLES-12-030261
      stigid@ubuntu2004: UBTU-20-010049
- 
-diff --git a/linux_os/guide/services/sssd/package_sssd-ipa_installed/rule.yml b/linux_os/guide/services/sssd/package_sssd-ipa_installed/rule.yml
-index ec0cf86d1..dce874ce5 100644
---- a/linux_os/guide/services/sssd/package_sssd-ipa_installed/rule.yml
-+++ b/linux_os/guide/services/sssd/package_sssd-ipa_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Install sssd-ipa Package'
- 
-diff --git a/linux_os/guide/services/sssd/package_sssd_installed/rule.yml b/linux_os/guide/services/sssd/package_sssd_installed/rule.yml
-index 0b683c070..8ab70a395 100644
---- a/linux_os/guide/services/sssd/package_sssd_installed/rule.yml
-+++ b/linux_os/guide/services/sssd/package_sssd_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Install the SSSD Package'
- 
-diff --git a/linux_os/guide/services/sssd/service_sssd_enabled/rule.yml b/linux_os/guide/services/sssd/service_sssd_enabled/rule.yml
-index 39c32095b..3f403df47 100644
---- a/linux_os/guide/services/sssd/service_sssd_enabled/rule.yml
-+++ b/linux_os/guide/services/sssd/service_sssd_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Enable the SSSD Service'
- 
-diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml
-index c21b1e612..97d820689 100644
---- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml
-+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Configure SSSD LDAP Backend Client CA Certificate'
- 
 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml
 index 202fc7f44..711cc57c6 100644
 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml
@@ -4783,18 +1921,6 @@ index 68a6a1291..740c94e10 100644
  
  {{{ bash_instantiate_variables("var_sssd_ldap_tls_ca_dir") }}}
  
-diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml
-index c5ef25261..110dd8287 100644
---- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml
-+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Configure SSSD LDAP Backend Client CA Certificate Location'
- 
 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml
 index 891b3e2f9..6cb0bce26 100644
 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml
@@ -4814,18 +1940,6 @@ index 5c83263bc..91e28ba16 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
  
  {{{ bash_sssd_ldap_config(parameter="ldap_tls_reqcert", value="demand") }}}
-diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/rule.yml
-index 5a69c77ce..4f6f66f43 100644
---- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/rule.yml
-+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Configure SSSD LDAP Backend Client to Demand a Valid Certificate from the Server'
- 
 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml
 index b38bc41fe..33c5c9034 100644
 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml
@@ -4846,18 +1960,6 @@ index 564e32815..02bed6db8 100644
  
  {{{ bash_sssd_ldap_config(parameter="ldap_id_use_start_tls", value="true") }}}
  
-diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/rule.yml
-index 44878eb57..473279288 100644
---- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/rule.yml
-+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Configure SSSD LDAP Backend to Use TLS For All Transactions'
- 
 diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml
 index c93d7a59d..a6dff6f85 100644
 --- a/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml
@@ -4879,47 +1981,31 @@ index ea3c0946c..08e66dade 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
-index cd24ded03..1e7fad032 100644
+index df4e19807..b5948e9d6 100644
 --- a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Certificate status checking in SSSD'
- 
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      nist: IA-2(11)
      srg: SRG-OS-000375-GPOS-00160,SRG-OS-000377-GPOS-00162
      stigid@ol8: OL08-00-010400
 -    stigid@rhel8: RHEL-08-010400
 +    stigid@almalinux8: RHEL-08-010400
- 
+     stigid@rhel9: RHEL-09-611170
  
  ocil_clause: 'certificate_verification in sssd is not configured'
 diff --git a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
-index ed8b1c4e1..bd14c9954 100644
+index 6791df75f..2aae5273f 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Enable Certmap in SSSD'
- 
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ references:
     nist: IA-5 (2) (c)
     srg: SRG-OS-000068-GPOS-00036
     stigid@ol8: OL08-00-020090
 -   stigid@rhel8: RHEL-08-020090
 +   stigid@almalinux8: RHEL-08-020090
+    stigid@rhel9: RHEL-09-631015
  
  warnings:
-     - general: |-
 diff --git a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh
 index 09e863e4a..ba1f546e9 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh
@@ -4930,18 +2016,6 @@ index 09e863e4a..ba1f546e9 100644
  
  
  
-diff --git a/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml b/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml
-index 5af99bf8a..d557d3183 100644
---- a/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml
-+++ b/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Configure PAM in SSSD Services'
- 
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml
 index f82c9e386..e57bdf163 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml
@@ -4956,7 +2030,7 @@ index f82c9e386..e57bdf163 100644
    ansible.builtin.stat:
      path: /usr/bin/authselect
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
-index b51312601..21ec5106e 100644
+index 4e2e00554..619d3f684 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
 @@ -13,7 +13,7 @@ umask u=rw,go=
@@ -4966,8 +2040,8 @@ index b51312601..21ec5106e 100644
 -{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
 +{{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
  if [ -f /usr/bin/authselect ]; then
-     if authselect check; then
-         {{{ bash_enable_authselect_feature('with-smartcard') | indent(8) }}}
+     {{{ bash_enable_authselect_feature('with-smartcard') | indent(4) }}}
+ else
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml b/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
 index c2ae4d39a..010ff0410 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
@@ -4991,18 +2065,10 @@ index c2ae4d39a..010ff0410 100644
    comment="tests the presence of try_cert_auth or require_cert_auth in /etc/pam.d/smartcard-auth"
    id="test_sssd_enable_smartcards_allow_missing_name_smartcard_auth" version="2">
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
-index 6ed233a70..30001883e 100644
+index b4d314374..585daaa7e 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Enable Smartcards in SSSD'
- 
-@@ -11,7 +11,7 @@ description: |-
+@@ -10,7 +10,7 @@ description: |-
      <pre>[pam]
      pam_cert_auth = True
      </pre>
@@ -5011,15 +2077,15 @@ index 6ed233a70..30001883e 100644
      Add or update "pam_sss.so" line in auth section of "/etc/pam.d/system-auth" file to include
      "try_cert_auth" or "require_cert_auth" option, like in the following example:
      <pre>
-@@ -52,7 +52,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      pcidss4: "8.4"
      srg: SRG-OS-000375-GPOS-00160,SRG-OS-000105-GPOS-00052,SRG-OS-000106-GPOS-00053,SRG-OS-000107-GPOS-00054,SRG-OS-000108-GPOS-00055
      stigid@ol8: OL08-00-020250
 -    stigid@rhel8: RHEL-08-020250
 +    stigid@almalinux8: RHEL-08-020250
+     stigid@rhel9: RHEL-09-611165
  
  ocil_clause: 'smart cards are not enabled in SSSD'
- 
 @@ -62,7 +62,7 @@ ocil: |-
      If configured properly, output should be
      <pre>pam_cert_auth = True</pre>
@@ -5123,26 +2189,18 @@ index 43e19d382..2848e2072 100644
  SSSD_FILE="/etc/sssd/sssd.conf"
  rm -f $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
-index d71208630..55ec767b9 100644
+index 65eb8d8b3..87c26855d 100644
 --- a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'SSSD Has a Correct Trust Anchor'
- 
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
    nist: IA-5 (2) (a)
    srg: SRG-OS-000066-GPOS-00034,SRG-OS-000384-GPOS-00167
    stigid@ol8: OL08-00-010090
 -  stigid@rhel8: RHEL-08-010090
 +  stigid@almalinux8: RHEL-08-010090
+   stigid@rhel9: RHEL-09-631010
  
  warnings:
-     - general: |-
 diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
 index 7cfba003b..fb36bb099 100644
 --- a/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
@@ -5163,40 +2221,8 @@ index e7d5d3916..ed768f876 100644
  
  {{{ bash_instantiate_variables("var_sssd_memcache_timeout") }}}
  
-diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml b/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml
-index 5439e1bdc..5aa7f78c6 100644
---- a/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml
-+++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
- 
- title: 'Configure SSSD''s Memory Cache to Expire'
- 
-diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/ansible/shared.yml
-index ebdf0136b..73916d8d1 100644
---- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/ansible/shared.yml
-+++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/bash/shared.sh b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/bash/shared.sh
-index 890254c8e..2b6103e93 100644
---- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/bash/shared.sh
-+++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
-index 9741e2e56..6bcb1102d 100644
+index 3a5bd52c1..8c24e41bf 100644
 --- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
 +++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
 @@ -4,7 +4,7 @@
@@ -5218,16 +2244,10 @@ index 9741e2e56..6bcb1102d 100644
    comment="tests the value of cache_credentials setting in the /etc/sssd/sssd.conf file"
    id="test_sssd_cache_credentials" version="1">
 diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
-index 15ef6aa83..39e6999df 100644
+index 36187d683..113849b46 100644
 --- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
-@@ -1,12 +1,12 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Configure SSSD to Expire Offline Credentials'
+@@ -5,7 +5,7 @@ title: 'Configure SSSD to Expire Offline Credentials'
  
  description: |-
      SSSD should be configured to expire offline credentials after 1 day.
@@ -5236,15 +2256,15 @@ index 15ef6aa83..39e6999df 100644
      Check if SSSD allows cached authentications with the following command:
      <pre>
      $ sudo grep cache_credentials /etc/sssd/sssd.conf
-@@ -47,7 +47,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      nist-csf: PR.AC-1,PR.AC-6,PR.AC-7
      srg: SRG-OS-000383-GPOS-00166
      stigid@ol8: OL08-00-020290
 -    stigid@rhel8: RHEL-08-020290
 +    stigid@almalinux8: RHEL-08-020290
+     stigid@rhel9: RHEL-09-631020
      stigid@sle12: SLES-12-010680
      stigid@sle15: SLES-15-010500
-     stigid@ubuntu2004: UBTU-20-010441
 @@ -55,7 +55,7 @@ references:
  ocil_clause: 'it does not exist or is not configured properly'
  
@@ -5276,18 +2296,6 @@ index 3da9609d7..06586bd8a 100644
  
  MAIN_CONF="/etc/sssd/conf.d/ospp.conf"
  
-diff --git a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml
-index 87d8b19f4..f10f46485 100644
---- a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml
-+++ b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,rhcos4,rhel8
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8
- 
- title: 'Configure SSSD to run as user sssd'
- 
 diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
 index 599683567..8fa06fa65 100644
 --- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
@@ -5308,18 +2316,6 @@ index f066ef1bd..01254fa6f 100644
  
  {{{ bash_instantiate_variables("var_sssd_ssh_known_hosts_timeout") }}}
  
-diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/rule.yml b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/rule.yml
-index 0e2898a5b..6ef9217e2 100644
---- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/rule.yml
-+++ b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Configure SSSD to Expire SSH Known Hosts'
- 
 diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
 index 331627492..72a361b30 100644
 --- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
@@ -5330,26 +2326,18 @@ index 331627492..72a361b30 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
  {{{ kubernetes_usbguard_set(["xccdf_org.ssgproject.content_rule_package_usbguard_installed"]) }}}
 diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
-index c20527bf1..65a1c2862 100644
+index 70864f734..9b0a73a0b 100644
 --- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
 +++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Log USBGuard daemon audit events using Linux Audit'
- 
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000062-GPOS-00031,SRG-OS-000471-GPOS-00215,SRG-APP-000141-CTR-000315
      stigid@ol8: OL08-00-030603
 -    stigid@rhel8: RHEL-08-030603
 +    stigid@almalinux8: RHEL-08-030603
+     stigid@rhel9: RHEL-09-291025
  
  platform: package[usbguard]
- 
 diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
 index 9f18591b3..b49d5217a 100644
 --- a/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
@@ -5362,26 +2350,18 @@ index 9f18591b3..b49d5217a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
-index 47a65aeb6..13629af9a 100644
+index e9e56f124..b9eb36658 100644
 --- a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
 +++ b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Install usbguard Package'
- 
-@@ -51,7 +51,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      nist: CM-8(3),IA-3
      srg: SRG-OS-000378-GPOS-00163
      stigid@ol8: OL08-00-040139
 -    stigid@rhel8: RHEL-08-040139
 +    stigid@almalinux8: RHEL-08-040139
+     stigid@rhel9: RHEL-09-291015
  
  ocil_clause: 'the package is not installed'
- 
 diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
 index e9c55dfb0..9be805c13 100644
 --- a/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
@@ -5394,38 +2374,18 @@ index e9c55dfb0..9be805c13 100644
  kind: MachineConfig
  metadata:
 diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
-index e382a886f..4db8be23b 100644
+index 703949026..bb5493ff8 100644
 --- a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
 +++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Enable the USBGuard Service'
- 
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000378-GPOS-00163
      stigid@ol8: OL08-00-040141
 -    stigid@rhel8: RHEL-08-040141
 +    stigid@almalinux8: RHEL-08-040141
+     stigid@rhel9: RHEL-09-291020
  
  ocil_clause: 'the service is not enabled'
- 
-diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml
-index 095c6f0b5..0767ec9e3 100644
---- a/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml
-+++ b/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Authorize Human Interface Devices in USBGuard daemon'
- 
 diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
 index 5ef460be8..8a12559f6 100644
 --- a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
@@ -5437,30 +2397,6 @@ index 5ef460be8..8a12559f6 100644
  {{% macro usbguard_hid_and_hub_config_source() %}}
  allow with-interface match-all { 03:*:* 09:00:* }
  {{%- endmacro -%}}
-diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml
-index be1a2d2de..a5e43efa9 100644
---- a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml
-+++ b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Authorize Human Interface Devices and USB hubs in USBGuard daemon'
- 
-diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml b/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml
-index a5ff52550..324a058b1 100644
---- a/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml
-+++ b/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Authorize USB hubs in USBGuard daemon'
- 
 diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
 index cca593262..5ac5c0678 100644
 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
@@ -5482,38 +2418,18 @@ index 88d55f160..f2f336700 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
-index 40d4e8fb3..afaea296c 100644
+index c762f9318..9320755b5 100644
 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
 +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Generate USBGuard Policy'
- 
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000378-GPOS-00163
      stigid@ol8: OL08-00-040140
 -    stigid@rhel8: RHEL-08-040140
 +    stigid@almalinux8: RHEL-08-040140
+     stigid@rhel9: RHEL-09-291030
  
  ocil_clause: 'there is no evidence that unauthorized peripherals are being blocked before establishing a connection'
- 
-diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml
-index 170f89fc0..3b6324569 100644
---- a/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml
-+++ b/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Remove the X Windows Package Group'
- 
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
 index a5ff9b07b..71f4bc705 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
@@ -5525,47 +2441,31 @@ index a5ff9b07b..71f4bc705 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
-index 607ed945c..ce7c05668 100644
+index 55ecb9f2e..091e4ad14 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disable graphical user interface'
- 
-@@ -45,7 +45,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      stigid@ol7: OL07-00-040730
      stigid@ol8: OL08-00-040320
      stigid@rhel7: RHEL-07-040730
 -    stigid@rhel8: RHEL-08-040320
 +    stigid@almalinux8: RHEL-08-040320
+     stigid@rhel9: RHEL-09-215070
  
  ocil_clause: 'xorg related packages are not removed and run level is not correctly configured'
- 
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
-index ab3b7ccd5..9778a5356 100644
+index 1d939a95f..737cf51fe 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Disable X Windows Startup By Setting Default Target'
- 
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      nist-csf: PR.AC-3,PR.PT-4
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040321
 -    stigid@rhel8: RHEL-08-040321
 +    stigid@almalinux8: RHEL-08-040321
+     stigid@rhel9: RHEL-09-211030
  
  ocil_clause: 'the system default target is not set to "multi-user.target" and the Information System Security Officer (ISSO) lacks a documented requirement for a graphical user interface'
- 
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
 index 33bb72648..0242c8c28 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
@@ -5627,38 +2527,18 @@ index 63ceaaf88..e50ada3e4 100644
  {{{ bash_instantiate_variables("login_banner_text") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
-index dbae8dd3a..b00910f32 100644
+index b6012519b..4ce615545 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Modify the System Login Banner'
- 
-@@ -120,7 +120,7 @@ references:
+@@ -117,7 +117,7 @@ references:
      stigid@ol7: OL07-00-010050
      stigid@ol8: OL08-00-010060
      stigid@rhel7: RHEL-07-010050
 -    stigid@rhel8: RHEL-08-010060
 +    stigid@almalinux8: RHEL-08-010060
+     stigid@rhel9: RHEL-09-211020
      stigid@sle12: SLES-12-010030
      stigid@sle15: SLES-15-010020
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml
-index 2e79e27b8..bd31b5569 100644
---- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Modify the System Login Banner for Remote Connections'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
 index 5735d2035..0ca7771ef 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
@@ -5679,126 +2559,6 @@ index 4d77e8336..4ed727fc5 100644
  
  {{{ bash_instantiate_variables("motd_banner_text") }}}
  
-diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml
-index d501fe120..8c2d00b8f 100644
---- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Modify the System Message of the Day Banner'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml
-index 48c86a69c..6eb269aa8 100644
---- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Group Ownership of System Login Banner'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
-index 92f7874d8..c3e9dc2c3 100644
---- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Group Ownership of System Login Banner for Remote Connections'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
-index 7b22f900c..663262459 100644
---- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify Group Ownership of Message of the Day Banner'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml
-index 634b03ae6..10ccf9ff9 100644
---- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify ownership of System Login Banner'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
-index cff8e3963..2ce35edc6 100644
---- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify ownership of System Login Banner for Remote Connections'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
-index 47c662016..61a4b12b4 100644
---- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify ownership of Message of the Day Banner'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml
-index f80843991..34cbd275f 100644
---- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify permissions on System Login Banner'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
-index cb8d9db77..9752bdfcc 100644
---- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify permissions on System Login Banner for Remote Connections'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
-index 57ff52250..0068c8061 100644
---- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify permissions on Message of the Day Banner'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
 index 5814a30bd..aa4aa4c5c 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
@@ -5810,26 +2570,18 @@ index 5814a30bd..aa4aa4c5c 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
-index b21996ff4..c31c0e9cd 100644
+index 6e2c5bd63..21de86a25 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enable GNOME3 Login Warning Banner'
- 
-@@ -61,7 +61,7 @@ references:
+@@ -59,7 +59,7 @@ references:
      stigid@ol7: OL07-00-010030
      stigid@ol8: OL08-00-010049
      stigid@rhel7: RHEL-07-010030
 -    stigid@rhel8: RHEL-08-010049
 +    stigid@almalinux8: RHEL-08-010049
+     stigid@rhel9: RHEL-09-271010,RHEL-09-271015
      stigid@sle12: SLES-12-010040
      stigid@sle15: SLES-15-010080
-     stigid@ubuntu2004: UBTU-20-010002
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
 index 86aff54f9..b295782b0 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
@@ -5841,18 +2593,10 @@ index 86aff54f9..b295782b0 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
-index 649db8e37..d76ad09f8 100644
+index 6601ba6b6..9056b451b 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Set the GNOME3 Login Warning Banner Text'
- 
-@@ -65,7 +65,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-010040
      stigid@ol8: OL08-00-010050
      stigid@rhel7: RHEL-07-010040
@@ -5906,7 +2650,7 @@ index a9def9bfb..e1627ffc6 100644
  # packages = dconf,gdm
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml b/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml
-index 2c5fbef58..9630f761d 100644
+index 0859ad2d5..650278ab9 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml
 @@ -30,7 +30,7 @@ references:
@@ -5915,11 +2659,11 @@ index 2c5fbef58..9630f761d 100644
      stigid@rhel7: RHEL-07-010344
 -    stigid@rhel8: RHEL-08-010385
 +    stigid@almalinux8: RHEL-08-010385
+     stigid@rhel9: RHEL-09-611145
      stigid@sle12: SLES-12-010114
      stigid@sle15: SLES-15-020104
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
-index 215b978f2..37a8704dc 100644
+index 428fbd7fa..390b6513d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5929,112 +2673,64 @@ index 215b978f2..37a8704dc 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
-index cde0bd136..786aa4402 100644
+index badc79bff..f6c602159 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
 @@ -1,4 +1,4 @@
 -# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
 +# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
  
- {{% if product in ["sle12", "sle15"] or "ubuntu" in product %}}
- {{{ bash_ensure_pam_module_configuration('/etc/pam.d/login', 'session', 'required', 'pam_lastlog.so', 'showfailed', '', 'BOF') }}}
+ {{%- if "sle" in product or "ubuntu" in product %}}
+ {{%- set pam_lastlog_path = "/etc/pam.d/login" %}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
-index 81cdfc202..18bf109a4 100644
+index b96e9f3db..c12b57eb3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
-@@ -50,7 +50,7 @@ references:
+@@ -55,7 +55,7 @@ references:
      stigid@ol7: OL07-00-040530
      stigid@ol8: OL08-00-020340
      stigid@rhel7: RHEL-07-040530
 -    stigid@rhel8: RHEL-08-020340
 +    stigid@almalinux8: RHEL-08-020340
+     stigid@rhel9: RHEL-09-412075
      stigid@sle12: SLES-12-010390
      stigid@sle15: SLES-15-020080
-     stigid@ubuntu2004: UBTU-20-010453
-diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh
-index 1b490cdbd..5bd97bbe2 100644
---- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh
+diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_correct_options.pass.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_correct_options.pass.sh
+index 79b84c92e..a881bf04e 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_correct_options.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_correct_options.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
- authselect create-profile hardening -b sssd
- CUSTOM_PROFILE="custom/hardening"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh
-index 3a6c8734a..0b4f5b1fa 100644
---- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- 
- authselect create-profile hardening -b sssd
- CUSTOM_PROFILE="custom/hardening"
+ if authselect list-features minimal | grep -q with-silent-lastlog; then
+     authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
-index 1dd45236b..6766ce732 100644
+index 60ede2a24..6e55b3281 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # remediation = none
  
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh
-index 4dff706d4..6c0f4c49e 100644
---- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh
+ authselect create-profile hardening -b sssd
+diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_lastlog.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_lastlog.fail.sh
+index 15c424a2d..2182aabf1 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_lastlog.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_lastlog.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
- authselect create-profile hardening -b sssd
- CUSTOM_PROFILE="custom/hardening"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_wrong_control.fail.sh
-index 921c44ce9..c5a037153 100644
---- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_wrong_control.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_wrong_control.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- 
- authselect create-profile hardening -b sssd
- CUSTOM_PROFILE="custom/hardening"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_showfailed.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_showfailed.fail.sh
-index 2a8782c30..e2c21bd90 100644
---- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_showfailed.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_showfailed.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- 
- authselect create-profile hardening -b sssd
- CUSTOM_PROFILE="custom/hardening"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_silent.pass.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_silent.pass.sh
-index 510813790..dd9eb36e7 100644
---- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_silent.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_silent.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- 
- authselect create-profile hardening -b sssd
- CUSTOM_PROFILE="custom/hardening"
+ if authselect list-features minimal | grep -q with-silent-lastlog; then
+     authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
 index 7144a4e52..525180f6b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
@@ -6055,81 +2751,45 @@ index 9c752e052..c38f0caf3 100644
  if ! grep -Eq '^\s*session\s+required\s+pam_namespace.so\s*$' '/etc/pam.d/login' ; then
      echo "session    required     pam_namespace.so" >> "/etc/pam.d/login"
  fi
-diff --git a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/rule.yml b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/rule.yml
-index 33265c902..4ee287f56 100644
---- a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
- 
- title: Set Up a Private Namespace in PAM Configuration
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
-index 74448292b..724c5233c 100644
+index d3eeadde6..2fef71784 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,ol9,rhel8,rhel9
-+prodtype: alinux2,alinux3,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.'
- 
-@@ -23,7 +23,7 @@ references:
+@@ -20,7 +20,7 @@ references:
      disa: CCI-000044
      nist: AC-7 (a)
      srg: SRG-OS-000021-GPOS-00005
 -    stigid@rhel8: RHEL-08-020026
 +    stigid@almalinux8: RHEL-08-020026
+     stigid@rhel9: RHEL-09-611035
  
  ocil_clause: 'the pam_faillock.so module is not present in the "/etc/pam.d/password-auth" file with the "preauth" line listed before pam_unix.so'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
-index 912cd8c16..8dd9abaec 100644
+index 1c48f48e3..f614bf692 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol9,rhel8,rhel9
-+prodtype: ol9,rhel8,almalinux8,rhel9
- 
- title: 'Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.'
- 
-@@ -21,7 +21,7 @@ references:
+@@ -20,7 +20,7 @@ references:
      disa: CCI-000044
      nist: AC-7 (a)
      srg: SRG-OS-000021-GPOS-00005
 -    stigid@rhel8: RHEL-08-020025
 +    stigid@almalinux8: RHEL-08-020025
+     stigid@rhel9: RHEL-09-611030
  
  ocil_clause: 'the pam_faillock.so module is not present in the "/etc/pam.d/system-auth" file with the "preauth" line listed before pam_unix.so'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
-index 61e58c8a0..e825db817 100644
+index 680a2f520..a58fe6f40 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'An SELinux Context must be configured for the pam_faillock.so records directory'
- 
-@@ -23,7 +23,7 @@ references:
+@@ -22,7 +22,7 @@ references:
      nist: AC-7 (a)
      srg: SRG-OS-000021-GPOS-00005
-     stigid@ol8: OL08-00-020027
--    stigid@rhel8: RHEL-08-020027
-+    stigid@almalinux8: RHEL-08-020027
+     stigid@ol8: OL08-00-020027,OL08-00-020028
+-    stigid@rhel8: RHEL-08-020027,RHEL-08-020028
++    stigid@almalinux8: RHEL-08-020027,RHEL-08-020028
+     stigid@rhel9: RHEL-09-431020
  
  platform: machine
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
 index e9ecd879f..74e4c0b09 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
@@ -6196,26 +2856,18 @@ index 365006509..2a10d041b 100644
  {{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
-index 6aaf7bf37..20417b085 100644
+index 98c92bbd4..3d5bc318d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Limit Password Reuse: password-auth'
- 
-@@ -63,7 +63,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      stigid@ol7: OL07-00-010270
      stigid@ol8: OL08-00-020220
      stigid@rhel7: RHEL-07-010270
 -    stigid@rhel8: RHEL-08-020220
 +    stigid@almalinux8: RHEL-08-020220
+     stigid@rhel9: RHEL-09-611015
  
  ocil_clause: |-
-     the pam_pwhistory.so module is not used, the "remember" module option is not set in
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
 index bef6bbcea..8263dd4a0 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
@@ -6345,26 +2997,18 @@ index a55f86dc3..5506f8c40 100644
  {{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
-index aeb999b8d..a489e5837 100644
+index 22d76c770..6b202abfd 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Limit Password Reuse: system-auth'
- 
-@@ -63,7 +63,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      stigid@ol7: OL07-00-010270
      stigid@ol8: OL08-00-020221
      stigid@rhel7: RHEL-07-010270
 -    stigid@rhel8: RHEL-08-020221
 +    stigid@almalinux8: RHEL-08-020221
+     stigid@rhel9: RHEL-09-611020
  
  ocil_clause: |-
-     the pam_pwhistory.so module is not used, the "remember" module option is not set in
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
 index fe238b41b..84c181749 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
@@ -6493,18 +3137,6 @@ index c830c07aa..3548b0341 100644
  
  {{% if product in [ "sle12", "sle15" ] %}}
  {{%- set accounts_password_pam_unix_remember_file = '/etc/pam.d/common-password' -%}}
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml
-index f3e6931ac..564d32e7d 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Limit Password Reuse'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
 index a18fa3d6c..41fe931e0 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
@@ -6626,44 +3258,43 @@ index 253d50de1..6665b7b06 100644
  
  remember_cnt=3
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
-index e9ecd879f..74e4c0b09 100644
+index 1eab1f8c4..f29521f1b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
-index 63d03f08d..e0eae4498 100644
+index 021a400c0..09b9d3918 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_pam_faillock_enable() }}}
  {{{ bash_pam_faillock_parameter_value("audit", authfail=False)}}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml
-index 038f8486c..375038872 100644
+index 1bce7f622..954fc4e8d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml
 @@ -19,7 +19,7 @@ references:
      nist: AC-7 (a)
      srg: SRG-OS-000021-GPOS-00005
-     stigid@ol8: OL08-00-020021
+     stigid@ol8: OL08-00-020020,OL08-00-020021
 -    stigid@rhel8: RHEL-08-020021
 +    stigid@almalinux8: RHEL-08-020021
- 
- ocil_clause: 'the "audit" option is not set, is missing or commented out'
+     stigid@rhel9: RHEL-09-412045
+     stigid@ubuntu2004: UBTU-20-010072
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
-index 5e75c996c..ca16cf405 100644
+index d805aa018..d188e828a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
-@@ -1,7 +1,7 @@
- 
+@@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
@@ -6683,6 +3314,29 @@ index e1eb0a970..79ba23b4a 100644
  
  source common.sh
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
+index c35696fee..f9615fcef 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
+index 5bbbc464e..15a644bba 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ 
+ source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml
 index 8ab749d4f..00c16754b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml
@@ -6704,25 +3358,17 @@ index 449d912d0..22f5dc375 100644
  {{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_deny") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
-index 0fa9fac37..d84c75fa3 100644
+index f4a2acb18..3a67e37df 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2204
- 
- title: 'Lock Accounts After Failed Password Attempts'
- 
-@@ -64,7 +64,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-010320
-     stigid@ol8: OL08-00-020010
+     stigid@ol8: OL08-00-020010,OL08-00-020011
      stigid@rhel7: RHEL-07-010320
 -    stigid@rhel8: RHEL-08-020011
 +    stigid@almalinux8: RHEL-08-020011
- 
- platform: package[pam]
+     stigid@rhel9: RHEL-09-411075
+     stigid@ubuntu2004: UBTU-20-010072
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
 index b3232cc93..ec32d65f7 100644
@@ -6759,6 +3405,17 @@ index aa3ca061d..6d383b228 100644
  # remediation = none
  # variables = var_accounts_passwords_pam_faillock_deny=3
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh
+index 579e5670e..238b7431d 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ {{%- if product in ["rhel7"] %}}
+ # packages = authconfig
+ {{%- else %}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
 index e770e300f..ceffa12a0 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
@@ -6795,6 +3452,17 @@ index efb57601c..4127e7265 100644
  # remediation = none
  # variables = var_accounts_passwords_pam_faillock_deny=3
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh
+index b780f3203..bc0966113 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ {{%- if product in ["rhel7"] %}}
+ # packages = authconfig
+ {{%- else %}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
 index 595b85192..392d025a0 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
@@ -6828,26 +3496,18 @@ index 09d8aeee0..72b3aeacb 100644
  {{{ bash_pam_faillock_enable() }}}
  {{{ bash_pam_faillock_parameter_value("even_deny_root", "") }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
-index 94892c9d0..e1434194f 100644
+index 3c0e1430e..d1dd0ffc3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Configure the root Account for Failed Password Attempts'
- 
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      stigid@ol7: OL07-00-010330
-     stigid@ol8: OL08-00-020022
+     stigid@ol8: OL08-00-020022,OL08-00-020023
      stigid@rhel7: RHEL-07-010330
 -    stigid@rhel8: RHEL-08-020023
 +    stigid@almalinux8: RHEL-08-020023
+     stigid@rhel9: RHEL-09-411080
  
- ocil_clause: 'the "even_deny_root" option is not set, is missing or commented out'
- 
+ {{% if product == "rhel8" %}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
 index b3232cc93..ec32d65f7 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
@@ -6908,26 +3568,18 @@ index 7c702d669..06c0d31e2 100644
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
-index 28753f735..66c8fba20 100644
+index e199c9f99..81903f742 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Lock Accounts Must Persist'
- 
-@@ -34,7 +34,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      nist: AC-7(b),AC-7(a),AC-7.1(ii)
      srg: SRG-OS-000021-GPOS-00005,SRG-OS-000329-GPOS-00128
-     stigid@ol8: OL08-00-020016
--    stigid@rhel8: RHEL-08-020017
-+    stigid@almalinux8: RHEL-08-020017
+     stigid@ol8: OL08-00-020016,OL08-00-020017
+-    stigid@rhel8: RHEL-08-020016,RHEL-08-020017
++    stigid@almalinux8: RHEL-08-020016,RHEL-08-020017
+     stigid@rhel9: RHEL-09-411105
  
  ocil_clause: 'the "dir" option is not set to a non-default documented tally log directory, is missing or commented out'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
 index 679e47bcc..4f798d486 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
@@ -6984,18 +3636,6 @@ index e9c09b713..9fc45f3d1 100644
  
  {{{ bash_pam_faillock_enable() }}}
  {{{ bash_pam_faillock_parameter_value("local_users_only", "") }}}
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml
-index fc85c1c4e..2f91deb0a 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Enforce pam_faillock for Local Accounts Only'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
 index 856bd56ea..71194a32f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
@@ -7045,45 +3685,37 @@ index 053f91100..04f362717 100644
  
  # This test scenario manually modify the pam_faillock.so entries in auth section from
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml
-index ac3b9789e..bf2620ccd 100644
+index 039fc5191..cb0f0134d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh
-index a49ddf559..41dc70b88 100644
+index e7a0882f2..c07fd02e0 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_fail_interval") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
-index 6a3f5b169..86f7e2586 100644
+index ecd22ef90..ed030b4f4 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2204
- 
- title: 'Set Interval For Counting Failed Password Attempts'
- 
-@@ -54,7 +54,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-010320
-     stigid@ol8: OL08-00-020012
+     stigid@ol8: OL08-00-020012,OL08-00-020013
      stigid@rhel7: RHEL-07-010320
 -    stigid@rhel8: RHEL-08-020012,RHEL-08-020013
 +    stigid@almalinux8: RHEL-08-020012,RHEL-08-020013
- 
- platform: package[pam]
+     stigid@rhel9: RHEL-09-411085
+     stigid@ubuntu2004: UBTU-20-010072
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
 index b3232cc93..ec32d65f7 100644
@@ -7120,6 +3752,17 @@ index 0b67e0e02..f4ab6a731 100644
  # remediation = none
  # variables = var_accounts_passwords_pam_faillock_fail_interval=900
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh
+index 59daba0dd..f4d1b8bf0 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ {{%- if product in ["rhel7"] %}}
+ # packages = authconfig
+ {{%- else %}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
 index 82bf9fa75..5ab933ad8 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
@@ -7156,6 +3799,17 @@ index ef2461160..c47470ab4 100644
  # remediation = none
  # variables = var_accounts_passwords_pam_faillock_fail_interval=900
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh
+index 95ad62037..0a78cef63 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ {{%- if product in ["rhel7"] %}}
+ # packages = authconfig
+ {{%- else %}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
 index c71a12afe..6dd3f50d6 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
@@ -7169,26 +3823,18 @@ index c71a12afe..6dd3f50d6 100644
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
-index e62d54321..92df8c50e 100644
+index 5e228a5f6..84040d04d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
- 
- title: 'Do Not Show System Messages When Unsuccessful Logon Attempts Occur'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      disa: CCI-002238,CCI-000044
      srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
-     stigid@ol8: OL08-00-020019
--    stigid@rhel8: RHEL-08-020019
-+    stigid@almalinux8: RHEL-08-020019
+     stigid@ol8: OL08-00-020018,OL08-00-020019
+-    stigid@rhel8: RHEL-08-020018,RHEL-08-020019
++    stigid@almalinux8: RHEL-08-020018,RHEL-08-020019
+     stigid@ubuntu2004: UBTU-20-010072
  
  ocil_clause: 'the system shows messages when three unsuccessful logon attempts occur'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
 index fdd0c4c06..ec8195db8 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
@@ -7201,6 +3847,29 @@ index fdd0c4c06..ec8195db8 100644
  
  source common.sh
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_pam_files.pass.sh
+index ebabc6518..b02f953cc 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_pam_files.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_pam_files.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter.fail.sh
+index a10547339..c01c35a48 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ 
+ source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
 index f73c751f5..146acc847 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
@@ -7246,25 +3915,17 @@ index 3a32aad36..d1f4a0327 100644
  {{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_unlock_time") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
-index f55ff2cef..0da874e36 100644
+index b2ea25f78..7ff4967ac 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2204
- 
- title: 'Set Lockout Time for Failed Password Attempts'
- 
-@@ -66,7 +66,7 @@ references:
+@@ -65,7 +65,7 @@ references:
      stigid@ol7: OL07-00-010320
-     stigid@ol8: OL08-00-020014
+     stigid@ol8: OL08-00-020014,OL08-00-020015
      stigid@rhel7: RHEL-07-010320
--    stigid@rhel8: RHEL-08-020015
-+    stigid@almalinux8: RHEL-08-020015
- 
- platform: package[pam]
+-    stigid@rhel8: RHEL-08-020014,RHEL-08-020015
++    stigid@almalinux8: RHEL-08-020014,RHEL-08-020015
+     stigid@rhel9: RHEL-09-411090
+     stigid@ubuntu2004: UBTU-20-010072
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
 index b3232cc93..ec32d65f7 100644
@@ -7301,6 +3962,17 @@ index 057348eb4..0b2000ba3 100644
  # remediation = none
  # variables = var_accounts_passwords_pam_faillock_unlock_time=600
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh
+index 1be527fa2..068b4ead0 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ {{%- if product in ["rhel7"] %}}
+ # packages = authconfig
+ {{%- else %}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
 index 1840cae45..953ba3353 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
@@ -7337,6 +4009,17 @@ index b7b1532bb..5b8279841 100644
  # remediation = none
  # variables = var_accounts_passwords_pam_faillock_unlock_time=600
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh
+index e271e2689..d04463db4 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ {{%- if product in ["rhel7"] %}}
+ # packages = authconfig
+ {{%- else %}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
 index a57645eb1..a7e7b8e9c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
@@ -7349,231 +4032,123 @@ index a57645eb1..a7e7b8e9c 100644
  # variables = var_accounts_passwords_pam_faillock_unlock_time=600
  
  authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/rule.yml b/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/rule.yml
-index 48798893e..b0ff2ee76 100644
---- a/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,ubuntu2004
-+prodtype: rhel7,rhel8,almalinux8,rhel9,ubuntu2004
- 
- title: 'Install pam_pwquality Package'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
-index e67cd8835..5f41b7545 100644
+index 2a2f7076e..d88b55261 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
-+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,ubuntu2204
- 
- title: 'Ensure PAM Enforces Password Requirements - Minimum Digit Characters'
- 
-@@ -54,7 +54,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-010140
      stigid@ol8: OL08-00-020130
      stigid@rhel7: RHEL-07-010140
 -    stigid@rhel8: RHEL-08-020130
 +    stigid@almalinux8: RHEL-08-020130
+     stigid@rhel9: RHEL-09-611070
      stigid@ubuntu2004: UBTU-20-010052
  
- ocil_clause: 'the value of "dcredit" is a positive number or is commented out'
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
-index d41ca6c26..e8fd633f2 100644
+index 6f3644a50..ec6a61a97 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004
- 
- title: 'Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      nist: IA-5(c),IA-5(1)(a),CM-6(a),IA-5(4)
      srg: SRG-OS-000480-GPOS-00225
      stigid@ol8: OL08-00-020300
 -    stigid@rhel8: RHEL-08-020300
 +    stigid@almalinux8: RHEL-08-020300
+     stigid@rhel9: RHEL-09-611105
      stigid@ubuntu2004: UBTU-20-010056
  
- ocil_clause: '"dictcheck" does not have a value other than "0", or is commented out'
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
-index e7fdf2e8b..6213aef70 100644
+index b624c85ee..235d97c97 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004
- 
- title: 'Ensure PAM Enforces Password Requirements - Minimum Different Characters'
- 
-@@ -48,7 +48,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-010160
      stigid@ol8: OL08-00-020170
      stigid@rhel7: RHEL-07-010160
 -    stigid@rhel8: RHEL-08-020170
 +    stigid@almalinux8: RHEL-08-020170
+     stigid@rhel9: RHEL-09-611115
      stigid@ubuntu2004: UBTU-20-010053
  
- ocil_clause: 'the value of "difok" is set to less than "{{{ xccdf_value("var_password_pam_difok") }}}", or is commented out'
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_local/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_local/rule.yml
-index d94ecedae..24f256189 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_local/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_local/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Ensure PAM Enforces Password Requirements - Enforce for Local Accounts Only'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml
-index 198475c87..9d6850d6e 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol9,rhel8,rhel9
-+prodtype: fedora,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Ensure PAM Enforces Password Requirements - Enforce for root User'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
-index 5799a7b12..50614b26e 100644
+index 97155923c..03a247a3e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
-+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,ubuntu2204
- 
- title: 'Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters'
- 
-@@ -54,7 +54,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-010130
      stigid@ol8: OL08-00-020120
      stigid@rhel7: RHEL-07-010130
 -    stigid@rhel8: RHEL-08-020120
 +    stigid@almalinux8: RHEL-08-020120
+     stigid@rhel9: RHEL-09-611065
      stigid@ubuntu2004: UBTU-20-010051
  
- ocil_clause: 'the value of "lcredit" is a positive number or is commented out'
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
-index 5f812e16f..9a0aa8e56 100644
+index 12a53da33..7b5e527a3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Ensure PAM Enforces Password Requirements - Maximum Consecutive Repeating Characters from Same Character Class'
- 
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      stigid@ol7: OL07-00-010190
      stigid@ol8: OL08-00-020140
      stigid@rhel7: RHEL-07-010190
 -    stigid@rhel8: RHEL-08-020140
 +    stigid@almalinux8: RHEL-08-020140
+     stigid@rhel9: RHEL-09-611120
  
  ocil_clause: the value of "maxclassrepeat" is set to "0", more than "{{{ xccdf_value("var_password_pam_maxclassrepeat") }}}" or is commented out
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
-index 8984b63d9..a9ab2459f 100644
+index 3a9a9b66f..d4318c674 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Set Password Maximum Consecutive Repeating Characters'
- 
-@@ -42,7 +42,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      stigid@ol7: OL07-00-010180
      stigid@ol8: OL08-00-020150
      stigid@rhel7: RHEL-07-010180
 -    stigid@rhel8: RHEL-08-020150
 +    stigid@almalinux8: RHEL-08-020150
+     stigid@rhel9: RHEL-09-611125
  
  ocil_clause: the value of "maxrepeat" is set to more than "{{{ xccdf_value("var_password_pam_maxrepeat") }}}" or is commented out
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
-index 64f091504..f81702ede 100644
+index 5865b5d32..0fc0ceeb9 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,ubuntu2204
- 
- title: 'Ensure PAM Enforces Password Requirements - Minimum Different Categories'
- 
-@@ -63,7 +63,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-010170
      stigid@ol8: OL08-00-020160
      stigid@rhel7: RHEL-07-010170
 -    stigid@rhel8: RHEL-08-020160
 +    stigid@almalinux8: RHEL-08-020160
+     stigid@rhel9: RHEL-09-611130
  
  ocil_clause: the value of "minclass" is set to less than "{{{ xccdf_value("var_password_pam_minclass") }}}" or is commented out
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
-index f75a68077..dfeee97e9 100644
+index a47d1052d..6e15f685c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,ubuntu2204
- 
- title: 'Ensure PAM Enforces Password Requirements - Minimum Length'
- 
-@@ -58,7 +58,7 @@ references:
+@@ -55,7 +55,7 @@ references:
      stigid@ol7: OL07-00-010280
      stigid@ol8: OL08-00-020230
      stigid@rhel7: RHEL-07-010280
 -    stigid@rhel8: RHEL-08-020230
 +    stigid@almalinux8: RHEL-08-020230
+     stigid@rhel9: RHEL-09-611090
      stigid@ubuntu2004: UBTU-20-010054
  
- ocil_clause: 'the command does not return a "minlen" value of "{{{ xccdf_value("var_password_pam_minlen") }}}" or greater, does not return a line, or the line is commented out'
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
-index 632aa24dc..f16e84c19 100644
+index 4ec95bbc0..cc6092638 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
-+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,ubuntu2204
- 
- title: 'Ensure PAM Enforces Password Requirements - Minimum Special Characters'
- 
-@@ -54,7 +54,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-010150
      stigid@ol8: OL08-00-020280
      stigid@rhel7: RHEL-07-010150
 -    stigid@rhel8: RHEL-08-020280
 +    stigid@almalinux8: RHEL-08-020280
+     stigid@rhel9: RHEL-09-611100
      stigid@ubuntu2004: UBTU-20-010055
  
- ocil_clause: 'value of "ocredit" is a positive number or is commented out'
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
 index 06f7962fd..dc6eea20d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
@@ -7594,26 +4169,18 @@ index a55859203..377efc82e 100644
  
  {{{ bash_ensure_pam_module_configuration('/etc/pam.d/password-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
-index 24b8bb7b8..0bf696460 100644
+index 90a06a460..1b556d644 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Ensure PAM password complexity module is enabled in password-auth'
- 
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      disa: CCI-000366
      srg: SRG-OS-000069-GPOS-00037,SRG-OS-000070-GPOS-00038,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020100
 -    stigid@rhel8: RHEL-08-020100
 +    stigid@almalinux8: RHEL-08-020100
+     stigid@rhel9: RHEL-09-611040
  
  ocil_clause: 'pam_pwquality.so is not enabled in password-auth'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
 index 81d2955d3..8c9b1d1f2 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
@@ -7694,26 +4261,18 @@ index 4ea10f4c4..6c1de4e4c 100644
  
  {{{ bash_ensure_pam_module_configuration('/etc/pam.d/system-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
-index 7d123e736..75f849dea 100644
+index c7c408229..f3a817cd9 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Ensure PAM password complexity module is enabled in system-auth'
- 
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      disa: CCI-000366
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020101
 -    stigid@rhel8: RHEL-08-020101
 +    stigid@almalinux8: RHEL-08-020101
+     stigid@rhel9: RHEL-09-611045
  
  ocil_clause: 'pam_pwquality.so is not enabled in system-auth'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
 index f68622be4..c8e13631a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
@@ -7785,26 +4344,18 @@ index 36e9a27b9..fe1b603ab 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
-index 73f5ec7a6..ac48e4549 100644
+index de894c403..0764b83d1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure PAM Enforces Password Requirements - Authentication Retry Prompts Permitted Per-Session'
- 
-@@ -55,7 +55,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-010119
-     stigid@ol8: OL08-00-020104
+     stigid@ol8: OL08-00-020102,OL08-00-020103,OL08-00-020104
      stigid@rhel7: RHEL-07-010119
 -    stigid@rhel8: RHEL-08-020104
 +    stigid@almalinux8: RHEL-08-020104
+     stigid@rhel9: RHEL-09-611010
      stigid@ubuntu2004: UBTU-20-010057
  
- ocil_clause: 'the value of "retry" is set to "0" or greater than "{{{ xccdf_value("var_password_pam_retry") }}}", or is missing'
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
 index 03723cd8c..1df4f1d61 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
@@ -7877,26 +4428,18 @@ index ea2eb57fe..033bbbceb 100644
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
-index 6c631ea37..8ea3fafd0 100644
+index 2fe0e6975..d331f0ead 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
-+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,ubuntu2204
- 
- title: 'Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters'
- 
-@@ -51,7 +51,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-010120
      stigid@ol8: OL08-00-020110
      stigid@rhel7: RHEL-07-010120
 -    stigid@rhel8: RHEL-08-020110
 +    stigid@almalinux8: RHEL-08-020110
+     stigid@rhel9: RHEL-09-611110
      stigid@ubuntu2004: UBTU-20-010050
  
- ocil_clause: 'the value of "ucredit" is a positive number or is commented out'
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
 index b3e32aa31..547d137b1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
@@ -7917,18 +4460,6 @@ index 115273566..bd94d707c 100644
  
  LIBUSER_CONF="/etc/libuser.conf"
  CRYPT_STYLE_REGEX='[[:space:]]*\[defaults](.*(\n)+)+?[[:space:]]*crypt_style[[:space:]]*'
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
-index cadfa1905..54a8226af 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Set Password Hashing Algorithm in /etc/libuser.conf'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
 index 8dedf993c..51c76b11a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
@@ -7940,7 +4471,7 @@ index 8dedf993c..51c76b11a 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh
-index dcb9dd0af..98d2bbec9 100644
+index 2712118e5..d4ec2c50c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -7948,28 +4479,20 @@ index dcb9dd0af..98d2bbec9 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_password_hashing_algorithm") }}}
- 
+ {{{ bash_replace_or_append('/etc/login.defs', '^ENCRYPT_METHOD', "$var_password_hashing_algorithm", '%s %s') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
-index e58180a1b..4a49aac63 100644
+index e1b055c2d..fbcbb14bb 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Set Password Hashing Algorithm in /etc/login.defs'
- 
-@@ -51,7 +51,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      stigid@ol7: OL07-00-010210
      stigid@ol8: OL08-00-010110
      stigid@rhel7: RHEL-07-010210
 -    stigid@rhel8: RHEL-08-010110
 +    stigid@almalinux8: RHEL-08-010110
+     stigid@rhel9: RHEL-09-611140
      stigid@sle12: SLES-12-010210
      stigid@sle15: SLES-15-010260
-     stigid@ubuntu2004: UBTU-20-010404
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
 index 31c14211e..be9f04642 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
@@ -7990,26 +4513,18 @@ index 55f43ef98..2b993b52b 100644
  
  {{{ bash_ensure_pam_module_configuration('/etc/pam.d/password-auth', 'password', 'sufficient', 'pam_unix.so', 'sha512', '', '') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
-index 8d7b14d4e..4e5691989 100644
+index cbaf2717b..ad1f92b4f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: "Set PAM''s Password Hashing Algorithm - password-auth"
- 
-@@ -62,7 +62,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      stigid@ol7: OL07-00-010200
      stigid@ol8: OL08-00-010160
      stigid@rhel7: RHEL-07-010200
 -    stigid@rhel8: RHEL-08-010160
 +    stigid@almalinux8: RHEL-08-010160
+     stigid@rhel9: RHEL-09-671025
  
  ocil_clause: 'it does not'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
 index 17a57e1e1..69875871e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
@@ -8059,18 +4574,10 @@ index f72c7bde2..096a6a6a1 100644
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
-index 7a6a7f403..6baeb9bad 100644
+index 484a256ac..c91a3e72a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: "Set PAM''s Password Hashing Algorithm"
- 
-@@ -75,7 +75,7 @@ references:
+@@ -72,7 +72,7 @@ references:
      stigid@ol7: OL07-00-010200
      stigid@ol8: OL08-00-010159
      stigid@rhel7: RHEL-07-010200
@@ -8128,26 +4635,18 @@ index d4b163f24..521579a20 100644
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
-index 9a490a8be..628b7b75c 100644
+index 2fc9a1715..8f46a5ffd 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9,sle12,sle15
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Set Password Hashing Rounds in /etc/login.defs'
- 
-@@ -36,7 +36,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      nist@sle12: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1
      srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010130
 -    stigid@rhel8: RHEL-08-010130
 +    stigid@almalinux8: RHEL-08-010130
+     stigid@rhel9: RHEL-09-611150
      stigid@sle12: SLES-12-010240
      stigid@sle15: SLES-15-020190
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
 index 3045574e5..7ce6bb466 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
@@ -8160,26 +4659,18 @@ index 3045574e5..7ce6bb466 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
-index 9c18a0c26..69674f26d 100644
+index e5b165ba3..7a3f082b9 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
-+prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Ctrl-Alt-Del Burst Action'
- 
-@@ -72,7 +72,7 @@ references:
+@@ -71,7 +71,7 @@ references:
      ospp: FAU_GEN.1.2
      srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040172
 -    stigid@rhel8: RHEL-08-040172
 +    stigid@almalinux8: RHEL-08-040172
+     stigid@rhel9: RHEL-09-211045
      stigid@sle15: SLES-15-040062
      stigid@ubuntu2004: UBTU-20-010460
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
 index 517c83c6e..041e9a29c 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
@@ -8192,26 +4683,18 @@ index 517c83c6e..041e9a29c 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
-index cdb3cbf45..a2b66440a 100644
+index 19920708b..bff43f513 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Ctrl-Alt-Del Reboot Activation'
- 
-@@ -77,7 +77,7 @@ references:
+@@ -76,7 +76,7 @@ references:
      stigid@ol7: OL07-00-020230
      stigid@ol8: OL08-00-040170
      stigid@rhel7: RHEL-07-020230
 -    stigid@rhel8: RHEL-08-040170
 +    stigid@almalinux8: RHEL-08-040170
+     stigid@rhel9: RHEL-09-211050
      stigid@sle12: SLES-12-010610
      stigid@sle15: SLES-15-040060
-     stigid@ubuntu2004: UBTU-20-010460
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
 index df962ec25..fd5529e69 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
@@ -8233,39 +4716,19 @@ index faf4c11dc..ddbab8acb 100644
 +# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
  
  systemctl unmask ctrl-alt-del.target
-diff --git a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
-index cf5da2ae1..329a994f2 100644
---- a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Verify that Interactive Boot is Disabled'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
-index 00e31fc21..0e6c55b91 100644
+index adfa0871c..3af531ad1 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8,rhel9
-+prodtype: rhel8,almalinux8,rhel9
- 
- title: "Configure Logind to terminate idle sessions after certain time of inactivity"
- 
-@@ -40,7 +40,7 @@ references:
-     ospp: FMT_SMF_EXT.1.1
+@@ -41,7 +41,7 @@ references:
      pcidss: Req-8.1.8
      srg: SRG-OS-000163-GPOS-00072
+     stigid@ol8: OL08-00-020035
 -    stigid@rhel8: RHEL-08-020035
 +    stigid@almalinux8: RHEL-08-020035
+     stigid@rhel9: RHEL-09-412080
  
  ocil_clause: "the option is not configured"
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml
 index a3490a60d..b0c3f31d6 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml
@@ -8293,7 +4756,7 @@ index 2a65ef992..319be43db 100644
  {{%- else -%}}
  sulogin='/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"'
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml
-index fadfa300c..a045dbf33 100644
+index 90ef51b2a..cf288e66b 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml
 @@ -24,7 +24,7 @@
@@ -8309,33 +4772,25 @@ index fadfa300c..a045dbf33 100644
    </ind:textfilecontent54_test>
    <ind:textfilecontent54_object id="obj_require_emergency_service" version="1">
      <ind:filepath>/usr/lib/systemd/system/emergency.service</ind:filepath>
--    {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
-+    {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
+-    {{%- if product in ["fedora", "ol8", "ol9", "openeuler2203", "rhel8", "rhel9", "sle12", "sle15"] -%}}
++    {{%- if product in ["fedora", "ol8", "ol9", "openeuler2203", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
      <ind:pattern operation="pattern match">^ExecStart=\-/usr/lib/systemd/systemd-sulogin-shell[\s]+emergency</ind:pattern>
      {{%- else -%}}
      <ind:pattern operation="pattern match">^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\"</ind:pattern>
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
-index 534b5a093..40d5e8e5e 100644
+index dfeba9cd9..d7752da13 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Require Authentication for Emergency Systemd Target'
- 
-@@ -48,7 +48,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010481
      stigid@ol8: OL08-00-010152
 -    stigid@rhel8: RHEL-08-010152
 +    stigid@almalinux8: RHEL-08-010152
+     stigid@rhel9: RHEL-09-611195
  
  ocil_clause: 'the output is different'
- 
-@@ -56,7 +56,7 @@ ocil: |-
+@@ -53,7 +53,7 @@ ocil: |-
      To check if authentication is required for emergency mode, run the following command:
      <pre>$ grep sulogin /usr/lib/systemd/system/emergency.service</pre>
      The output should be similar to the following, and the line must begin with
@@ -8344,12 +4799,12 @@ index 534b5a093..40d5e8e5e 100644
          ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
          <pre>ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency</pre>
      {{%- else -%}}
-@@ -84,7 +84,7 @@ fixtext: |-
+@@ -81,7 +81,7 @@ fixtext: |-
      Configure {{{ full_name }}} to require authentication for system emergency mode.
  
      Add or edit the following line in "/usr/lib/systemd/system/emergency.service":
--    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
-+    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
+-    {{% if product in ["fedora", "ol8", "ol9", "openeuler2203", "rhel8", "rhel9", "sle12", "sle15"] -%}}
++    {{% if product in ["fedora", "ol8", "ol9", "openeuler2203", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
      ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency
      {{%- else -%}}
      ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"
@@ -8424,27 +4879,19 @@ index 62fd1a76a..bb8a6b6a7 100644
      {{%- else -%}}
      <ind:pattern operation="pattern match">^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\"</ind:pattern>
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
-index bd617f3e8..b3000e97c 100644
+index b02795a25..88e89d60e 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Require Authentication for Single User Mode'
- 
-@@ -51,7 +51,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      stigid@ol7: OL07-00-010481
      stigid@ol8: OL08-00-010151
      stigid@rhel7: RHEL-07-010481
 -    stigid@rhel8: RHEL-08-010151
 +    stigid@almalinux8: RHEL-08-010151
+     stigid@rhel9: RHEL-09-611200
  
  ocil_clause: 'the output is different'
- 
-@@ -60,7 +60,7 @@ ocil: |-
+@@ -57,7 +57,7 @@ ocil: |-
      To check if authentication is required for single-user mode, run the following command:
      <pre>$ grep sulogin /usr/lib/systemd/system/rescue.service</pre>
      The output should be similar to the following, and the line must begin with
@@ -8453,7 +4900,7 @@ index bd617f3e8..b3000e97c 100644
          ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
          <pre>ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue</pre>
      {{%- elif product in ["rhel7"] -%}}
-@@ -93,7 +93,7 @@ fixtext: |-
+@@ -90,7 +90,7 @@ fixtext: |-
      Configure {{{ full_name }}} to require authentication in single user mode.
  
      Add or update the following line in "/usr/lib/systemd/system/rescue.service":
@@ -8485,7 +4932,7 @@ index 63b9b08b5..15abe6cec 100644
  service_file="/usr/lib/systemd/system/rescue.service"
  sulogin="/bin/bash"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
-index 8a64b5ea8..1e81d2e92 100644
+index 5c6dd41e1..c0ce5f53a 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -8494,20 +4941,8 @@ index 8a64b5ea8..1e81d2e92 100644
  # reboot = false
  # strategy = configure
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml
-index 2b2bf8871..e98278c83 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Support session locking with tmux'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
-index f33344719..09c69b4e5 100644
+index f47326940..42d591752 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -8517,18 +4952,10 @@ index f33344719..09c69b4e5 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml
-index e2eae90a4..1d413daa1 100644
+index 0afa3d155..39eaf19f9 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,rhel8
-+prodtype: ol8,rhel8,almalinux8
- 
- title: 'Support session locking with tmux (not enforcing)'
- 
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      disa: CCI-000056,CCI-000058
      srg: SRG-OS-000031-GPOS-00012,SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol8: OL08-00-020041
@@ -8548,47 +4975,31 @@ index dc63eb653..dc6931307 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
-index de8fab7e5..34f6d943d 100644
+index 7dc00349c..8c7766803 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure tmux to lock session after inactivity'
- 
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1
      srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
      stigid@ol8: OL08-00-020070
 -    stigid@rhel8: RHEL-08-020070
 +    stigid@almalinux8: RHEL-08-020070
+     stigid@rhel9: RHEL-09-412025
  
- ocil_clause: '"lock-after-time" is not set to "900" or less in the global tmux configuration file to enforce session lock after inactivity'
- 
+ platform: package[tmux]
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
-index 80856b34d..dd4ec7bdd 100644
+index ca1def0cd..753e7f7ff 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure the tmux Lock Command'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1
      srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol8: OL08-00-020040
 -    stigid@rhel8: RHEL-08-020040
 +    stigid@almalinux8: RHEL-08-020040
+     stigid@rhel9: RHEL-09-412020
  
- ocil_clause: 'the "lock-command" is not set in the global settings to call "vlock"'
- 
+ platform: package[tmux]
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh
 index ddfb97fa4..5213cdee6 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh
@@ -8642,26 +5053,18 @@ index acd297d55..d8dc1cd00 100644
  
  echo 'set -g lock-command locker' >> '/etc/tmux.conf'
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/rule.yml
-index 584d57810..34e0511a3 100644
+index 60f91e405..7e62e1c3b 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,rhel8
-+prodtype: fedora,ol8,rhel8,almalinux8
- 
- title: 'Configure the tmux lock session key binding'
- 
-@@ -26,7 +26,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      disa: CCI-000056
      srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol8: OL08-00-020040
 -    stigid@rhel8: RHEL-08-020040
 +    stigid@almalinux8: RHEL-08-020040
+     stigid@rhel9: RHEL-09-412020
  
- ocil_clause: 'the "lock-session" is not bound to a specific key'
- 
+ platform: package[tmux]
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh
 index 9977bec01..501e4bd18 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh
@@ -8727,59 +5130,31 @@ index 6b2d6cd5e..c20712c9f 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
-index ec8fee18b..e742b5ab1 100644
+index 7273c0e03..c34853fd9 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Prevent user from disabling the screen lock'
- 
-@@ -26,7 +26,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1
      srg: SRG-OS-000324-GPOS-00125,SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol8: OL08-00-020042
 -    stigid@rhel8: RHEL-08-020042
 +    stigid@almalinux8: RHEL-08-020042
+     stigid@rhel9: RHEL-09-412030
  
  ocil_clause: 'tmux is listed in /etc/shells'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
-index 14207a44c..241e41b2e 100644
+index db6774627..2ad46e676 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Install the tmux Package'
- 
-@@ -43,7 +43,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1
      srg: SRG-OS-000030-GPOS-00011,SRG-OS-000028-GPOS-00009
      stigid@ol8: OL08-00-020039
 -    stigid@rhel8: RHEL-08-020039
 +    stigid@almalinux8: RHEL-08-020039
+     stigid@rhel9: RHEL-09-412010
  
  ocil_clause: 'the package is not installed'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
-index a1e6ae87e..c3124e675 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Configure opensc Smart Card Drivers'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
 index f79727a03..49f74f418 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
@@ -8790,85 +5165,32 @@ index f79727a03..49f74f418 100644
  # reboot = false
  # strategy = configure
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml
-index 27d1884f2..155937b47 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Force opensc To Use Defined Smart Card Driver'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
-index a75f509a3..247ff649e 100644
+index 036d0faf9..9f5cf165f 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
-@@ -12,7 +12,7 @@
- 
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
- 
- title: 'Install Smart Card Packages For Multifactor Authentication'
- 
-@@ -55,7 +55,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-041001
      stigid@ol8: OL08-00-010390
      stigid@rhel7: RHEL-07-041001
 -    stigid@rhel8: RHEL-08-010390
 +    stigid@almalinux8: RHEL-08-010390
+     stigid@rhel9: RHEL-09-215075
      stigid@sle12: SLES-12-030500
      stigid@sle15: SLES-15-010460
-     stigid@ubuntu2004: UBTU-20-010063
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
-index 56570f5c6..c4038f71d 100644
+index 4da85dda7..76ae6bcad 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004
- 
- title: 'Install the opensc Package For Multifactor Authentication'
- 
-@@ -36,7 +36,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      nist: CM-6(a)
      srg: SRG-OS-000375-GPOS-00160,SRG-OS-000376-GPOS-00161
      stigid@ol8: OL08-00-010410
 -    stigid@rhel8: RHEL-08-010410
 +    stigid@almalinux8: RHEL-08-010410
+     stigid@rhel9: RHEL-09-611185
      stigid@ubuntu2004: UBTU-20-010064
  
- ocil_clause: 'the package is not installed'
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml
-index f3b1ef07a..3b0c7465a 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Install the pcsc-lite package'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
-index dcad70a82..fae91fb8a 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Enable the pcscd Service'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
 index 18231e23a..c986f5c73 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
@@ -8934,26 +5256,18 @@ index ff493491e..082c8e61a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
-index aad6ad4b6..4000aa983 100644
+index b2121a966..ae703a302 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Disable debug-shell SystemD Service'
- 
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      ospp: FIA_UAU.1
      srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040180
 -    stigid@rhel8: RHEL-08-040180
 +    stigid@almalinux8: RHEL-08-040180
+     stigid@rhel9: RHEL-09-211055
  
  ocil_clause: |-
-     {{{ ocil_clause_service_disabled(service="debug-shell") }}}
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
 index 74598bc7e..680caf4ba 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
@@ -8975,110 +5289,57 @@ index f299285d4..52e841b61 100644
  {{{ bash_instantiate_variables("var_account_disable_post_pw_expiration") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
-index da2a2d367..09d8ca9ba 100644
+index 36992fe58..03e043c29 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Set Account Expiration Following Inactivity'
- 
-@@ -59,7 +59,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-010310
      stigid@ol8: OL08-00-020260
      stigid@rhel7: RHEL-07-010310
 -    stigid@rhel8: RHEL-08-020260
 +    stigid@almalinux8: RHEL-08-020260
+     stigid@rhel9: RHEL-09-411050
      stigid@sle12: SLES-12-010340
      stigid@sle15: SLES-15-020050
-     stigid@ubuntu2004: UBTU-20-010409
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml
-index 826119eaf..77ac5cde1 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Assign Expiration Date to Emergency Accounts'
- 
-@@ -44,7 +44,7 @@ references:
-     srg: SRG-OS-000123-GPOS-00064,SRG-OS-000002-GPOS-00002
-     stigid@ol8: OL08-00-020270
-     stigid@rhel7: RHEL-07-010271
--    stigid@rhel8: RHEL-08-020270
-+    stigid@almalinux8: RHEL-08-020270
- 
- ocil_clause: 'any emergency accounts have no expiration date set or do not expire within 72 hours'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
-index 90045204c..9cd11dff4 100644
+index 8391e5031..ea01f09d5 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
- 
- title: 'Assign Expiration Date to Temporary Accounts'
- 
-@@ -46,7 +46,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      stigid@ol7: OL07-00-010271
      stigid@ol8: OL08-00-020000
      stigid@rhel7: RHEL-07-010271
--    stigid@rhel8: RHEL-08-020000
-+    stigid@almalinux8: RHEL-08-020000
+-    stigid@rhel8: RHEL-08-020000,RHEL-08-020270
++    stigid@almalinux8: RHEL-08-020000,RHEL-08-020270
+     stigid@rhel9: RHEL-09-411040
      stigid@sle12: SLES-12-010360
      stigid@sle15: SLES-15-020000
-     stigid@ubuntu2004: UBTU-20-010000
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
-index 487bfd63a..695575edb 100644
+index 4d205d4d1..d5bd37e52 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure All Accounts on the System Have Unique User IDs'
- 
-@@ -33,7 +33,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      pcidss4: "8.2.1"
      srg: SRG-OS-000104-GPOS-00051,SRG-OS-000121-GPOS-00062,SRG-OS-000042-GPOS-00020
      stigid@ol8: OL08-00-020240
 -    stigid@rhel8: RHEL-08-020240
 +    stigid@almalinux8: RHEL-08-020240
+     stigid@rhel9: RHEL-09-411030
      stigid@sle12: SLES-12-010640
      stigid@sle15: SLES-15-010230
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
-index 9bb4ecb9f..4d6b39961 100644
+index 6961aae77..21c51a849 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Only Authorized Local User Accounts Exist on Operating System'
- 
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      stigid@ol7: OL07-00-020270
      stigid@ol8: OL08-00-020320
      stigid@rhel7: RHEL-07-020270
 -    stigid@rhel8: RHEL-08-020320
 +    stigid@almalinux8: RHEL-08-020320
+     stigid@rhel9: RHEL-09-411095
      stigid@sle12: SLES-12-010630
      stigid@sle15: SLES-15-020090
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
 index aa147fdce..bb8288f5b 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
@@ -9090,53 +5351,29 @@ index aa147fdce..bb8288f5b 100644
  # variables = var_accounts_authorized_local_users_regex=^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$
  
  var_accounts_authorized_local_users_regex="^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$"
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
-index 1ba8ed152..c46b2b3ab 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure All Groups on the System Have Unique Group ID'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml
-index 48fbb771f..59b777df1 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure All Groups on the System Have Unique Group Names'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
-index bed135a4d..1df8f3a2c 100644
+index 1e571bcbf..7901ceae0 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
-index c9eacf55c..4a18589d1 100644
+index 44c8e8b7f..d853a69a8 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
-@@ -60,7 +60,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-010250
      stigid@ol8: OL08-00-020200
      stigid@rhel7: RHEL-07-010250
 -    stigid@rhel8: RHEL-08-020200
 +    stigid@almalinux8: RHEL-08-020200
+     stigid@rhel9: RHEL-09-411010
      stigid@sle12: SLES-12-010280
      stigid@sle15: SLES-15-020220
-     stigid@ubuntu2004: UBTU-20-010008
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
 index 0c81c0ee5..29f31c654 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
@@ -9148,18 +5385,18 @@ index 0c81c0ee5..29f31c654 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
-index 541ad9eef..0ed9d1cea 100644
+index 82a14340f..77049983f 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
-@@ -58,7 +58,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      stigid@ol7: OL07-00-010230
      stigid@ol8: OL08-00-020190
      stigid@rhel7: RHEL-07-010230
 -    stigid@rhel8: RHEL-08-020190
 +    stigid@almalinux8: RHEL-08-020190
+     stigid@rhel9: RHEL-09-611075
      stigid@sle12: SLES-12-010260
      stigid@sle15: SLES-15-020200
-     stigid@ubuntu2004: UBTU-20-010007
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
 index b04d7cdb8..0d5a5831e 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
@@ -9171,7 +5408,7 @@ index b04d7cdb8..0d5a5831e 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
-index 23710faba..7f1f5642d 100644
+index dcc5de3f1..268aafbab 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -9179,9 +5416,9 @@ index 23710faba..7f1f5642d 100644
 +# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  
  {{{ bash_instantiate_variables("var_accounts_password_minlen_login_defs") }}}
- 
+ {{{ bash_replace_or_append('/etc/login.defs', '^PASS_MIN_LEN', "$var_accounts_password_minlen_login_defs", '%s %s') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
-index d0365266a..297ddb411 100644
+index 37a247f30..d7fc1f363 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
 @@ -47,7 +47,7 @@ references:
@@ -9190,9 +5427,9 @@ index d0365266a..297ddb411 100644
      stigid@ol8: OL08-00-020231
 -    stigid@rhel8: RHEL-08-020231
 +    stigid@almalinux8: RHEL-08-020231
+     stigid@rhel9: RHEL-09-611095
  
  ocil_clause: 'it is not set to the required value'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh
 index cb388dd9b..58223531f 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh
@@ -9277,59 +5514,31 @@ index 8ff7cba19..14ece5d17 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
-index d56b4e8c0..80f916e3e 100644
+index e12e98e94..3869754ce 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Set Existing Passwords Maximum Age'
- 
-@@ -41,7 +41,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      stigid@ol7: OL07-00-010260
      stigid@ol8: OL08-00-020210
      stigid@rhel7: RHEL-07-010260
 -    stigid@rhel8: RHEL-08-020210
 +    stigid@almalinux8: RHEL-08-020210
+     stigid@rhel9: RHEL-09-411015
      stigid@sle12: SLES-12-010290
      stigid@sle15: SLES-15-020230
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
-index 5e1fe03a2..95daefc79 100644
+index 32bb06866..6e9730a10 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Set Existing Passwords Minimum Age'
- 
-@@ -42,7 +42,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      stigid@ol7: OL07-00-010240
      stigid@ol8: OL08-00-020180
      stigid@rhel7: RHEL-07-010240
 -    stigid@rhel8: RHEL-08-020180
 +    stigid@almalinux8: RHEL-08-020180
+     stigid@rhel9: RHEL-09-611080
      stigid@sle12: SLES-12-010270
      stigid@sle15: SLES-15-020210
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_warn_age_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_warn_age_existing/rule.yml
-index d99bded94..a8e00b7f8 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_warn_age_existing/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_warn_age_existing/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: "Set Existing Passwords Warning Age"
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
 index 4994ff315..e8469b8e9 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
@@ -9340,39 +5549,19 @@ index 4994ff315..e8469b8e9 100644
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_set_post_pw_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_set_post_pw_existing/rule.yml
-index f0bf9d696..44e1218e2 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_set_post_pw_existing/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_set_post_pw_existing/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Set existing passwords a period of inactivity before they been locked'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
-index 25ec7a969..a67ca158a 100644
+index de8560f12..7c5b932c6 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
- 
- title: 'Verify All Account Password Hashes are Shadowed with SHA512'
- 
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      nist: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1
      srg:  SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010120
 -    stigid@rhel8: RHEL-08-010120
 +    stigid@almalinux8: RHEL-08-010120
+     stigid@rhel9: RHEL-09-671015
      stigid@sle12: SLES-12-010220
      stigid@sle15: SLES-15-020180
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
 index 82110016d..2a73ed386 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
@@ -9393,18 +5582,6 @@ index a40010714..d244fc548 100644
  
  {{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
  
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml
-index f29320755..3c472496e 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Set number of Password Hashing Rounds - password-auth'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
 index 3e24ba16a..f3030f2af 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
@@ -9485,18 +5662,6 @@ index 8316e495a..bf8a4c240 100644
  
  {{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
  
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml
-index c2c92fd71..61412cbf5 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Set number of Password Hashing Rounds - system-auth'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
 index 3da866412..de98db38a 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
@@ -9558,22 +5723,22 @@ index 244799045..be78a8508 100644
  
  ROUNDS=4000
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
-index feb5366ed..f94a8b0c3 100644
+index 26f00c7de..c9494b5fc 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
-index e85580dc5..130911186 100644
+index a59d563d7..331a34b2c 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  # reboot = false
  # strategy = configure
  # complexity = low
@@ -9589,18 +5754,18 @@ index ad3133b1f..eac1b843a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
-index d00d78454..a0f7fbc46 100644
+index 33f9a8298..c4dbe8bd3 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
-@@ -55,7 +55,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-010290
-     stigid@ol8: OL08-00-020331
+     stigid@ol8: OL08-00-020331,OL08-00-020332
      stigid@rhel7: RHEL-07-010290
--    stigid@rhel8: RHEL-08-020331
-+    stigid@almalinux8: RHEL-08-020331
+-    stigid@rhel8: RHEL-08-020331,RHEL-08-020332
++    stigid@almalinux8: RHEL-08-020331,RHEL-08-020332
+     stigid@rhel9: RHEL-09-611025
      stigid@sle12: SLES-12-010231
      stigid@sle15: SLES-15-020300
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
 index 1dd45236b..6766ce732 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
@@ -9638,120 +5803,50 @@ index 9dc5d7677..a16c83995 100644
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml
-index fce24fc7f..f21b748aa 100644
+index d1318756d..30714ddf7 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      stigid@ol7: OL07-00-010291
      stigid@ol8: OL08-00-010121
      stigid@rhel7: RHEL-07-010291
 -    stigid@rhel8: RHEL-08-010121
 +    stigid@almalinux8: RHEL-08-010121
+     stigid@rhel9: RHEL-09-611155
      stigid@sle12: SLES-12-010221
      stigid@sle15: SLES-15-020181
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml
-index c101f11ca..fd58885bf 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: alinux2,alinux3,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
- 
- title: 'Verify No .forward Files Exist'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/ansible/shared.yml
-index acf0496e1..7f1fb69db 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,Red Hat OpenShift Container Platform 4,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4
-+# platform = multi_platform_fedora,Red Hat OpenShift Container Platform 4,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/rule.yml
-index 7241e77ea..2e0273014 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Ensure there are no legacy + NIS entries in /etc/group'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/ansible/shared.yml
-index 5baef2580..84ddc1e02 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,Red Hat OpenShift Container Platform 4,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4
-+# platform = multi_platform_fedora,Red Hat OpenShift Container Platform 4,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/rule.yml
-index 29c2f102c..cdc0e8904 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure there are no legacy + NIS entries in /etc/passwd'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/ansible/shared.yml
-index 301657219..aee4f5bcc 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_sle,Red Hat OpenShift Container Platform 4,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4
-+# platform = multi_platform_fedora,multi_platform_sle,Red Hat OpenShift Container Platform 4,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/rule.yml
-index 468158339..d5c485088 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure there are no legacy + NIS entries in /etc/shadow'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
-index 4d8c72582..5ef8ddbd2 100644
+index 6ef6e7166..26c9fc739 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
-@@ -57,7 +57,7 @@ references:
+@@ -55,7 +55,7 @@ references:
      stigid@ol7: OL07-00-020310
      stigid@ol8: OL08-00-040200
      stigid@rhel7: RHEL-07-020310
 -    stigid@rhel8: RHEL-08-040200
 +    stigid@almalinux8: RHEL-08-040200
+     stigid@rhel9: RHEL-09-411100
      stigid@sle12: SLES-12-010650
      stigid@sle15: SLES-15-020100
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
+index 888cc054f..2b7d571ad 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
++++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
+index 7bbfd7675..3d438fe7a 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/rule.yml
-index 04a2f562d..fdf851582 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure the Group Used by pam_wheel Module Exists on System and is Empty'
+ {{{ bash_instantiate_variables("var_pam_wheel_group_for_su") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
 index 8f87bf06e..6bed5ef5a 100644
@@ -9764,30 +5859,6 @@ index 8f87bf06e..6bed5ef5a 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_root_webbrowsing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_root_webbrowsing/rule.yml
-index b5bfababf..6742eeb2f 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_root_webbrowsing/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_root_webbrowsing/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Restrict Web Browser Use for Administrative Accounts'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
-index 6a819ccd5..4648a00cb 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure that System Accounts Do Not Run a Shell Upon Login'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
 index 5f9c92aac..119219eb0 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
@@ -9798,18 +5869,6 @@ index 5f9c92aac..119219eb0 100644
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/root_path_default/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/root_path_default/rule.yml
-index 845608357..c0f76497f 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/root_path_default/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/root_path_default/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Root Path Must Be Vendor Default'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
 index 945940087..c71e3c698 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
@@ -9831,7 +5890,7 @@ index e7f5c730c..8f06c6cfa 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
-index cf672ee28..ea4326138 100644
+index bd1ba1ccb..d139fdda4 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -9839,52 +5898,40 @@ index cf672ee28..ea4326138 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
  # uncomment the option if commented
-   sed '/^[[:space:]]*#[[:space:]]*auth[[:space:]]\+required[[:space:]]\+pam_wheel\.so[[:space:]]\+use_uid$/s/^[[:space:]]*#//' -i /etc/pam.d/su
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
-index 3320b393c..0f0ac42e8 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Enforce usage of pam_wheel for su authentication'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/rule.yml
-index d425057a3..1af3dd088 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enforce Usage of pam_wheel with Group Parameter for su Authentication'
+ sed '/^[[:space:]]*#[[:space:]]*auth[[:space:]]\+required[[:space:]]\+pam_wheel\.so[[:space:]]\+use_uid$/s/^[[:space:]]*#//' -i /etc/pam.d/su
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
+index e236b1ec2..d84d7345f 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
++++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
+index d16374ffd..1ae066fd9 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ {{{ bash_instantiate_variables("var_pam_wheel_group_for_su") }}}
  
+ PAM_CONF=/etc/pam.d/su
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
-index 9a8332e38..332226bc4 100644
+index 05db805a9..e26fc1ed1 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure Home Directories are Created for New Users'
- 
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      stigid@ol7: OL07-00-020610
      stigid@ol8: OL08-00-010760
      stigid@rhel7: RHEL-07-020610
 -    stigid@rhel8: RHEL-08-010760
 +    stigid@almalinux8: RHEL-08-010760
+     stigid@rhel9: RHEL-09-411020
      stigid@sle12: SLES-12-010720
      stigid@sle15: SLES-15-020110
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
 index 53b68079e..2a6b66121 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
@@ -9906,7 +5953,7 @@ index 23e6f0dd5..6055798dd 100644
  {{{ bash_instantiate_variables("var_accounts_fail_delay") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml
-index d224b894f..9b7fe8783 100644
+index ff6e6b0e0..6b0015b41 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml
 @@ -32,7 +32,7 @@ references:
@@ -9915,9 +5962,9 @@ index d224b894f..9b7fe8783 100644
      stigid@rhel7: RHEL-07-010430
 -    stigid@rhel8: RHEL-08-020310
 +    stigid@almalinux8: RHEL-08-020310
+     stigid@rhel9: RHEL-09-412050
      stigid@sle12: SLES-12-010140
  
- ocil_clause: 'the value of "FAIL_DELAY" is not set to "{{{ xccdf_value("var_accounts_fail_delay") }}}" or greater, or the line is commented out'
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
 index 536ac2956..d1bff5ffa 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
@@ -9939,7 +5986,7 @@ index 0005b2ccb..0329d6cdf 100644
  {{{ bash_instantiate_variables("var_accounts_max_concurrent_login_sessions") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
-index 238a4c35b..b16df5c35 100644
+index 3242bb77e..f1bc3df6f 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
 @@ -39,7 +39,7 @@ references:
@@ -9948,9 +5995,9 @@ index 238a4c35b..b16df5c35 100644
      stigid@rhel7: RHEL-07-040000
 -    stigid@rhel8: RHEL-08-020024
 +    stigid@almalinux8: RHEL-08-020024
+     stigid@rhel9: RHEL-09-412040
      stigid@sle12: SLES-12-010120
      stigid@sle15: SLES-15-020020
-     stigid@ubuntu2004: UBTU-20-010400
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
 index 8f060f47d..099a8f029 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
@@ -9971,139 +6018,63 @@ index bb4f52f3a..af6adefb0 100644
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
-index e91ae0493..e70a00538 100644
---- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Set Interactive Session Timeout'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml
-index abf32c964..8739306db 100644
---- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'User Initialization Files Must Be Group-Owned By The Primary Group'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
-index e56be2792..ba1b95c3d 100644
+index bfc919f82..89b509d0c 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2204
- 
- title: 'User Initialization Files Must Not Run World-Writable Programs'
- 
-@@ -39,7 +39,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      stigid@ol7: OL07-00-020730
      stigid@ol8: OL08-00-010660
      stigid@rhel7: RHEL-07-020730
 -    stigid@rhel8: RHEL-08-010660
 +    stigid@almalinux8: RHEL-08-010660
+     stigid@rhel9: RHEL-09-411115
      stigid@sle12: SLES-12-010780
      stigid@sle15: SLES-15-040130
- 
-diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml
-index 1c1fb61fd..ba44bcb73 100644
---- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'User Initialization Files Must Be Owned By the Primary User'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
-index 56fc415f9..67c4f789f 100644
+index 3cad08ecd..055d4d27d 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure that Users Path Contains Only Local Directories'
- 
-@@ -35,7 +35,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      stigid@ol7: OL07-00-020720
      stigid@ol8: OL08-00-010690
      stigid@rhel7: RHEL-07-020720
 -    stigid@rhel8: RHEL-08-010690
 +    stigid@almalinux8: RHEL-08-010690
+     stigid@rhel9: RHEL-09-411055
      stigid@sle12: SLES-12-010770
      stigid@sle15: SLES-15-040120
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
-index b90ef5d7d..65a5d132a 100644
+index 6c4ebf5a6..014269578 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'All Interactive Users Must Have A Home Directory Defined'
- 
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010720
      stigid@rhel7: RHEL-07-020600
 -    stigid@rhel8: RHEL-08-010720
 +    stigid@almalinux8: RHEL-08-010720
+     stigid@rhel9: RHEL-09-411060
      stigid@sle12: SLES-12-010710
      stigid@sle15: SLES-15-040070
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
-index 6811bb1c2..33c103385 100644
+index 44af82586..65cde347e 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'All Interactive Users Home Directories Must Exist'
- 
-@@ -41,7 +41,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      stigid@ol7: OL07-00-020620
      stigid@ol8: OL08-00-010750
      stigid@rhel7: RHEL-07-020620
 -    stigid@rhel8: RHEL-08-010750
 +    stigid@almalinux8: RHEL-08-010750
+     stigid@rhel9: RHEL-09-411065
      stigid@sle12: SLES-12-010730
      stigid@sle15: SLES-15-040080
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
-index fe1b69129..93186c630 100644
+index db0266c42..a23e040dc 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
- 
- title: 'All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Group'
- 
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      stigid@ol7: OL07-00-020670
      stigid@ol8: OL08-00-010741
      stigid@rhel7: RHEL-07-020670
@@ -10112,31 +6083,11 @@ index fe1b69129..93186c630 100644
  
  ocil_clause: 'the group ownership is incorrect'
  
-diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml
-index 3f39a12bc..4b7467961 100644
---- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
- 
- title: 'All User Files and Directories In The Home Directory Must Have a Valid Owner'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
-index 2a5151ab3..d9fe09150 100644
+index 00eaf4d82..f4da31128 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
- 
- title: 'All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      stigid@ol7: OL07-00-020680
      stigid@ol8: OL08-00-010731
      stigid@rhel7: RHEL-07-020680
@@ -10145,93 +6096,45 @@ index 2a5151ab3..d9fe09150 100644
  
  ocil_clause: 'home directory files or folders have incorrect permissions'
  
-diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_netrc_file_permissions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_netrc_file_permissions/rule.yml
-index 68097bf11..6470f5083 100644
---- a/linux_os/guide/system/accounts/accounts-session/accounts_users_netrc_file_permissions/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_netrc_file_permissions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8,sle12,sle15
-+prodtype: rhel8,almalinux8,sle12,sle15
- 
- title: "Ensure users' .netrc Files are not group or world accessible"
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
-index 94c513327..ec885c92c 100644
+index f5207507d..b679c7346 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'All Interactive User Home Directories Must Be Group-Owned By The Primary Group'
- 
-@@ -43,7 +43,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      stigid@ol7: OL07-00-020650
      stigid@ol8: OL08-00-010740
      stigid@rhel7: RHEL-07-020650
 -    stigid@rhel8: RHEL-08-010740
 +    stigid@almalinux8: RHEL-08-010740
+     stigid@rhel9: RHEL-09-411070
      stigid@sle12: SLES-12-010750
      stigid@sle15: SLES-15-040100
- 
-diff --git a/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml
-index b36df3739..9bccda308 100644
---- a/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'All Interactive User Home Directories Must Be Owned By The Primary User'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
-index 5bfdd4a14..01e0373ac 100644
+index af9de41bb..de12600de 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure All User Initialization Files Have Mode 0740 Or Less Permissive'
- 
-@@ -29,7 +29,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      stigid@ol7: OL07-00-020710
      stigid@ol8: OL08-00-010770
      stigid@rhel7: RHEL-07-020710
 -    stigid@rhel8: RHEL-08-010770
 +    stigid@almalinux8: RHEL-08-010770
+     stigid@rhel9: RHEL-09-232045
      stigid@sle12: SLES-12-010760
      stigid@sle15: SLES-15-040110
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
-index bda4bfd36..51533aeee 100644
+index 5533ddb54..7467d0fcb 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'All Interactive User Home Directories Must Have mode 0750 Or Less Permissive'
- 
-@@ -38,7 +38,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      stigid@ol7: OL07-00-020630
      stigid@ol8: OL08-00-010730
      stigid@rhel7: RHEL-07-020630
 -    stigid@rhel8: RHEL-08-010730
 +    stigid@almalinux8: RHEL-08-010730
+     stigid@rhel9: RHEL-09-232050
      stigid@sle12: SLES-12-010740
      stigid@sle15: SLES-15-040090
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
 index 5bfb963a1..77807dbfb 100644
 --- a/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
@@ -10243,28 +6146,20 @@ index 5bfb963a1..77807dbfb 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
-index 8293b72ad..738f7edc5 100644
+index c1809dbd2..9d33dee0c 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure the Default Bash Umask is Set Correctly'
- 
-@@ -54,7 +54,7 @@ references:
-     pcidss4: "8.6.1"
+@@ -50,7 +50,7 @@ references:
+     nist-csf: PR.IP-2
      srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020353
 -    stigid@rhel8: RHEL-08-020353
 +    stigid@almalinux8: RHEL-08-020353
+     stigid@rhel9: RHEL-09-412055
  
- ocil_clause: 'the value for the "umask" parameter is not "{{{ xccdf_value("var_accounts_user_umask") }}}", or the "umask" parameter is missing or is commented out'
- 
+ platform: package[bash]
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh
-index 7fabd85e4..d52316e3b 100644
+index 5dac9eec3..e28301101 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh
 @@ -1,6 +1,6 @@
@@ -10272,9 +6167,9 @@ index 7fabd85e4..d52316e3b 100644
  # profiles = xccdf_org.ssgproject.content_profile_stig
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # packages = bash
  
  sed -i '/umask/d' /etc/bashrc
- echo "umask 077" >> /etc/bashrc
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
 index 0f681a6db..846b47fee 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
@@ -10286,26 +6181,18 @@ index 0f681a6db..846b47fee 100644
  {{{ bash_instantiate_variables("var_accounts_user_umask") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
-index 21238691a..1ee0fbb01 100644
+index 66dd2ac52..e78b416c6 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu2004
-+prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004
- 
- title: 'Ensure the Default C Shell Umask is Set Correctly'
- 
-@@ -34,7 +34,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      nist-csf: PR.IP-2
      srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020353
 -    stigid@rhel8: RHEL-08-020353
 +    stigid@almalinux8: RHEL-08-020353
+     stigid@rhel9: RHEL-09-412060
  
  ocil_clause: 'the value for the "umask" parameter is not "{{{ xccdf_value("var_accounts_user_umask") }}}", or the "umask" parameter is missing or is commented out'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh
 index 04f6247a8..bd02cb830 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh
@@ -10319,52 +6206,44 @@ index 04f6247a8..bd02cb830 100644
  sed -i '/umask/d' /etc/csh.cshrc
  echo "umask 077" >> /etc/csh.cshrc
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
-index 91b4ff56c..bbcc85260 100644
+index 5beaa22dc..e9bd5faac 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      stigid@ol7: OL07-00-020240
      stigid@ol8: OL08-00-020351
      stigid@rhel7: RHEL-07-020240
 -    stigid@rhel8: RHEL-08-020351
 +    stigid@almalinux8: RHEL-08-020351
+     stigid@rhel9: RHEL-09-412065
      stigid@sle12: SLES-12-010620
      stigid@sle15: SLES-15-040420
-     stigid@ubuntu2004: UBTU-20-010016
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
-index 410c6af61..97f563fb4 100644
+index 5584be566..02beb8e8d 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
-@@ -49,7 +49,7 @@ references:
-     pcidss4: "8.6.1"
+@@ -46,7 +46,7 @@ references:
+     nist-csf: PR.IP-2
      srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020353
 -    stigid@rhel8: RHEL-08-020353
 +    stigid@almalinux8: RHEL-08-020353
+     stigid@rhel9: RHEL-09-412070
  
  ocil_clause: |-
-     the value for the "umask" parameter is not "{{{ xccdf_value("var_accounts_user_umask") }}}",
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
-index ded8284be..05143b353 100644
+index a9d6266e4..4d1638c07 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure the Default Umask is Set Correctly For Interactive Users'
- 
-@@ -29,7 +29,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      stigid@ol7: OL07-00-021040
      stigid@ol8: OL08-00-020352
      stigid@rhel7: RHEL-07-021040
 -    stigid@rhel8: RHEL-08-020352
 +    stigid@almalinux8: RHEL-08-020352
+     stigid@rhel9: RHEL-09-411025
  
  ocil_clause: 'any local interactive user initialization files are found to have a umask statement that sets a value less restrictive than "077"'
- 
 diff --git a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh
 index ec75bf6d2..eb2aa2ea1 100644
 --- a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh
@@ -10408,18 +6287,6 @@ index ef7e5cc46..cd071b475 100644
  # reboot = false
  # strategy = configure
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/enable_authselect/rule.yml b/linux_os/guide/system/accounts/enable_authselect/rule.yml
-index e60ba5955..e4a495224 100644
---- a/linux_os/guide/system/accounts/enable_authselect/rule.yml
-+++ b/linux_os/guide/system/accounts/enable_authselect/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Enable authselect'
- 
 diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
 index 31c46debf..9b4e3abe2 100644
 --- a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
@@ -10451,85 +6318,85 @@ index 3bd07c62e..e328ca74c 100644
  
  rm -f /etc/pam.d/{fingerprint-auth,password-auth,postlogin,smartcard-auth,system-auth}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml
-index f1d8dbc14..51521b5f2 100644
+index ec789a5c1..4e395cb3d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml
-@@ -64,7 +64,7 @@ references:
+@@ -66,7 +66,7 @@ references:
      stigid@ol7: OL07-00-030410
      stigid@ol8: OL08-00-030490
      stigid@rhel7: RHEL-07-030410
 -    stigid@rhel8: RHEL-08-030490
 +    stigid@almalinux8: RHEL-08-030490
+     stigid@rhel9: RHEL-09-654015
      stigid@sle12: SLES-12-020460
      stigid@sle15: SLES-15-030290
-     stigid@ubuntu2004: UBTU-20-010152
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml
-index 2896ec845..da023fee0 100644
+index 95752040a..6e038b392 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml
-@@ -64,7 +64,7 @@ references:
+@@ -66,7 +66,7 @@ references:
      stigid@ol7: OL07-00-030370
      stigid@ol8: OL08-00-030480
      stigid@rhel7: RHEL-07-030370
 -    stigid@rhel8: RHEL-08-030480
 +    stigid@almalinux8: RHEL-08-030480
+     stigid@rhel9: RHEL-09-654020
      stigid@sle12: SLES-12-020420
      stigid@sle15: SLES-15-030250
-     stigid@ubuntu2004: UBTU-20-010148
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml
-index 45a66b8c4..88ee5960d 100644
+index 224bfa25e..6ed40cfb7 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml
-@@ -64,7 +64,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030410
      stigid@ol8: OL08-00-030490
      stigid@rhel7: RHEL-07-030410
 -    stigid@rhel8: RHEL-08-030490
 +    stigid@almalinux8: RHEL-08-030490
+     stigid@rhel9: RHEL-09-654015
      stigid@sle12: SLES-12-020460
      stigid@sle15: SLES-15-030290
-     stigid@ubuntu2004: UBTU-20-010153
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml
-index d68b7b4af..84c98dab9 100644
+index 5bef7b854..25a8d6a97 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml
-@@ -64,7 +64,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030410
      stigid@ol8: OL08-00-030490
      stigid@rhel7: RHEL-07-030410
 -    stigid@rhel8: RHEL-08-030490
 +    stigid@almalinux8: RHEL-08-030490
+     stigid@rhel9: RHEL-09-654015
      stigid@sle12: SLES-12-020460
      stigid@sle15: SLES-15-030290
-     stigid@ubuntu2004: UBTU-20-010154
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml
-index 146f89e8b..d16e404af 100644
+index 78a1cb522..29701e294 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml
-@@ -67,7 +67,7 @@ references:
+@@ -66,7 +66,7 @@ references:
      stigid@ol7: OL07-00-030370
      stigid@ol8: OL08-00-030480
      stigid@rhel7: RHEL-07-030370
 -    stigid@rhel8: RHEL-08-030480
 +    stigid@almalinux8: RHEL-08-030480
+     stigid@rhel9: RHEL-09-654020
      stigid@sle12: SLES-12-020420
      stigid@sle15: SLES-15-030250
-     stigid@ubuntu2004: UBTU-20-010149
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml
-index 464500cd6..608e56b5d 100644
+index b007a8a8d..85ff8153e 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml
-@@ -64,7 +64,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030370
      stigid@ol8: OL08-00-030480
      stigid@rhel7: RHEL-07-030370
 -    stigid@rhel8: RHEL-08-030480
 +    stigid@almalinux8: RHEL-08-030480
+     stigid@rhel9: RHEL-09-654020
      stigid@sle12: SLES-12-020420
      stigid@sle15: SLES-15-030250
-     stigid@ubuntu2004: UBTU-20-010150
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
-index 1dc43e75f..95753544a 100644
+index a27c40600..430845ac6 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
 @@ -11,13 +11,13 @@ description: |-
@@ -10564,17 +6431,17 @@ index 1dc43e75f..95753544a 100644
      <pre>-a always,exit -F arch=b64 -S fremovexattr -F auid=0 -F key=perm_mod</pre>
  {{%- endif %}}
  
-@@ -81,7 +81,7 @@ references:
+@@ -80,7 +80,7 @@ references:
      stigid@ol7: OL07-00-030440
      stigid@ol8: OL08-00-030200
      stigid@rhel7: RHEL-07-030440
 -    stigid@rhel8: RHEL-08-030200
 +    stigid@almalinux8: RHEL-08-030200
+     stigid@rhel9: RHEL-09-654025
      stigid@sle12: SLES-12-020370
      stigid@sle15: SLES-15-030190
-     stigid@ubuntu2004: UBTU-20-010147
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
-index 261433ef9..c70c481ae 100644
+index 01286a2ab..a1a7708fc 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
 @@ -9,24 +9,24 @@ description: |-
@@ -10606,30 +6473,30 @@ index 261433ef9..c70c481ae 100644
      <pre>-a always,exit -F arch=b64 -S fsetxattr -F auid=0 -F key=perm_mod</pre>
  {{%- endif %}}
  
-@@ -76,7 +76,7 @@ references:
+@@ -75,7 +75,7 @@ references:
      stigid@ol7: OL07-00-030440
      stigid@ol8: OL08-00-030200
      stigid@rhel7: RHEL-07-030440
 -    stigid@rhel8: RHEL-08-030200
 +    stigid@almalinux8: RHEL-08-030200
+     stigid@rhel9: RHEL-09-654025
      stigid@sle12: SLES-12-020370
      stigid@sle15: SLES-15-030190
-     stigid@ubuntu2004: UBTU-20-010144
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml
-index 1ce741da4..ca79e504e 100644
+index 5d1020b16..28f6e6d6a 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml
-@@ -64,7 +64,7 @@ references:
+@@ -66,7 +66,7 @@ references:
      stigid@ol7: OL07-00-030370
      stigid@ol8: OL08-00-030480
      stigid@rhel7: RHEL-07-030370
 -    stigid@rhel8: RHEL-08-030480
 +    stigid@almalinux8: RHEL-08-030480
+     stigid@rhel9: RHEL-09-654020
      stigid@sle12: SLES-12-020420
      stigid@sle15: SLES-15-030250
-     stigid@ubuntu2004: UBTU-20-010151
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
-index abe8228aa..39e331c33 100644
+index d5b4fe1e9..548e45250 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
 @@ -11,13 +11,13 @@ description: |-
@@ -10664,17 +6531,17 @@ index abe8228aa..39e331c33 100644
      <pre>-a always,exit -F arch=b64 -S lremovexattr -F auid=0 -F key=perm_mod</pre>
  {{%- endif %}}
  
-@@ -81,7 +81,7 @@ references:
+@@ -80,7 +80,7 @@ references:
      stigid@ol7: OL07-00-030440
      stigid@ol8: OL08-00-030200
      stigid@rhel7: RHEL-07-030440
 -    stigid@rhel8: RHEL-08-030200
 +    stigid@almalinux8: RHEL-08-030200
+     stigid@rhel9: RHEL-09-654025
      stigid@sle12: SLES-12-020370
      stigid@sle15: SLES-15-030190
-     stigid@ubuntu2004: UBTU-20-010146
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
-index f855dd32b..ebc3b20f0 100644
+index 9f75c0f81..ab4490051 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
 @@ -9,24 +9,24 @@ description: |-
@@ -10706,17 +6573,17 @@ index f855dd32b..ebc3b20f0 100644
      <pre>-a always,exit -F arch=b64 -S lsetxattr -F auid=0 -F key=perm_mod</pre>
  {{%- endif %}}
  
-@@ -76,7 +76,7 @@ references:
+@@ -75,7 +75,7 @@ references:
      stigid@ol7: OL07-00-030440
      stigid@ol8: OL08-00-030200
      stigid@rhel7: RHEL-07-030440
 -    stigid@rhel8: RHEL-08-030200
 +    stigid@almalinux8: RHEL-08-030200
+     stigid@rhel9: RHEL-09-654025
      stigid@sle12: SLES-12-020370
      stigid@sle15: SLES-15-030190
-     stigid@ubuntu2004: UBTU-20-010143
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
-index 63d3490a4..8383983a9 100644
+index c61fcfbae..ef632536a 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
 @@ -10,13 +10,13 @@ description: |-
@@ -10751,17 +6618,17 @@ index 63d3490a4..8383983a9 100644
      <pre>-a always,exit -F arch=b64 -S removexattr -F auid=0 -F key=perm_mod</pre>
  {{%- endif %}}
  
-@@ -80,7 +80,7 @@ references:
+@@ -79,7 +79,7 @@ references:
      stigid@ol7: OL07-00-030440
      stigid@ol8: OL08-00-030200
      stigid@rhel7: RHEL-07-030440
 -    stigid@rhel8: RHEL-08-030200
 +    stigid@almalinux8: RHEL-08-030200
+     stigid@rhel9: RHEL-09-654025
      stigid@sle12: SLES-12-020370
      stigid@sle15: SLES-15-030190
-     stigid@ubuntu2004: UBTU-20-010145
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
-index ab4c0226e..ee2d6af5c 100644
+index eeb9088ed..5c791ffc2 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
 @@ -9,24 +9,24 @@ description: |-
@@ -10793,196 +6660,137 @@ index ab4c0226e..ee2d6af5c 100644
      <pre>-a always,exit -F arch=b64 -S setxattr -F auid=0 -F key=perm_mod</pre>
  {{%- endif %}}
  
-@@ -76,7 +76,7 @@ references:
+@@ -75,7 +75,7 @@ references:
      stigid@ol7: OL07-00-030440
      stigid@ol8: OL08-00-030200
      stigid@rhel7: RHEL-07-030440
 -    stigid@rhel8: RHEL-08-030200
 +    stigid@almalinux8: RHEL-08-030200
+     stigid@rhel9: RHEL-09-654025
      stigid@sle12: SLES-12-020370
      stigid@sle15: SLES-15-030190
-     stigid@ubuntu2004: UBTU-20-010142
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
-index 2a15e8610..4524cd6ba 100644
+index cd14452f8..2cc1e9fd1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Any Attempts to Run chacl'
- 
 @@ -41,7 +41,7 @@ references:
      nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a)
-     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210
+     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255
      stigid@ol8: OL08-00-030570
 -    stigid@rhel8: RHEL-08-030570
 +    stigid@almalinux8: RHEL-08-030570
+     stigid@rhel9: RHEL-09-654035
      stigid@sle12: SLES-12-020620
      stigid@sle15: SLES-15-030440
-     stigid@ubuntu2004: UBTU-20-010168
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
-index 8c1cec42e..8cd35c96c 100644
+index 0f0925724..aab35206e 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Any Attempts to Run setfacl'
- 
-@@ -41,7 +41,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a)
-     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215
+     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235
      stigid@ol8: OL08-00-030330
 -    stigid@rhel8: RHEL-08-030330
 +    stigid@almalinux8: RHEL-08-030330
+     stigid@rhel9: RHEL-09-654040
      stigid@sle12: SLES-12-020610
      stigid@sle15: SLES-15-030430
-     stigid@ubuntu2004: UBTU-20-010167
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
-index 4f4194fe8..2cbc9643f 100644
+index c37003fdb..95bd09eae 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Any Attempts to Run chcon'
- 
-@@ -64,7 +64,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030580
      stigid@ol8: OL08-00-030260
      stigid@rhel7: RHEL-07-030580
 -    stigid@rhel8: RHEL-08-030260
 +    stigid@almalinux8: RHEL-08-030260
+     stigid@rhel9: RHEL-09-654045
      stigid@sle12: SLES-12-020630
      stigid@sle15: SLES-15-030450
-     stigid@ubuntu2004: UBTU-20-010165
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml
-index 786df6b45..11be153c6 100644
+index 4431537de..c27a75e11 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Record Any Attempts to Run restorecon'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
-index 43a9ae184..e7d40e1be 100644
+index 698a94308..ff384761a 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Record Any Attempts to Run semanage'
- 
-@@ -58,7 +58,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-030560
      stigid@ol8: OL08-00-030313
      stigid@rhel7: RHEL-07-030560
 -    stigid@rhel8: RHEL-08-030313
 +    stigid@almalinux8: RHEL-08-030313
+     stigid@rhel9: RHEL-09-654050
  
  {{{ ocil_fix_srg_privileged_command("semanage", "/usr/sbin/", "privileged-unix-update") }}}
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml
-index 359326710..3c4a2402d 100644
+index b8e7c3502..da5b9539b 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Any Attempts to Run setfiles'
- 
-@@ -47,7 +47,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-030590
      stigid@ol8: OL08-00-030314
      stigid@rhel7: RHEL-07-030590
 -    stigid@rhel8: RHEL-08-030314
 +    stigid@almalinux8: RHEL-08-030314
+     stigid@rhel9: RHEL-09-654055
  
  {{{ ocil_fix_srg_privileged_command("setfiles", "/usr/sbin/", "privileged-unix-update") }}}
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
-index 810d62838..6d6c135e7 100644
+index 0a9b6c0d1..5df9fc4d8 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Record Any Attempts to Run setsebool'
- 
-@@ -57,7 +57,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-030570
      stigid@ol8: OL08-00-030316
      stigid@rhel7: RHEL-07-030570
 -    stigid@rhel8: RHEL-08-030316
 +    stigid@almalinux8: RHEL-08-030316
+     stigid@rhel9: RHEL-09-654060
  
  {{{ ocil_fix_srg_privileged_command("setsebool", "/usr/sbin/", "privileged") }}}
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml
-index 54f8d69cf..b6b1436ff 100644
+index 1214ad408..8f2bd4496 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml
-@@ -1,11 +1,11 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- 
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Any Attempts to Run seunshare'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh
 index 53e61fb25..e9a0edcde 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh
@@ -10993,430 +6801,70 @@ index 53e61fb25..e9a0edcde 100644
  
  # Perform the remediation for the syscall rule
  # Retrieve hardware architecture of the underlying system
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
-index f3e0836c8..ce4e8c3ca 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
- 
- title: 'Ensure auditd Collects File Deletion Events by User'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml
-index 5b6bb0424..825d5f3e0 100644
+index 5b643bdeb..d3261049c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml
-@@ -59,7 +59,7 @@ references:
-     stigid@ol7: OL07-00-030910
-     stigid@ol8: OL08-00-030361
-     stigid@rhel7: RHEL-07-030910
--    stigid@rhel8: RHEL-08-030361
-+    stigid@almalinux8: RHEL-08-030361
-     stigid@ubuntu2004: UBTU-20-010269
- 
- {{{ complete_ocil_entry_audit_syscall(syscall="rename") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml
-index fd2e5b77f..c2c200013 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml
-@@ -58,7 +58,7 @@ references:
-     stigid@ol7: OL07-00-030910
-     stigid@ol8: OL08-00-030361
-     stigid@rhel7: RHEL-07-030910
--    stigid@rhel8: RHEL-08-030361
-+    stigid@almalinux8: RHEL-08-030361
-     stigid@ubuntu2004: UBTU-20-010270
- 
- {{{ complete_ocil_entry_audit_syscall(syscall="renameat") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml
-index 7c42d57ec..46e7e6fba 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml
-@@ -52,7 +52,7 @@ references:
-     stigid@ol7: OL07-00-030910
-     stigid@ol8: OL08-00-030361
-     stigid@rhel7: RHEL-07-030910
--    stigid@rhel8: RHEL-08-030361
-+    stigid@almalinux8: RHEL-08-030361
- 
- {{{ complete_ocil_entry_audit_syscall(syscall="rmdir") }}}
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml
-index 432d5dee7..569259a57 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml
-@@ -58,7 +58,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-030910
      stigid@ol8: OL08-00-030361
      stigid@rhel7: RHEL-07-030910
 -    stigid@rhel8: RHEL-08-030361
 +    stigid@almalinux8: RHEL-08-030361
+     stigid@rhel9: RHEL-09-654065
      stigid@ubuntu2004: UBTU-20-010267
  
- {{{ complete_ocil_entry_audit_syscall(syscall="unlink") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml
-index 2d9dfec6f..019c2319e 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml
-@@ -58,7 +58,7 @@ references:
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml
+index 7bd3799ef..08609a454 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-030910
      stigid@ol8: OL08-00-030361
      stigid@rhel7: RHEL-07-030910
 -    stigid@rhel8: RHEL-08-030361
 +    stigid@almalinux8: RHEL-08-030361
-     stigid@ubuntu2004: UBTU-20-010268
- 
- {{{ complete_ocil_entry_audit_syscall(syscall="unlinkat") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml
-index d3b018633..2bb5eb1b5 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Record Successful Permission Changes to Files - chmod'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml
-index 241d1d633..f9749a326 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Ownership Changes to Files - chown'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_creat/rule.yml
-index a1f8f3955..173d16fb6 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_creat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_creat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Access Attempts to Files - creat'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml
-index ce7070ed8..8fdaba2d5 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Permission Changes to Files - fchmod'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml
-index 4b6cee018..3f60a6910 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Permission Changes to Files - fchmodat'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml
-index 6bc0b9595..71a0383b1 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Ownership Changes to Files - fchown'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml
-index e882a57be..ef4a46a99 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Ownership Changes to Files - fchownat'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml
-index ee4ff3a8d..9aaea3ee2 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Permission Changes to Files - fremovexattr'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml
-index d40bfdeee..8ce3cb3af 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Permission Changes to Files - fsetxattr'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_ftruncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_ftruncate/rule.yml
-index 4fe00220c..d99a82aab 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_ftruncate/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_ftruncate/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Access Attempts to Files - ftruncate'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml
-index 90873b108..2e82232c8 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Ownership Changes to Files - lchown'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml
-index acbfbc0e0..dfdcfbadf 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Permission Changes to Files - lremovexattr'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml
-index b669f750c..9897c41b9 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Permission Changes to Files - lsetxattr'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open/rule.yml
-index 9cc9ff866..3de02e18f 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Access Attempts to Files - open'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at/rule.yml
-index 89a65e14e..bc5862526 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Access Attempts to Files - open_by_handle_at'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_creat/rule.yml
-index 38a00312e..ad07bfd01 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_creat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_creat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Successful Creation Attempts to Files - open_by_handle_at O_CREAT'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
-index 5ed132a52..0352431ce 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Successful Creation Attempts to Files - open_by_handle_at O_TRUNC_WRITE'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_creat/rule.yml
-index bef2d87a1..ac4e2ebeb 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_creat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_creat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Successful Creation Attempts to Files - open O_CREAT'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_trunc_write/rule.yml
-index 653e1d8e1..d6cf93b79 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_trunc_write/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_trunc_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Successful Creation Attempts to Files - open O_TRUNC_WRITE'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat/rule.yml
-index 16e9b483f..7ede712e0 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Access Attempts to Files - openat'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_creat/rule.yml
-index 75ead44a9..1d342e48f 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_creat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_creat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Successful Creation Attempts to Files - openat O_CREAT'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_trunc_write/rule.yml
-index 13ff5e23c..11279f4b1 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_trunc_write/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_trunc_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Successful Creation Attempts to Files - openat O_TRUNC_WRITE'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml
-index 7d7e3ebe8..6e115c377 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Permission Changes to Files - removexattr'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml
-index 82d103ece..84fa9b87b 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Delete Attempts to Files - rename'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml
-index 1736c971c..046a17f30 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Delete Attempts to Files - renameat'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml
-index 75809f4aa..852c7f93f 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Permission Changes to Files - setxattr'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_truncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_truncate/rule.yml
-index 4d850dc81..c1a49a4f6 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_truncate/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_truncate/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Access Attempts to Files - truncate'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml
-index 91e8f67b6..0c57eabc8 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Delete Attempts to Files - unlink'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml
-index a11b195b1..3e87d37f4 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Record Successful Delete Attempts to Files - unlinkat'
+     stigid@rhel9: RHEL-09-654065
+     stigid@ubuntu2004: UBTU-20-010267
+ 
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml
+index 187764324..c5416af9b 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml
+@@ -55,7 +55,7 @@ references:
+     stigid@ol7: OL07-00-030910
+     stigid@ol8: OL08-00-030361
+     stigid@rhel7: RHEL-07-030910
+-    stigid@rhel8: RHEL-08-030361
++    stigid@almalinux8: RHEL-08-030361
+     stigid@rhel9: RHEL-09-654065
+     stigid@ubuntu2004: UBTU-20-010267
+ 
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml
+index 74a105415..6c31f0695 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml
+@@ -60,7 +60,7 @@ references:
+     stigid@ol7: OL07-00-030910
+     stigid@ol8: OL08-00-030361
+     stigid@rhel7: RHEL-07-030910
+-    stigid@rhel8: RHEL-08-030361
++    stigid@almalinux8: RHEL-08-030361
+     stigid@rhel9: RHEL-09-654065
+     stigid@ubuntu2004: UBTU-20-010267
+ 
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml
+index d8a1a0a3e..1f9490a82 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml
+@@ -57,7 +57,7 @@ references:
+     stigid@ol7: OL07-00-030910
+     stigid@ol8: OL08-00-030361
+     stigid@rhel7: RHEL-07-030910
+-    stigid@rhel8: RHEL-08-030361
++    stigid@almalinux8: RHEL-08-030361
+     stigid@rhel9: RHEL-09-654065
+     stigid@ubuntu2004: UBTU-20-010267
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh
 index 8a48783f6..b846f8113 100644
@@ -11428,234 +6876,58 @@ index 8a48783f6..b846f8113 100644
  
  # Perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
-index 631c277ee..ebb67b09d 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful)'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chmod/rule.yml
-index c2530e143..e3e9aa40f 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chmod/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chmod/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Permission Changes to Files - chmod'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chown/rule.yml
-index b5857ab4f..e70668598 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chown/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chown/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Ownership Changes to Files - chown'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
-index a3e663e12..fb2c46cbc 100644
+index b1f98d255..c273eda16 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Unsuccessful Access Attempts to Files - creat'
- 
 @@ -69,7 +69,7 @@ references:
      stigid@ol7: OL07-00-030510
      stigid@ol8: OL08-00-030420
      stigid@rhel7: RHEL-07-030510
 -    stigid@rhel8: RHEL-08-030420
 +    stigid@almalinux8: RHEL-08-030420
+     stigid@rhel9: RHEL-09-654070
      stigid@sle12: SLES-12-020490
      stigid@sle15: SLES-15-030150
-     stigid@ubuntu2004: UBTU-20-010158
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmod/rule.yml
-index 8edd48b30..9b1e2102c 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmod/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmod/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Permission Changes to Files - fchmod'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmodat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmodat/rule.yml
-index d253410ea..cdd03f3fc 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmodat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmodat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Permission Changes to Files - fchmodat'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchown/rule.yml
-index 58b032454..03126e0c8 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchown/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchown/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Ownership Changes to Files - fchown'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchownat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchownat/rule.yml
-index ef76fd58a..2bb7ceba4 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchownat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchownat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Ownership Changes to Files - fchownat'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fremovexattr/rule.yml
-index fa0448df4..6e6bf032c 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fremovexattr/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fremovexattr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Permission Changes to Files - fremovexattr'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fsetxattr/rule.yml
-index c0bf31449..b67b0bc18 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fsetxattr/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fsetxattr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Permission Changes to Files - fsetxattr'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
-index d088d91bc..4d4df29fb 100644
+index ff8b128f0..9a112268e 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Unsuccessful Access Attempts to Files - ftruncate'
- 
-@@ -72,7 +72,7 @@ references:
+@@ -69,7 +69,7 @@ references:
      stigid@ol7: OL07-00-030510
      stigid@ol8: OL08-00-030420
      stigid@rhel7: RHEL-07-030510
 -    stigid@rhel8: RHEL-08-030420
 +    stigid@almalinux8: RHEL-08-030420
+     stigid@rhel9:  RHEL-09-654070
      stigid@sle12: SLES-12-020490
      stigid@sle15: SLES-15-030150
-     stigid@ubuntu2004: UBTU-20-010157
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lchown/rule.yml
-index 3ad9634f5..bc852edd9 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lchown/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lchown/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Ownership Changes to Files - lchown'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lremovexattr/rule.yml
-index cdadbe887..18ccc2e04 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lremovexattr/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lremovexattr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Permission Changes to Files - lremovexattr'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lsetxattr/rule.yml
-index 249c0169c..3e4a0e6e5 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lsetxattr/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lsetxattr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Permission Changes to Files - lsetxattr'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
-index de8897a2c..8872f1d17 100644
+index 068d40163..7518b9431 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Unsuccessful Access Attempts to Files - open'
- 
 @@ -72,7 +72,7 @@ references:
      stigid@ol7: OL07-00-030510
      stigid@ol8: OL08-00-030420
      stigid@rhel7: RHEL-07-030510
 -    stigid@rhel8: RHEL-08-030420
 +    stigid@almalinux8: RHEL-08-030420
+     stigid@rhel9: RHEL-09-654070
      stigid@sle12: SLES-12-020490
      stigid@sle15: SLES-15-030150
-     stigid@ubuntu2004: UBTU-20-010155
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
-index 7b303e092..7c7c92bd1 100644
+index 602e5e328..938ce757d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Unsuccessful Access Attempts to Files - open_by_handle_at'
- 
-@@ -62,7 +62,7 @@ references:
+@@ -59,7 +59,7 @@ references:
      stigid@ol7: OL07-00-030510
      stigid@ol8: OL08-00-030420
      stigid@rhel7: RHEL-07-030510
 -    stigid@rhel8: RHEL-08-030420
 +    stigid@almalinux8: RHEL-08-030420
+     stigid@rhel9: RHEL-09-654070
      stigid@sle12: SLES-12-020490
      stigid@sle15: SLES-15-030150
-     stigid@ubuntu2004: UBTU-20-010160
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh
 index c1352ae38..31de43746 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh
@@ -11665,18 +6937,6 @@ index c1352ae38..31de43746 100644
 +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml
-index ffc509c50..027518381 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Creation Attempts to Files - open_by_handle_at O_CREAT'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh
 index c1352ae38..31de43746 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh
@@ -11686,18 +6946,6 @@ index c1352ae38..31de43746 100644
 +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
-index f179706b3..e5af4b9f4 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Modification Attempts to Files - open_by_handle_at O_TRUNC_WRITE'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh
 index c944fb9e6..b506644af 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh
@@ -11707,18 +6955,6 @@ index c944fb9e6..b506644af 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml
-index 8a24ab1aa..c00d4dc03 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Ensure auditd Unauthorized Access Attempts To open_by_handle_at Are Ordered Correctly'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh
 index c1352ae38..31de43746 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh
@@ -11728,18 +6964,6 @@ index c1352ae38..31de43746 100644
 +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml
-index 35ddbc326..673c4db4e 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Creation Attempts to Files - open O_CREAT'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh
 index c1352ae38..31de43746 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh
@@ -11749,18 +6973,6 @@ index c1352ae38..31de43746 100644
 +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml
-index d4dc5611f..a5b894d29 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Modification Attempts to Files - open O_TRUNC_WRITE'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh
 index c944fb9e6..b506644af 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh
@@ -11770,39 +6982,19 @@ index c944fb9e6..b506644af 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml
-index 0da3156af..c3fe28933 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Ensure auditd Rules For Unauthorized Attempts To open Are Ordered Correctly'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
-index c85d6d55c..a575b7f57 100644
+index c4eb8f3ac..288b52820 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Unsuccessful Access Attempts to Files - openat'
- 
-@@ -72,7 +72,7 @@ references:
+@@ -69,7 +69,7 @@ references:
      stigid@ol7: OL07-00-030510
      stigid@ol8: OL08-00-030420
      stigid@rhel7: RHEL-07-030510
 -    stigid@rhel8: RHEL-08-030420
 +    stigid@almalinux8: RHEL-08-030420
+     stigid@rhel9: RHEL-09-654070
      stigid@sle12: SLES-12-020490
      stigid@sle15: SLES-15-030150
-     stigid@ubuntu2004: UBTU-20-010159
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh
 index c1352ae38..31de43746 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh
@@ -11812,18 +7004,6 @@ index c1352ae38..31de43746 100644
 +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml
-index d3fb5e8c2..7ef030771 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Creation Attempts to Files - openat O_CREAT'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh
 index c1352ae38..31de43746 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh
@@ -11833,18 +7013,6 @@ index c1352ae38..31de43746 100644
 +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml
-index cd573dc71..44d3e951d 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Modification Attempts to Files - openat O_TRUNC_WRITE'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh
 index c944fb9e6..b506644af 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh
@@ -11854,111 +7022,19 @@ index c944fb9e6..b506644af 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml
-index 5a16683de..189fc7cce 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Ensure auditd Rules For Unauthorized Attempts To openat Are Ordered Correctly'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_removexattr/rule.yml
-index 7d0ef046a..6c88302a6 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_removexattr/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_removexattr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Permission Changes to Files - removexattr'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml
-index ef40c036b..53766d4d8 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Record Unsuccessful Delete Attempts to Files - rename'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml
-index 5b52aec1a..78d8eaa84 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Record Unsuccessful Delete Attempts to Files - renameat'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_setxattr/rule.yml
-index 094ab0e07..81d5ea3d6 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_setxattr/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_setxattr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Unsuccessful Permission Changes to Files - setxattr'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
-index b7e17951e..a623c2913 100644
+index d89aa0d27..8814a9399 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Unsuccessful Access Attempts to Files - truncate'
- 
-@@ -71,7 +71,7 @@ references:
+@@ -68,7 +68,7 @@ references:
      stigid@ol7: OL07-00-030510
      stigid@ol8: OL08-00-030420
      stigid@rhel7: RHEL-07-030510
 -    stigid@rhel8: RHEL-08-030420
 +    stigid@almalinux8: RHEL-08-030420
+     stigid@rhel9: RHEL-09-654070
      stigid@sle12: SLES-12-020490
      stigid@sle15: SLES-15-030150
-     stigid@ubuntu2004: UBTU-20-010156
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml
-index 0d26a2f0d..ec74eb00e 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Record Unsuccessful Delete Attempts to Files - unlink'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml
-index 38b174793..d4896530b 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Record Unsuccessful Delete Attempts to Files - unlinkat'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml
 index 590a5ff6b..5ceb15d9b 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml
@@ -11969,18 +7045,6 @@ index 590a5ff6b..5ceb15d9b 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
-index 18778fd6d..9ffe93fc1 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml
 index bdf3015c4..658327033 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml
@@ -11992,25 +7056,13 @@ index bdf3015c4..658327033 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml
-index 81da90162..645e6b29a 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,ol7,rhel7,rhel8,rhel9
-+prodtype: alinux3,ol7,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Ensure auditd Collects Information on Kernel Module Unloading - create_module'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml
-index 369b1efa7..6178f245a 100644
+index 2e008b37e..7e74c94e7 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian
  # reboot = false
  # complexity = low
  # disruption = low
@@ -12026,44 +7078,36 @@ index 7c8e520c1..e5c1d9d93 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
-index d7973aed9..d65e29d4e 100644
+index e25e2a8bc..6f6435c8c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on Kernel Module Unloading - delete_module'
- 
-@@ -64,7 +64,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-030830
      stigid@ol8: OL08-00-030390
      stigid@rhel7: RHEL-07-030830
 -    stigid@rhel8: RHEL-08-030390
 +    stigid@almalinux8: RHEL-08-030390
+     stigid@rhel9: RHEL-09-654075
      stigid@sle12: SLES-12-020730
      stigid@sle15: SLES-15-030520
-     stigid@ubuntu2004: UBTU-20-010302
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/tests/missing_auid_filter.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/tests/missing_auid_filter.fail.sh
-index ebf2a9cab..288d4f0ee 100644
+index 1bf2449b4..ddf95ef93 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/tests/missing_auid_filter.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/tests/missing_auid_filter.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8
-+# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_ubuntu
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ubuntu
  # packages = audit
  
  rm -f /etc/audit/rules.d/*
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml
-index 104426d89..58d592d3b 100644
+index 9349085f7..b20604aa7 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  # reboot = false
  # complexity = low
  # disruption = low
@@ -12079,44 +7123,36 @@ index 639d76a21..7f4d463d6 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
-index 57bf26f06..402560066 100644
+index ca1c4f6a8..08a653c50 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module'
- 
-@@ -62,7 +62,7 @@ references:
+@@ -59,7 +59,7 @@ references:
      stigid@ol7: OL07-00-030820
      stigid@ol8: OL08-00-030360
      stigid@rhel7: RHEL-07-030820
 -    stigid@rhel8: RHEL-08-030360
 +    stigid@almalinux8: RHEL-08-030360
+     stigid@rhel9: RHEL-09-654080
      stigid@sle12: SLES-12-020740
      stigid@sle15: SLES-15-030530
-     stigid@ubuntu2004: UBTU-20-010180
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/tests/missing_auid_filter.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/tests/missing_auid_filter.fail.sh
-index deb2217de..3db9d374e 100644
+index 548015d2a..f785aab0c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/tests/missing_auid_filter.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/tests/missing_auid_filter.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8
-+# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_ubuntu
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ubuntu
  # packages = audit
  
  rm -f /etc/audit/rules.d/*
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml
-index c4915eac1..6fd747807 100644
+index 73a9f1dff..6daf2c30b 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian
  # reboot = false
  # complexity = low
  # disruption = low
@@ -12132,49 +7168,29 @@ index 083a612a0..3228b89b7 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
-index 4392f855f..58d41e8ae 100644
+index b87e5b20d..34bb2eb4a 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on Kernel Module Loading - init_module'
- 
-@@ -63,7 +63,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-030820
      stigid@ol8: OL08-00-030360
      stigid@rhel7: RHEL-07-030820
 -    stigid@rhel8: RHEL-08-030360
 +    stigid@almalinux8: RHEL-08-030360
+     stigid@rhel9: RHEL-09-654080
      stigid@sle12: SLES-12-020740
      stigid@sle15: SLES-15-030530
-     stigid@ubuntu2004: UBTU-20-010179
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/tests/missing_auid_filter.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/tests/missing_auid_filter.fail.sh
-index 7570ed06f..e9ff26fab 100644
+index 8e282ee3e..d344773fa 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/tests/missing_auid_filter.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/tests/missing_auid_filter.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8
-+# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_ubuntu
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ubuntu
  # packages = audit
  
  rm -f /etc/audit/rules.d/*
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/rule.yml
-index ffb320b1a..fb709f42c 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8,rhel9
-+prodtype: rhel8,almalinux8,rhel9
- 
- title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading - query_module'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh
 index 009564309..0f9a7f6e6 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh
@@ -12187,7 +7203,7 @@ index 009564309..0f9a7f6e6 100644
  
  rm -f /etc/audit/rules.d/*
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh
-index d58a5ee62..c6d928bbd 100644
+index 1ea2bcfa9..06d0f131a 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -12196,92 +7212,183 @@ index d58a5ee62..c6d928bbd 100644
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
-index bee62126a..26762fe5a 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Record Attempts to Alter Logon and Logout Events'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/tests/rules_without_keys.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/tests/rules_without_keys.pass.sh
-index 9c69bc099..d133b31d9 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/tests/rules_without_keys.pass.sh
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/tests/rules_without_keys.pass.sh
-@@ -2,7 +2,7 @@
- # packages = audit
- # remediation = bash
- 
--{{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
-+{{% if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
- {{% set faillock_path="/var/log/faillock" %}}
- {{% else %}}
- {{% set faillock_path="/var/run/faillock" %}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
-index 4dcd32e2c..40220f9ed 100644
+index 4102a3ff9..1fdbc4041 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Record Attempts to Alter Logon and Logout Events - faillock'
- 
-@@ -59,7 +59,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-030610
      stigid@ol8: OL08-00-030590
      stigid@rhel7: RHEL-07-030610
 -    stigid@rhel8: RHEL-08-030590
 +    stigid@almalinux8: RHEL-08-030590
+     stigid@rhel9: RHEL-09-654250
  
  ocil_clause: 'the command does not return a line, or the line is commented out'
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh
+index 123bfa32f..202a1488f 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis
  
+ path="/var/run/faillock"
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh
+index 2c17afeaa..0ddf37750 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis
+ 
+ path="/var/run/faillock"
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh
+index ea2066f6f..3765d856b 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis
+ 
+ path="/var/run/faillock"
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh
+index 609e9755d..bca002bc9 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis
+ 
+ path="/var/run/faillock"
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh
+index caf40c54b..9bb1ab7de 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis
+ 
+ path="/var/run/faillock"
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh
+index ee1fdc951..08606fcac 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis
+ 
+ path="/var/run/faillock"
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh
+index e2750dbee..6a2992c9d 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis
+ 
+ path="/var/run/faillock"
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh
+index d8379bfe5..3c16dd148 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis
+ 
+ path="/var/run/faillock"
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh
+index cbbcb5f67..76ebb0844 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis
+ 
+ path="/var/run/faillock"
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh
+index 22b979187..e90519a30 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis
+ 
+ path="/var/run/faillock"
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh
+index afdeb73d1..95b55eef4 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis
+ 
+ path="/var/run/faillock"
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh
+index b14bc1951..81934f021 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis
+ 
+ path="/var/run/faillock"
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
-index 45c08e4c4..03e03b80e 100644
+index d183ff5be..91546b5d0 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Attempts to Alter Logon and Logout Events - lastlog'
- 
-@@ -61,7 +61,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-030620
      stigid@ol8: OL08-00-030600
      stigid@rhel7: RHEL-07-030620
 -    stigid@rhel8: RHEL-08-030600
 +    stigid@almalinux8: RHEL-08-030600
+     stigid@rhel9: RHEL-09-654255
      stigid@sle12: SLES-12-020660
      stigid@sle15: SLES-15-030480
-     stigid@ubuntu2004: UBTU-20-010171
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
-index 96f6e645f..2529d50ee 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Attempts to Alter Logon and Logout Events - tallylog'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml
-index 8f306736e..c6273db3d 100644
+index 1c7f9d26c..0d8ea4220 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
  # reboot = false
  # strategy = configure
  # complexity = low
@@ -12368,6 +7475,18 @@ index b6aabf247..8405f0ba1 100644
  
  ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /tmp/privileged.rules
  
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh
+index 12f1b429a..8dea24479 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+ 
+ ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
+ echo "-a always,exit -F path=/usr/bin/notrelevant -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
 index 711bae803..617ff1b33 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
@@ -12414,6 +7533,18 @@ index 51482922f..4ac366ec9 100644
  
  ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
  # change key of rules for binaries in /usr/sbin
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_ignore_dracut_tmp.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_ignore_dracut_tmp.pass.sh
+index 6ef31d987..2da0682e0 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_ignore_dracut_tmp.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_ignore_dracut_tmp.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+ 
+ ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
+ 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh
 index 79c0bb972..2968492ac 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh
@@ -12462,102 +7593,74 @@ index 81fc6dd16..9c3f84ef8 100644
  
  ./generate_privileged_commands_rule.sh {{{ uid_min }}} own_key /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml
-index 639e61446..4011f6cb8 100644
+index d5ec19271..456ebfd72 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - at'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
-index bc240650e..bae8ba97e 100644
+index b628567bc..4cd1ced70 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - chage'
- 
-@@ -61,7 +61,7 @@ references:
+@@ -59,7 +59,7 @@ references:
      stigid@ol7: OL07-00-030660
      stigid@ol8: OL08-00-030250
      stigid@rhel7: RHEL-07-030660
 -    stigid@rhel8: RHEL-08-030250
 +    stigid@almalinux8: RHEL-08-030250
+     stigid@rhel9: RHEL-09-654085
      stigid@sle12: SLES-12-020690
      stigid@sle15: SLES-15-030120
-     stigid@ubuntu2004: UBTU-20-010175
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
-index 8603087c3..1f78a3177 100644
+index 7515a6681..0870a3499 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - chsh'
- 
-@@ -61,7 +61,7 @@ references:
+@@ -59,7 +59,7 @@ references:
      stigid@ol7: OL07-00-030720
      stigid@ol8: OL08-00-030410
      stigid@rhel7: RHEL-07-030720
 -    stigid@rhel8: RHEL-08-030410
 +    stigid@almalinux8: RHEL-08-030410
+     stigid@rhel9: RHEL-09-654090
      stigid@sle12: SLES-12-020580
      stigid@sle15: SLES-15-030100
-     stigid@ubuntu2004: UBTU-20-010163
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
-index 0846706f2..d0099324d 100644
+index 8ef1fdf41..237ebe6e7 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - crontab'
- 
-@@ -59,7 +59,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-030800
      stigid@ol8: OL08-00-030400
      stigid@rhel7: RHEL-07-030800
 -    stigid@rhel8: RHEL-08-030400
 +    stigid@almalinux8: RHEL-08-030400
+     stigid@rhel9: RHEL-09-654095
      stigid@sle12: SLES-12-020710
      stigid@sle15: SLES-15-030130
-     stigid@ubuntu2004: UBTU-20-010177
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_dbus_daemon_launch_helper/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_dbus_daemon_launch_helper/rule.yml
-index ac8b4c104..5cca96cc9 100644
+index b54fefd34..623ee707e 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_dbus_daemon_launch_helper/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_dbus_daemon_launch_helper/rule.yml
 @@ -1,4 +1,4 @@
@@ -12567,7 +7670,7 @@ index ac8b4c104..5cca96cc9 100644
  {{%- endif %}}
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount/rule.yml
-index 329e48377..6bff4dc3c 100644
+index de8adac1e..201b6145f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount/rule.yml
 @@ -1,4 +1,4 @@
@@ -12577,7 +7680,7 @@ index 329e48377..6bff4dc3c 100644
  {{%- endif %}}
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount3/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount3/rule.yml
-index 6ac08b082..dd5848d1d 100644
+index 3b94d7faa..238431055 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount3/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount3/rule.yml
 @@ -1,4 +1,4 @@
@@ -12587,33 +7690,26 @@ index 6ac08b082..dd5848d1d 100644
  {{%- endif %}}
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
-index 347eaee25..ce442e91d 100644
+index 18a97ba77..3ffa6ad25 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - gpasswd'
- 
-@@ -62,7 +62,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-030650
      stigid@ol8: OL08-00-030370
      stigid@rhel7: RHEL-07-030650
 -    stigid@rhel8: RHEL-08-030370
 +    stigid@almalinux8: RHEL-08-030370
+     stigid@rhel9: RHEL-09-654100
      stigid@sle12: SLES-12-020560
      stigid@sle15: SLES-15-030080
-     stigid@ubuntu2004: UBTU-20-010174
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_grub2_set_bootflag/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_grub2_set_bootflag/rule.yml
-index 0b7ad4110..8ee52129f 100644
+index cf58bda23..2be03b588 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_grub2_set_bootflag/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_grub2_set_bootflag/rule.yml
 @@ -1,4 +1,4 @@
@@ -12643,33 +7739,24 @@ index 29bfc7be7..d0910b1c6 100644
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/insmod", "x", "modules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
-index 1f40fde77..84067bd6a 100644
+index de3bf60f3..5112458d4 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
 @@ -1,4 +1,4 @@
 -{{%- if product in ["ol7", "rhel7", "rhel8", "rhel9"] %}}
 +{{%- if product in ["ol7", "rhel7", "rhel8", "almalinux8", "rhel9"] %}}
      {{%- set kmod_audit="-a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=" ~ uid_min ~ " -F auid!=unset -F key=privileged" %}}
- {{%- elif product in ["ubuntu2004", "ubuntu2204"] %}}
-     {{%- set kmod_audit="-w /bin/kmod -p x -k modules" %}}
-@@ -8,7 +8,7 @@
- 
- documentation_complete: true
- 
--prodtype: alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - kmod'
- 
-@@ -53,7 +53,7 @@ references:
+ {{%- else %}}
+     {{%- set kmod_audit="-w /usr/bin/kmod -p x -k modules" %}}
+@@ -50,7 +50,7 @@ references:
      stigid@ol7: OL07-00-030840
      stigid@ol8: OL08-00-030580
      stigid@rhel7: RHEL-07-030840
 -    stigid@rhel8: RHEL-08-030580
 +    stigid@almalinux8: RHEL-08-030580
+     stigid@rhel9: RHEL-09-654105
      stigid@sle12: SLES-12-020360
      stigid@sle15: SLES-15-030410
-     stigid@ubuntu2004: UBTU-20-010297
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml
 index 8f61ee32a..07ddf4291 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml
@@ -12691,33 +7778,26 @@ index ed9771d0d..665d2cc0f 100644
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/modprobe", "x", "modules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml
-index 602518ad8..aff4282ec 100644
+index 817ec3f12..2b795cc59 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - mount'
- 
-@@ -51,7 +51,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      stigid@ol7: OL07-00-030740
      stigid@ol8: OL08-00-030300
      stigid@rhel7: RHEL-07-030740
 -    stigid@rhel8: RHEL-08-030300
 +    stigid@almalinux8: RHEL-08-030300
+     stigid@rhel9: RHEL-09-654180
      stigid@sle12: SLES-12-020290
      stigid@ubuntu2004: UBTU-20-010138
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount_nfs/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount_nfs/rule.yml
-index 3c645c96c..170495c9d 100644
+index 54e0d6227..e4bb98755 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount_nfs/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount_nfs/rule.yml
 @@ -1,4 +1,4 @@
@@ -12727,67 +7807,46 @@ index 3c645c96c..170495c9d 100644
  {{%- endif %}}
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml
-index 83c1c812f..ef4943e13 100644
+index a2014eb70..fb66f51e8 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newgidmap'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
-index 59b4dcfbb..a6640d9c7 100644
+index c1ffea143..43cd01980 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newgrp'
- 
-@@ -62,7 +62,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-030710
      stigid@ol8: OL08-00-030350
      stigid@rhel7: RHEL-07-030710
 -    stigid@rhel8: RHEL-08-030350
 +    stigid@almalinux8: RHEL-08-030350
+     stigid@rhel9: RHEL-09-654110
      stigid@sle12: SLES-12-020570
      stigid@sle15: SLES-15-030090
-     stigid@ubuntu2004: UBTU-20-010164
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml
-index 41f9fc3de..cdaa9600d 100644
+index 32f9f451e..7f92479da 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newuidmap'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
-index 0bda87b7d..2398e767b 100644
+index 1a09558ec..05cb1d14d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
 @@ -1,4 +1,4 @@
@@ -12796,52 +7855,36 @@ index 0bda87b7d..2398e767b 100644
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
-@@ -10,7 +10,7 @@
- 
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - pam_timestamp_check'
- 
-@@ -66,7 +66,7 @@ references:
+@@ -64,7 +64,7 @@ references:
      stigid@ol7: OL07-00-030810
      stigid@ol8: OL08-00-030340
      stigid@rhel7: RHEL-07-030810
 -    stigid@rhel8: RHEL-08-030340
 +    stigid@almalinux8: RHEL-08-030340
+     stigid@rhel9: RHEL-09-654115
      stigid@sle12: SLES-12-020720
      stigid@sle15: SLES-15-030510
-     stigid@ubuntu2004: UBTU-20-010178
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
-index 19b6623a7..898ad38fd 100644
+index 25bfa1d00..7c4339a92 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - passwd'
- 
-@@ -59,7 +59,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-030630
      stigid@ol8: OL08-00-030290
      stigid@rhel7: RHEL-07-030630
 -    stigid@rhel8: RHEL-08-030290
 +    stigid@almalinux8: RHEL-08-030290
+     stigid@rhel9: RHEL-09-654120
      stigid@sle12: SLES-12-020550
      stigid@sle15: SLES-15-030070
-     stigid@ubuntu2004: UBTU-20-010172
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pkexec/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pkexec/rule.yml
-index 126c855e7..3c514b237 100644
+index 53dc91957..e723f2f3d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pkexec/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pkexec/rule.yml
 @@ -1,4 +1,4 @@
@@ -12851,7 +7894,7 @@ index 126c855e7..3c514b237 100644
  {{%- endif %}}
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_polkit_helper/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_polkit_helper/rule.yml
-index aae180149..bcd8239ac 100644
+index bc443d98c..1be0a3f02 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_polkit_helper/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_polkit_helper/rule.yml
 @@ -1,4 +1,4 @@
@@ -12861,74 +7904,53 @@ index aae180149..bcd8239ac 100644
  {{%- endif %}}
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
-index 8408a93d0..093763e02 100644
+index ffa07f18f..45cfa1ddf 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - postdrop'
- 
-@@ -58,7 +58,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-030760
      stigid@ol8: OL08-00-030311
      stigid@rhel7: RHEL-07-030760
 -    stigid@rhel8: RHEL-08-030311
 +    stigid@almalinux8: RHEL-08-030311
+     stigid@rhel9: RHEL-09-654125
  
  {{{ ocil_fix_srg_privileged_command("postdrop") }}}
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
-index bbeabeb8d..19d5322a6 100644
+index 0abec84ef..98988a139 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - postqueue'
- 
-@@ -58,7 +58,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-030770
      stigid@ol8: OL08-00-030312
      stigid@rhel7: RHEL-07-030770
 -    stigid@rhel8: RHEL-08-030312
 +    stigid@almalinux8: RHEL-08-030312
+     stigid@rhel9: RHEL-09-654130
  
  {{{ ocil_fix_srg_privileged_command("postqueue") }}}
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml
-index 9a8daf680..7524b63b9 100644
+index 35e31c140..266b93695 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
-+prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - pt_chown'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml
 index f3c3324e2..d5545d32c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml
@@ -12950,28 +7972,20 @@ index bf0a58b43..0b13f7c0d 100644
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/rmmod", "x", "modules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml
-index e1d848144..e38115cab 100644
+index c6faead32..e255e3cd2 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Any Attempts to Run ssh-agent'
- 
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      nist@sle12: AU-3,AU-3.1,AU-12(a),AU-12(c),AU-12.1(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a)
-     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215
+     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235
      stigid@ol8: OL08-00-030280
 -    stigid@rhel8: RHEL-08-030280
 +    stigid@almalinux8: RHEL-08-030280
+     stigid@rhel9: RHEL-09-654135
      stigid@sle12: SLES-12-020310
      stigid@sle15: SLES-15-030370
-     stigid@ubuntu2004: UBTU-20-010140
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
-index fd3983b53..6d0523d75 100644
+index a62411297..7a50a8704 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
 @@ -1,4 +1,4 @@
@@ -12980,26 +7994,17 @@ index fd3983b53..6d0523d75 100644
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
-@@ -10,7 +10,7 @@
- 
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - ssh-keysign'
- 
-@@ -66,7 +66,7 @@ references:
+@@ -67,7 +67,7 @@ references:
      stigid@ol7: OL07-00-030780
      stigid@ol8: OL08-00-030320
      stigid@rhel7: RHEL-07-030780
 -    stigid@rhel8: RHEL-08-030320
 +    stigid@almalinux8: RHEL-08-030320
+     stigid@rhel9: RHEL-09-654140
      stigid@sle12: SLES-12-020320
      stigid@sle15: SLES-15-030060
-     stigid@ubuntu2004: UBTU-20-010141
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_krb5_child/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_krb5_child/rule.yml
-index 4ad68bc25..86a2598c4 100644
+index 83273d633..6aec3a8fd 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_krb5_child/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_krb5_child/rule.yml
 @@ -1,4 +1,4 @@
@@ -13009,7 +8014,7 @@ index 4ad68bc25..86a2598c4 100644
  {{%- endif %}}
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_ldap_child/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_ldap_child/rule.yml
-index 7d16f4d07..0d6e2ae4e 100644
+index 0e7b0caf1..ce741d01d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_ldap_child/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_ldap_child/rule.yml
 @@ -1,4 +1,4 @@
@@ -13019,7 +8024,7 @@ index 7d16f4d07..0d6e2ae4e 100644
  {{%- endif %}}
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_proxy_child/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_proxy_child/rule.yml
-index 2526442fe..e53152ec0 100644
+index 88d9a1d49..95492b5fa 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_proxy_child/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_proxy_child/rule.yml
 @@ -1,4 +1,4 @@
@@ -13029,7 +8034,7 @@ index 2526442fe..e53152ec0 100644
  {{%- endif %}}
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_selinux_child/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_selinux_child/rule.yml
-index 7c3c4c64a..4811fc5ba 100644
+index 880059066..eb9f79a41 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_selinux_child/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_selinux_child/rule.yml
 @@ -1,4 +1,4 @@
@@ -13039,213 +8044,148 @@ index 7c3c4c64a..4811fc5ba 100644
  {{%- endif %}}
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
-index 7a02e6220..827c7f7c5 100644
+index 1b4f74df5..5a4ceb78f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - su'
- 
-@@ -60,7 +60,7 @@ references:
+@@ -59,7 +59,7 @@ references:
      stigid@ol7: OL07-00-030680
      stigid@ol8: OL08-00-030190
      stigid@rhel7: RHEL-07-030680
 -    stigid@rhel8: RHEL-08-030190
 +    stigid@almalinux8: RHEL-08-030190
+     stigid@rhel9: RHEL-09-654145
      stigid@sle12: SLES-12-020250
      stigid@sle15: SLES-15-030550
-     stigid@ubuntu2004: UBTU-20-010136
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
-index 55e5e24bd..5a312880a 100644
+index a2a9261e9..a667f3c47 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - sudo'
- 
-@@ -61,7 +61,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-030690
      stigid@ol8: OL08-00-030550
      stigid@rhel7: RHEL-07-030690
 -    stigid@rhel8: RHEL-08-030550
 +    stigid@almalinux8: RHEL-08-030550
+     stigid@rhel9: RHEL-09-654150
      stigid@sle12: SLES-12-020260
      stigid@sle15: SLES-15-030560
-     stigid@ubuntu2004: UBTU-20-010161
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
-index ed40c3d03..964bcfd47 100644
+index f9af68594..7a67ffd99 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - sudoedit'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
-index 4ba40efd0..39a961a90 100644
+index 3cc450968..a1fad3d89 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - umount'
- 
-@@ -59,7 +59,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-030750
      stigid@ol8: OL08-00-030301
      stigid@rhel7: RHEL-07-030750
 -    stigid@rhel8: RHEL-08-030301
 +    stigid@almalinux8: RHEL-08-030301
+     stigid@rhel9: RHEL-09-654030
      stigid@sle12: SLES-12-020300
      stigid@ubuntu2004: UBTU-20-010139
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
-index 53d21d2c8..c777b13b2 100644
+index 8caef5913..68f4808c4 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - unix_chkpwd'
- 
-@@ -61,7 +61,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-030640
      stigid@ol8: OL08-00-030317
      stigid@rhel7: RHEL-07-030640
 -    stigid@rhel8: RHEL-08-030317
 +    stigid@almalinux8: RHEL-08-030317
+     stigid@rhel9: RHEL-09-654160
      stigid@sle12: SLES-12-020680
      stigid@sle15: SLES-15-030110
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml
-index 6ad48696d..2d326071c 100644
+index 3b477a26b..6ab8406a2 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - unix_update'
- 
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884
-     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215
+     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235
      stigid@ol8: OL08-00-030310
 -    stigid@rhel8: RHEL-08-030310
 +    stigid@almalinux8: RHEL-08-030310
+     stigid@rhel9: RHEL-09-654165
      stigid@ubuntu2004: UBTU-20-010173
  
- {{{ ocil_fix_srg_privileged_command("unix_update") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
-index b1994fa98..b6c9180f9 100644
+index f61686df7..53ec6290b 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - userhelper'
- 
-@@ -57,7 +57,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-030670
      stigid@ol8: OL08-00-030315
      stigid@rhel7: RHEL-07-030670
 -    stigid@rhel8: RHEL-08-030315
 +    stigid@almalinux8: RHEL-08-030315
+     stigid@rhel9: RHEL-09-654170
  
  {{{ ocil_fix_srg_privileged_command("userhelper") }}}
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
-index 8af435987..7a1924c90 100644
+index cfcaa17da..bd89fa211 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - usermod'
- 
 @@ -45,7 +45,7 @@ references:
      nist@sle12: AU-3,AU-12(a),AU-12(c),MA-4(1)(a)
-     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210
+     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255
      stigid@ol8: OL08-00-030560
 -    stigid@rhel8: RHEL-08-030560
 +    stigid@almalinux8: RHEL-08-030560
+     stigid@rhel9: RHEL-09-654175
      stigid@sle12: SLES-12-020700
      stigid@sle15: SLES-15-030500
-     stigid@ubuntu2004: UBTU-20-010176
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml
-index e3d68c134..ea7d39fcb 100644
+index fe6140d32..f1602a878 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml
-@@ -1,10 +1,10 @@
+@@ -1,4 +1,4 @@
 -{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
 +{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Ensure auditd Collects Information on the Use of Privileged Commands - usernetctl'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_utempter/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_utempter/rule.yml
-index abd867e50..403aa9f9a 100644
+index c14eefeee..0a87e80ec 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_utempter/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_utempter/rule.yml
 @@ -1,4 +1,4 @@
@@ -13255,7 +8195,7 @@ index abd867e50..403aa9f9a 100644
  {{%- endif %}}
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_write/rule.yml
-index c04fda277..f877355c3 100644
+index c8c5434f0..385ffcd14 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_write/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_write/rule.yml
 @@ -1,4 +1,4 @@
@@ -13264,157 +8204,13 @@ index c04fda277..f877355c3 100644
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml
-index 4fd5bef0f..30e9c3398 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Events that Modify User/Group Information via open syscall - /etc/group'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml
-index 79dc227e0..d97d3a1ec 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/group'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml
-index e1221d1ae..d4b050568 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Events that Modify User/Group Information via openat syscall - /etc/group'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml
-index 84d77e89c..969bb5e4f 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Events that Modify User/Group Information via open syscall - /etc/gshadow'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml
-index 3c8971e4c..914448724 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/gshadow'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml
-index 6ee8ef91c..7b7abadc7 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Events that Modify User/Group Information via openat syscall - /etc/gshadow'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml
-index 449fe58e3..9a8dc9be7 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Events that Modify User/Group Information via open syscall - /etc/passwd'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml
-index 37094bd4a..a62486e41 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/passwd'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml
-index ee5160823..6ae9798c7 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Events that Modify User/Group Information via openat syscall - /etc/passwd'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml
-index 01b22ecb0..f3c198fb1 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Events that Modify User/Group Information via open syscall - /etc/shadow'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml
-index 0eaf7977f..2c4c96990 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/shadow'
- 
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml
-index a1a404722..325c88f45 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Record Events that Modify User/Group Information via openat syscall - /etc/shadow'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh
-index ba84abfc9..e771e26f1 100644
+index b57078075..5d03b92a6 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  
  # Traverse all of:
  #
@@ -13430,18 +8226,18 @@ index 26d02c24e..28daa9106 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml
-index 81e0bc11e..da4792b27 100644
+index 625f9077a..ba455203e 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml
-@@ -58,7 +58,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      pcidss4: "10.3.2"
-     srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029
+     srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-APP-000119-CTR-000245,SRG-APP-000120-CTR-000250
      stigid@ol8: OL08-00-030121
 -    stigid@rhel8: RHEL-08-030121
 +    stigid@almalinux8: RHEL-08-030121
+     stigid@rhel9: RHEL-09-654275
  
  ocil_clause: 'the audit system is not set to be immutable by adding the "-e 2" option to the end of "/etc/audit/audit.rules"'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml
 index 94768073f..6fd009b50 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml
@@ -13453,26 +8249,18 @@ index 94768073f..6fd009b50 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml
-index 46e249efb..2e6eee0e5 100644
+index 15519eec3..c1630d0f4 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8
-+prodtype: rhel8,almalinux8
- 
- title: 'Configure immutable Audit login UIDs'
- 
-@@ -32,7 +32,7 @@ identifiers:
+@@ -31,7 +31,7 @@ identifiers:
  references:
      disa: CCI-000162,CCI-000163,CCI-000164
      srg: SRG-OS-000462-GPOS-00206,SRG-OS-000475-GPOS-00220,SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029
 -    stigid@rhel8: RHEL-08-030122
 +    stigid@almalinux8: RHEL-08-030122
+     stigid@rhel9: RHEL-09-654270
  
  ocil_clause: 'the system is not configured to make login UIDs immutable'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml
 index e55119fd1..2e7514b51 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml
@@ -13525,10 +8313,10 @@ index b61368c0c..eb3bf47f9 100644
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/usr/share/selinux/", "wa", "MAC-policy") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml
-index 8b9ff5f99..175c68741 100644
+index 9b81fe727..a2ed7fd50 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml
-@@ -60,7 +60,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-030740
      stigid@ol8: OL08-00-030302
      stigid@rhel7: RHEL-07-030740
@@ -13538,42 +8326,42 @@ index 8b9ff5f99..175c68741 100644
      stigid@sle15: SLES-15-030350
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml
-index ac5c84c87..bf549f47f 100644
+index 5eaed26cb..7f02f6431 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
  # reboot =false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh
-index 7e22f270f..d310cfd08 100644
+index 06bbeb9fb..545ad2377 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml
-index 7f2f4e298..7ad5c59a3 100644
+index 58be87f4b..3adce26dc 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh
-index caf49d4f8..f2ba8f9f1 100644
+index bd42cc0f1..366b790a4 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/var/run/utmp", "wa", "session") }}}
@@ -13589,47 +8377,31 @@ index 8b2377d44..39c2bba69 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml
-index 628dc4fd8..f8a123321 100644
+index 72245ee79..704574ae6 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Ensure auditd Collects System Administrator Actions - /etc/sudoers'
- 
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-002130,CCI-002132,CCI-002884
-     srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221
+     srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275
      stigid@ol8: OL08-00-030171
 -    stigid@rhel8: RHEL-08-030171
 +    stigid@almalinux8: RHEL-08-030171
+     stigid@rhel9: RHEL-09-654215
  
  ocil_clause: 'the command does not return a line, or the line is commented out'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml
-index a8b33956b..86c412e9a 100644
+index dd9b966dd..ac7c82949 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Ensure auditd Collects System Administrator Actions - /etc/sudoers.d/'
- 
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-002130,CCI-002132,CCI-002884
-     srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221
+     srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275
      stigid@ol8: OL08-00-030172
 -    stigid@rhel8: RHEL-08-030172
 +    stigid@almalinux8: RHEL-08-030172
+     stigid@rhel9: RHEL-09-654220
  
  ocil_clause: 'the command does not return a line, or the line is commented out'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml
 index 64e8dde85..3d4f65278 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml
@@ -13650,20 +8422,8 @@ index 15d6fa4e2..7f98c9915 100644
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/rule.yml
-index 866445695..c7164e885 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8,rhel9
-+prodtype: rhel8,almalinux8,rhel9
- 
- title: 'Record Events When Executables Are Run As Another User'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml
-index 252ed0ca6..980a260ae 100644
+index 88b06cff6..3f5be4c47 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -13694,36 +8454,28 @@ index 323a798b1..46fad7416 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml
-index 49a665ded..1301a0496 100644
+index 9973488bd..b70cd79a9 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Events When Privileged Executables Are Run'
- 
-@@ -58,7 +58,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-030360
      stigid@ol8: OL08-00-030000
      stigid@rhel7: RHEL-07-030360
 -    stigid@rhel8: RHEL-08-030000
 +    stigid@almalinux8: RHEL-08-030000
+     stigid@rhel9: RHEL-09-654010
      stigid@sle12: SLES-12-020240
      stigid@sle15: SLES-15-030640
-     stigid@ubuntu2004: UBTU-20-010211
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh
-index fcde9d3aa..6477bc85e 100644
+index 027623091..c1c2c1952 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
- {{{ bash_fix_audit_watch_rule("auditctl", "/etc/sudoers", "wa", "actions") }}}
+ 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
 index 336beb2b7..26c47e462 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
@@ -13735,18 +8487,6 @@ index 336beb2b7..26c47e462 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
-index 339a4846f..aa92eda70 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Shutdown System When Auditing Failures Occur'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh
 index 07965e2c7..908fa6e54 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh
@@ -13758,129 +8498,77 @@ index 07965e2c7..908fa6e54 100644
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/etc/group", "wa", "audit_rules_usergroup_modification") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
-index b213979b4..a475f8eb1 100644
+index 6cfd87a9f..a27f12f90 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Events that Modify User/Group Information - /etc/group'
- 
-@@ -66,7 +66,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030871
      stigid@ol8: OL08-00-030170
      stigid@rhel7: RHEL-07-030871
 -    stigid@rhel8: RHEL-08-030170
 +    stigid@almalinux8: RHEL-08-030170
+     stigid@rhel9: RHEL-09-654225
      stigid@sle12: SLES-12-020210
      stigid@sle15: SLES-15-030010
-     stigid@ubuntu2004: UBTU-20-010101
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
-index 0bb5e2238..869c6f721 100644
+index 9f4c4db6d..53bad69c9 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Events that Modify User/Group Information - /etc/gshadow'
- 
-@@ -66,7 +66,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030872
      stigid@ol8: OL08-00-030160
      stigid@rhel7: RHEL-07-030872
 -    stigid@rhel8: RHEL-08-030160
 +    stigid@almalinux8: RHEL-08-030160
+     stigid@rhel9: RHEL-09-654230
      stigid@sle12: SLES-12-020590
      stigid@sle15: SLES-15-030040
-     stigid@ubuntu2004: UBTU-20-010103
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
-index 946cd6104..5dbc533f8 100644
+index cf9223a9f..d087916ac 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Events that Modify User/Group Information - /etc/security/opasswd'
- 
-@@ -67,7 +67,7 @@ references:
+@@ -64,7 +64,7 @@ references:
      stigid@ol7: OL07-00-030874
      stigid@ol8: OL08-00-030140
      stigid@rhel7: RHEL-07-030874
 -    stigid@rhel8: RHEL-08-030140
 +    stigid@almalinux8: RHEL-08-030140
+     stigid@rhel9: RHEL-09-654235
      stigid@sle12: SLES-12-020230
      stigid@sle15: SLES-15-030030
-     stigid@ubuntu2004: UBTU-20-010104
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
-index 46cf595dd..6835c3bb1 100644
+index c5feebc9a..94b4ae1a0 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Events that Modify User/Group Information - /etc/passwd'
- 
-@@ -66,7 +66,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030870
      stigid@ol8: OL08-00-030150
      stigid@rhel7: RHEL-07-030870
 -    stigid@rhel8: RHEL-08-030150
 +    stigid@almalinux8: RHEL-08-030150
+     stigid@rhel9: RHEL-09-654240
      stigid@sle12: SLES-12-020200
      stigid@sle15: SLES-15-030000
-     stigid@ubuntu2004: UBTU-20-010100
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
-index a4e780a39..45c857398 100644
+index 67357a164..b7d05b2af 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Record Events that Modify User/Group Information - /etc/shadow'
- 
-@@ -66,7 +66,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030873
      stigid@ol8: OL08-00-030130
      stigid@rhel7: RHEL-07-030873
 -    stigid@rhel8: RHEL-08-030130
 +    stigid@almalinux8: RHEL-08-030130
+     stigid@rhel9: RHEL-09-654245
      stigid@sle12: SLES-12-020220
      stigid@sle15: SLES-15-030020
-     stigid@ubuntu2004: UBTU-20-010102
-diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml
-index b00fb3856..3072f6eb3 100644
---- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml
-+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: fedora,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Record Attempts to perform maintenance activities'
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh
-index b7f44ab38..e6b1d1856 100644
+index 24b4da6b6..1b2b4dd27 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh
 @@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  
  {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml
@@ -13895,12 +8583,12 @@ index 49c97e395..51f48c0f9 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh
-index f0783ec4f..a4cc0d84c 100644
+index c511ede45..617b679c5 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
@@ -13956,12 +8644,12 @@ index 8a58bbc38..1a73014dc 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh
-index 4983b503e..b4db73bce 100644
+index 0899dcded..fa722e21d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/etc/localtime", "wa", "audit_time_rules") }}}
@@ -13987,26 +8675,18 @@ index ec17adf55..0ecb4079c 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml
-index dfff55bd3..b43eabe6e 100644
+index 743a16423..f0a11d0db 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'System Audit Directories Must Be Group Owned By Root'
- 
-@@ -36,7 +36,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      pcidss: Req-10.5.1
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-030110
 -    stigid@rhel8: RHEL-08-030110
 +    stigid@almalinux8: RHEL-08-030110
+     stigid@rhel9: RHEL-09-653080
  
  ocil: |-
-     {{% if product =="ol8" %}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
 index 09d4e8ff5..6a8e8bdab 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
@@ -14020,26 +8700,18 @@ index 09d4e8ff5..6a8e8bdab 100644
  groupadd group_test
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml
-index 6a95e9f13..0ac24ce77 100644
+index 301bd5e57..ecf98a56a 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'System Audit Directories Must Be Owned By Root'
- 
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      pcidss: Req-10.5.1
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-030100
 -    stigid@rhel8: RHEL-08-030100
 +    stigid@almalinux8: RHEL-08-030100
+     stigid@rhel9: RHEL-09-653085
  
  ocil_clause: the directory is not owned by root
- 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh
 index 0dad1bfe1..29632f729 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh
@@ -14051,7 +8723,7 @@ index 0dad1bfe1..29632f729 100644
  if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then
    DIR=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ' | rev | cut -d"/" -f2- | rev)
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml
-index fc07d9465..d688b8138 100644
+index 01955927f..ebead7aa0 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml
 @@ -3,7 +3,7 @@ documentation_complete: true
@@ -14063,7 +8735,7 @@ index fc07d9465..d688b8138 100644
      Verify the audit log directories have a mode of "0700" or less permissive by first determining
      where the audit logs are stored with the following command:
      <pre>$ sudo grep -iw log_file /etc/audit/auditd.conf
-@@ -46,7 +46,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      nist-csf: DE.AE-3,DE.AE-5,PR.AC-4,PR.DS-5,PR.PT-1,RS.AN-1,RS.AN-4
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029
      stigid@ol8: OL08-00-030120
@@ -14072,7 +8744,7 @@ index fc07d9465..d688b8138 100644
      stigid@ubuntu2004: UBTU-20-010128
  
  ocil_clause: 'audit logs have a more permissive mode'
-@@ -70,7 +70,7 @@ ocil: |-
+@@ -73,7 +73,7 @@ ocil: |-
  
      Replace "[audit_log_directory]" to the correct audit log directory path, by default this location is "/var/log/audit".
  
@@ -14081,7 +8753,7 @@ index fc07d9465..d688b8138 100644
      The correct permissions are 0700
      {{% else %}}
      If the log_group is "root" or is not set, the correct permissions are 0700, otherwise they are 0750.
-@@ -83,7 +83,7 @@ fixtext: |-
+@@ -86,7 +86,7 @@ fixtext: |-
  
      $ sudo grep "^log_file" /etc/audit/auditd.conf
  
@@ -14139,19 +8811,11 @@ index b93254a4b..c7d66ccbb 100644
  source common_0700.sh
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
-index 399e4ea76..15f37085a 100644
+index 523930ea9..5038a6320 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'System Audit Logs Must Be Group Owned By Root'
- 
-@@ -42,7 +42,7 @@ references:
-     pcidss: Req-10.5.1
+@@ -45,7 +45,7 @@ references:
+     pcidss4: '10.3.2'
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-030090
 -    stigid@rhel8: RHEL-08-030090
@@ -14206,18 +8870,10 @@ index 95acf5905..18954ffa1 100644
        comment="var/log/audit/audit.log file uid root"
        id="test_user_ownership_audit_default_log_files" version="1">
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
-index b7b5736cd..400ffbe2c 100644
+index 041b8d795..184f43d3e 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'System Audit Logs Must Be Owned By Root'
- 
-@@ -36,7 +36,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      pcidss: Req-10.5.1
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-030080
@@ -14260,7 +8916,7 @@ index 1879113b8..8798ae1ae 100644
  
  sed -i "/^\s*log_file.*/d" /etc/audit/auditd.conf
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml
-index 81e471f4e..c1e9bbb15 100644
+index 722f6731a..7f1879db2 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -14280,26 +8936,18 @@ index 0b42da512..013401d8c 100644
  if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then
      FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
-index a7aa67de4..ef897a3b3 100644
+index 26a439145..1910462b1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'System Audit Logs Must Have Mode 0640 or Less Permissive'
- 
-@@ -55,7 +55,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-910055
      stigid@ol8: OL08-00-030070
      stigid@rhel7: RHEL-07-910055
 -    stigid@rhel8: RHEL-08-030070
 +    stigid@almalinux8: RHEL-08-030070
+     stigid@rhel9: RHEL-09-653090
      stigid@ubuntu2004: UBTU-20-010122
  
- ocil_clause: 'any permissions are more permissive'
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh
 index 15023ca70..488ef3e3f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh
@@ -14364,18 +9012,6 @@ index 53a56e255..554799735 100644
  
  {{{ bash_instantiate_variables("var_audispd_remote_server") }}}
  
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml
-index 9ec973546..9817efe45 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Configure audispd Plugin To Send Logs To Remote Server'
- 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh
 index 44d9a1f74..a466bc72d 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh
@@ -14401,26 +9037,18 @@ index 0bfa82083..93b11eb05 100644
  . $SHARED/auditd_utils.sh
  prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
-index 5edbb9df9..4faa8a675 100644
+index f902ce228..0be6013c8 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Configure a Sufficiently Large Partition for Audit Logs'
- 
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist@sle15: AU-4
      srg: SRG-OS-000341-GPOS-00132,SRG-OS-000342-GPOS-00133
      stigid@ol8: OL08-00-030660
 -    stigid@rhel8: RHEL-08-030660
 +    stigid@almalinux8: RHEL-08-030660
+     stigid@rhel9: RHEL-09-653030
      stigid@sle12: SLES-12-020020
      stigid@sle15: SLES-15-030660
-     stigid@ubuntu2004: UBTU-20-010215
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml
 index 942cd0f5d..a53df57b1 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml
@@ -14441,18 +9069,6 @@ index 36e7f8cda..842f3922d 100644
  
  {{{ bash_instantiate_variables("var_audispd_disk_full_action") }}}
  
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml
-index 8ccde192c..24a1d1f07 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Configure audispd''s Plugin disk_full_action When Disk Is Full'
- 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh
 index be3e74b0b..b6f46f51e 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh
@@ -14489,17 +9105,10 @@ index e8d055f90..467e50704 100644
  {{% else %}}
      <ind:pattern operation="pattern match">^[ ]*enable_krb5[ ]+=[ ]+yes[ ]*$</ind:pattern>
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
-index 637683d69..2d38292b3 100644
+index ad68d3a77..7e94d7ac4 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
-@@ -1,13 +1,13 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Encrypt Audit Records Sent With audispd Plugin'
- 
+@@ -6,7 +6,7 @@ title: 'Encrypt Audit Records Sent With audispd Plugin'
  description: |-
      Configure the operating system to encrypt the transfer of off-loaded audit
      records onto a different system or media from the system being audited.
@@ -14508,7 +9117,7 @@ index 637683d69..2d38292b3 100644
      Set the <tt>transport</tt> option in <pre>{{{ audisp_conf_path }}}/audisp-remote.conf</pre>
      to <tt>KRB5</tt>.
  {{% else %}}
-@@ -45,7 +45,7 @@ ocil_clause: 'audispd is not encrypting audit records when sent over the network
+@@ -44,7 +44,7 @@ ocil_clause: 'audispd is not encrypting audit records when sent over the network
  ocil: |-
      To verify the audispd plugin encrypts audit records off-loaded onto a different
      system or media from the system being audited, run the following command:
@@ -14517,7 +9126,7 @@ index 637683d69..2d38292b3 100644
      <pre>$ sudo grep -i transport {{{ audisp_conf_path }}}/audisp-remote.conf</pre>
      The output should return the following:
      <pre>transport = KRB5</pre>
-@@ -57,7 +57,7 @@ ocil: |-
+@@ -56,7 +56,7 @@ ocil: |-
  
  fixtext: |-
      Configure {{{ full_name }}} to encrypt audit records sent with audispd plugin.
@@ -14594,18 +9203,6 @@ index d1a513600..8ca091bea 100644
  
  {{{ bash_instantiate_variables("var_audispd_network_failure_action") }}}
  
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml
-index 0a3db3206..b05f5e2b3 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Configure audispd''s Plugin network_failure_action On Network Failure'
- 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh
 index d244d4bd0..ec516de8a 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh
@@ -14696,12 +9293,12 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
-index 652697743..1509661df 100644
+index 73ce2ef8e..e4436d854 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist-csf: DE.AE-3,DE.AE-5,PR.DS-4,PR.PT-1,RS.AN-1,RS.AN-4
-     srg: SRG-OS-000047-GPOS-00023
+     srg: SRG-OS-000047-GPOS-00023,SRG-APP-000098-CTR-000185,SRG-APP-000099-CTR-000190,SRG-APP-000100-CTR-000195,SRG-APP-000100-CTR-000200,SRG-APP-000109-CTR-000215,SRG-APP-000290-CTR-000670,SRG-APP-000357-CTR-000800
      stigid@ol8: OL08-00-030040
 -    stigid@rhel8: RHEL-08-030040
 +    stigid@almalinux8: RHEL-08-030040
@@ -14771,10 +9368,10 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
-index e69a05904..f847fa9c0 100644
+index a4e554260..4f88b276c 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      nist@sle12: AU-5(b),AU-5.1(iv)
      srg: SRG-OS-000047-GPOS-00023
      stigid@ol8: OL08-00-030060
@@ -14835,20 +9432,20 @@ index dfb8d3035..28e3fd6c9 100644
  {{{ bash_instantiate_variables("var_auditd_action_mail_acct") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
-index f04a42850..66fc3abcb 100644
+index 961c3d442..63720ccb1 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-030350
      stigid@ol8: OL08-00-030020
      stigid@rhel7: RHEL-07-030350
 -    stigid@rhel8: RHEL-08-030020
 +    stigid@almalinux8: RHEL-08-030020
+     stigid@rhel9: RHEL-09-653070
      stigid@sle12: SLES-12-020040
      stigid@sle15: SLES-15-030570
-     stigid@ubuntu2004: UBTU-20-010117
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
-index 9efd2d5e8..95c46c53e 100644
+index 49efdc918..ab901e892 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -14858,7 +9455,7 @@ index 9efd2d5e8..95c46c53e 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
-index e05250cea..e04d721a4 100644
+index f377a92dd..44680a119 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -14878,18 +9475,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml
-index 01c5df5d6..79dc15915 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Configure auditd admin_space_left on Low Disk Space'
- 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
 index 9c8afcfa3..53a6da7e0 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
@@ -14921,18 +9506,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
-index ce94d5f5f..de2167a15 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Configure auditd flush priority'
- 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh
 index ba44b2bb5..303e1d8f7 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh
@@ -15150,20 +9723,8 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
-index d9b97fbfb..e34244c39 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Configure auditd space_left on Low Disk Space'
- 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
-index 46560f89e..123e5ef3c 100644
+index ec0ed4850..3c3b130e8 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -15173,7 +9734,7 @@ index 46560f89e..123e5ef3c 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
-index 870f6619e..a1dc8844a 100644
+index b6e0267bb..990063e2f 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -15194,39 +9755,31 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
-index bea9a7805..854cc6ed4 100644
+index 63929bbb8..992e2f39b 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
-@@ -63,7 +63,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      stigid@ol7: OL07-00-030340
      stigid@ol8: OL08-00-030731
      stigid@rhel7: RHEL-07-030340
 -    stigid@rhel8: RHEL-08-030731
 +    stigid@almalinux8: RHEL-08-030731
+     stigid@rhel9: RHEL-09-653040
      stigid@ubuntu2004: UBTU-20-010217
  
- ocil_clause: 'there is no evidence that real-time alerts are configured on the system'
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
-index c82d0d370..46a8784bc 100644
+index 2b6acf034..08652305d 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Configure auditd space_left on Low Disk Space'
- 
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      stigid@ol7: OL07-00-030330
      stigid@ol8: OL08-00-030730
      stigid@rhel7: RHEL-07-030330
 -    stigid@rhel8: RHEL-08-030730
 +    stigid@almalinux8: RHEL-08-030730
+     stigid@rhel9: RHEL-09-653035
      stigid@ubuntu2004: UBTU-20-010217
  
- ocil_clause: 'the value of the "space_left" keyword is not set to {{{ xccdf_value("var_auditd_space_left_percentage") }}}% of the storage volume allocated to audit logs, or if the line is commented out, ask the System Administrator to indicate how the system is providing real-time alerts to the SA and ISSO. If the "space_left" value is not configured to the correct value'
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
@@ -15250,7 +9803,7 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
-index 75590e720..0b5a09999 100644
+index e3a34e25b..109161da8 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
 @@ -25,7 +25,7 @@ references:
@@ -15259,9 +9812,9 @@ index 75590e720..0b5a09999 100644
      stigid@ol8: OL08-00-030061
 -    stigid@rhel8: RHEL-08-030061
 +    stigid@almalinux8: RHEL-08-030061
+     stigid@rhel9: RHEL-09-653075
  
  ocil_clause: local_events isn't set to yes
- 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
@@ -15274,20 +9827,20 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
-index 475689e52..96b7c4ce4 100644
+index 9d19776db..8ac220842 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
 @@ -26,7 +26,7 @@ references:
      ospp: FAU_GEN.1.2
-     srg: SRG-OS-000255-GPOS-00096,SRG-OS-000480-GPOS-00227
+     srg: SRG-OS-000255-GPOS-00096,SRG-OS-000480-GPOS-00227,SRG-APP-000096-CTR-000175,SRG-APP-000097-CTR-000180,SRG-APP-000098-CTR-000185,SRG-APP-000099-CTR-000190,SRG-APP-000100-CTR-000195,SRG-APP-000100-CTR-000200,SRG-APP-000109-CTR-000215,SRG-APP-000290-CTR-000670,SRG-APP-000357-CTR-000800
      stigid@ol8: OL08-00-030063
 -    stigid@rhel8: RHEL-08-030063
 +    stigid@almalinux8: RHEL-08-030063
+     stigid@rhel9: RHEL-09-653100
  
  ocil_clause: log_format isn't set to ENRICHED
- 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
-index c93322835..b24919d0b 100644
+index 015e9d6ef..cb221f19e 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -15297,7 +9850,7 @@ index c93322835..b24919d0b 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
-index 67a1203dd..12a94396c 100644
+index a08fddc90..1b881f0ff 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -15318,18 +9871,18 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
-index 1d32aaf92..02471eb04 100644
+index 1806a3c3e..8fb1d714e 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      stigid@ol7: OL07-00-030211
      stigid@ol8: OL08-00-030062
      stigid@rhel7: RHEL-07-030211
 -    stigid@rhel8: RHEL-08-030062
 +    stigid@almalinux8: RHEL-08-030062
+     stigid@rhel9: RHEL-09-653060
  
- ocil_clause: name_format isn't set to hostname
- 
+ ocil_clause: name_format isn't set to {{{ xccdf_value("var_auditd_name_format") }}}
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
 index 12d8541cb..a3d1c459b 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
@@ -15351,7 +9904,7 @@ index f308bd675..e9789ea24 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
-index a058b881c..1427b39ca 100644
+index bd0205d1f..16893ecff 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
 @@ -32,7 +32,7 @@ references:
@@ -15360,9 +9913,9 @@ index a058b881c..1427b39ca 100644
      stigid@rhel7: RHEL-07-030210
 -    stigid@rhel8: RHEL-08-030700
 +    stigid@almalinux8: RHEL-08-030700
+     stigid@rhel9: RHEL-09-653065
  
  ocil_clause: 'auditd overflow action is not set correctly'
- 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
@@ -15388,26 +9941,18 @@ index bcafc35b8..1579dc90f 100644
  {{% else %}}
      The setting for remote_server in /etc/audisp/audisp-remote.conf
 diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
-index e81a90bc6..1a095b8a2 100644
+index f77f25a2c..a3a6d73ca 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
 +++ b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enable Auditing for Processes Which Start Prior to the Audit Daemon'
- 
-@@ -51,7 +51,7 @@ references:
-     pcidss4: "10.7"
+@@ -48,7 +48,7 @@ references:
+     pcidss4: '10.7.3'
      srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000254-GPOS-00095
      stigid@ol8: OL08-00-030601
 -    stigid@rhel8: RHEL-08-030601
 +    stigid@almalinux8: RHEL-08-030601
+     stigid@rhel9: RHEL-09-212055
      stigid@ubuntu2004: UBTU-20-010198
  
- ocil_clause: 'auditing is not enabled at boot time'
 diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh b/linux_os/guide/system/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh
 index 4a03a2117..365d018a2 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh
@@ -15443,26 +9988,18 @@ index 35034f242..3f1e63b11 100644
  # Break the audit argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
-index 65132d8ee..02631d75d 100644
+index f10e01952..9c7be10c9 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
 +++ b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Extend Audit Backlog Limit for the Audit Daemon'
- 
-@@ -39,7 +39,7 @@ references:
-     ospp: FAU_STG.1,FAU_STG.3
+@@ -38,7 +38,7 @@ references:
+     pcidss4: '10.7.2'
      srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000254-GPOS-00095,SRG-OS-000341-GPOS-00132,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215
      stigid@ol8: OL08-00-030602
 -    stigid@rhel8: RHEL-08-030602
 +    stigid@almalinux8: RHEL-08-030602
+     stigid@rhel9: RHEL-09-653120
  
  ocil_clause: 'audit backlog limit is not configured'
- 
 diff --git a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
 index aaffbf476..f3e10ad43 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
@@ -15484,54 +10021,19 @@ index f93dc5644..1fa37409f 100644
  
  # Break the audit_backlog_limit argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
-diff --git a/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml b/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml
-index e2d2b7fdb..f4952aacd 100644
---- a/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml
-+++ b/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Install audispd-plugins Package'
- 
 diff --git a/linux_os/guide/system/auditing/package_audit_installed/rule.yml b/linux_os/guide/system/auditing/package_audit_installed/rule.yml
-index b71d4e054..7983af2cf 100644
+index e1adfae96..7e61cb8f6 100644
 --- a/linux_os/guide/system/auditing/package_audit_installed/rule.yml
 +++ b/linux_os/guide/system/auditing/package_audit_installed/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      pcidss4: "10.2.1"
      srg: SRG-OS-000062-GPOS-00031,SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000475-GPOS-00220
      stigid@ol8: OL08-00-030180
 -    stigid@rhel8: RHEL-08-030180
 +    stigid@almalinux8: RHEL-08-030180
+     stigid@rhel9: RHEL-09-653010
      stigid@sle12: SLES-12-020000
      stigid@sle15: SLES-15-030650
-     stigid@ubuntu2004: UBTU-20-010182
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/kubernetes/shared.yml
-index e33140501..603abfb90 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/kubernetes/shared.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml
-index cefc04f50..8a6a38e9e 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of unsuccessful file accesses'
- 
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
 index f29a4afc6..26ac0688c 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
@@ -15565,18 +10067,6 @@ index 413293083..3f8c50a39 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml
-index 9c2495c3c..e19b21b56 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of successful file accesses'
- 
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
 index 1d08bae3a..3e2300448 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
@@ -15610,41 +10100,6 @@ index f62426900..bd3ddd10a 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml
-index 28500f9d4..f7fdb1574 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure basic parameters of Audit system'
- 
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml
-index 981a0c861..ab7d657c3 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml
-index 6121df242..dc10d4df6 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of unsuccessful file creations'
- 
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
 index c26dc39be..d32b854fd 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
@@ -15667,18 +10122,6 @@ index 08c8dc855..e9277f263 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml
-index 8dca6a682..4d76ade87 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of successful file creations'
- 
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
 index 023388b66..655883afe 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
@@ -15690,18 +10133,6 @@ index 023388b66..655883afe 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml
-index f687fd864..71bfab67b 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of unsuccessful file deletions'
- 
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
 index 22d3990f0..ed4f8bce8 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
@@ -15735,18 +10166,6 @@ index bff04fe4c..a56d7f18f 100644
  
  {{% set file_contents = """## Successful file delete
  -a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F success=1 -F auid&gt;=" ~ uid_min ~ " -F auid!=unset -F key=successful-delete
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml
-index 45419ec17..b15b8f741 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of successful file deletions'
- 
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
 index 37b8b3676..d1be71273 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
@@ -15770,7 +10189,7 @@ index a46066d62..731636c7f 100644
  {{% set file_contents = """## Successful file delete
  -a always,exit -F arch=b64 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=" ~ uid_min ~ " -F auid!=unset -F key=successful-delete""" -%}}
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
-index 4b6116733..42e1c3da2 100644
+index ff5e61676..f7012bed2 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15780,27 +10199,6 @@ index 4b6116733..42e1c3da2 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
-index c5295afeb..25c7c729d 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure immutable Audit login UIDs'
- 
-@@ -35,7 +35,7 @@ references:
-     ospp: FAU_GEN.1.2
-     srg: SRG-OS-000462-GPOS-00206,SRG-OS-000475-GPOS-00220,SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029
-     stigid@ol8: OL08-00-030122
--    stigid@rhel8: RHEL-08-030122
-+    stigid@almalinux8: RHEL-08-030122
- 
- ocil_clause: 'the file does not exist or the content differs'
- 
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
 index 2d9279849..ec6477378 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
@@ -15812,18 +10210,6 @@ index 2d9279849..ec6477378 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml
-index c6c9cc56c..139ffa91d 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of unsuccessful file modifications'
- 
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
 index dae466002..527bc8489 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
@@ -15857,18 +10243,6 @@ index c6f796967..7a6e545c4 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml
-index 888a33657..e2743c631 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of successful file modifications'
- 
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
 index 212ec4ba5..62e1ee6de 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
@@ -15902,18 +10276,6 @@ index f8cd8b73d..090554c02 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml
-index c3cb2cd34..0351d8b52 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of loading and unloading of kernel modules'
- 
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
 index 231034a9c..460877cec 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
@@ -15926,7 +10288,7 @@ index 231034a9c..460877cec 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
-index a93771e85..22e9b17b9 100644
+index 6002067e5..0515753c4 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15936,18 +10298,6 @@ index a93771e85..22e9b17b9 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml
-index fbe8d9fae..c5684d979 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Perform general configuration of Audit for OSPP'
- 
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
 index c122b209f..d1f676a94 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
@@ -15970,66 +10320,6 @@ index fa81ece03..7a26684d2 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml
-index 55ad31393..3767b639e 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of unsuccessful ownership changes'
- 
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml
-index fc419001f..f989e141f 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of successful ownership changes'
- 
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml
-index f0c9a0c44..af0b162c6 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of unsuccessful permission changes'
- 
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml
-index 7ea158505..a85e376db 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure auditing of successful permission changes'
- 
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml
-index 1cc1f231f..e545d01bb 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Configure audit according to OSPP requirements'
- 
 diff --git a/linux_os/guide/system/auditing/service_auditd_enabled/kubernetes/shared.yml b/linux_os/guide/system/auditing/service_auditd_enabled/kubernetes/shared.yml
 index 89d6152dc..7afbf02b7 100644
 --- a/linux_os/guide/system/auditing/service_auditd_enabled/kubernetes/shared.yml
@@ -16042,30 +10332,18 @@ index 89d6152dc..7afbf02b7 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml b/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml
-index ffcdae249..edd53ca7f 100644
+index 96317d8d1..b86c22fd5 100644
 --- a/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml
 +++ b/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml
-@@ -61,7 +61,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-030000
      stigid@ol8: OL08-00-030181
      stigid@rhel7: RHEL-07-030000
 -    stigid@rhel8: RHEL-08-030181
 +    stigid@almalinux8: RHEL-08-030181
+     stigid@rhel9: RHEL-09-653015
      stigid@sle12: SLES-12-020010
      stigid@sle15: SLES-15-030050
- 
-diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml
-index d6bfc02f3..98c11ac6f 100644
---- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
- 
- title: 'Configure kernel to trust the CPU random number generator'
- 
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
 index 50abc5732..306ca07b1 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
@@ -16102,152 +10380,44 @@ index c4213caf8..c422634f2 100644
  # Break the argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
-index 70251f709..aa50620ba 100644
+index 48b26196a..08c744d38 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Enable Kernel Page-Table Isolation (KPTI)'
- 
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      nist: SI-16
      srg: SRG-OS-000433-GPOS-00193,SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040004
 -    stigid@rhel8: RHEL-08-040004
 +    stigid@almalinux8: RHEL-08-040004
+     stigid@rhel9: RHEL-09-212050
  
  ocil_clause: 'Kernel page-table isolation is not enabled'
- 
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
-index 9a0f0d212..4fc19b1de 100644
+index 925e7a74a..9292c956d 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable vsyscalls'
- 
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      ospp: FPT_ASLR_EXT.1
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
      stigid@ol8: OL08-00-010422
 -    stigid@rhel8: RHEL-08-010422
 +    stigid@almalinux8: RHEL-08-010422
+     stigid@rhel9: RHEL-09-212035
  
  ocil_clause: 'vsyscalls are enabled'
- 
-diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
-index d0bdf2523..426907be8 100644
---- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Verify {{{ grub2_boot_path }}}/grub.cfg Group Ownership'
- 
-diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml
-index b7557c41f..c53d44c08 100644
---- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Verify {{{ grub2_boot_path }}}/user.cfg Group Ownership'
- 
-diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
-index 2ef41b1c5..68a2f15e1 100644
---- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify {{{ grub2_boot_path }}}/grub.cfg User Ownership'
- 
-diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml
-index 5df579a97..7d532af01 100644
---- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Verify {{{ grub2_boot_path }}}/user.cfg User Ownership'
- 
-diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
-index 10fe57233..da14963a0 100644
---- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify {{{ grub2_boot_path }}}/grub.cfg Permissions'
- 
-diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml
-index 8de6ef356..216ecd5a3 100644
---- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Verify {{{ grub2_boot_path }}}/user.cfg Permissions'
- 
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
-index 05e2deae0..f1cc2932f 100644
+index 94fc58975..b7134083c 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Set the Boot Loader Admin Username to a Non-Default Value'
- 
-@@ -50,7 +50,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-010483
      stigid@ol8: OL08-00-010149
      stigid@rhel7: RHEL-07-010483
 -    stigid@rhel8: RHEL-08-010149
 +    stigid@almalinux8: RHEL-08-010149
+     stigid@rhel9: RHEL-09-212020
  
  ocil_clause: 'superuser account is not set or is set to root, admin, administrator or any other existing user name'
- 
-diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_no_removeable_media/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_no_removeable_media/rule.yml
-index fe06e5afc..1eb0615a4 100644
---- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_no_removeable_media/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_no_removeable_media/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Boot Loader Is Not Installed On Removeable Media'
- 
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/oval/shared.xml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/oval/shared.xml
 index f5b957e88..b678a4e70 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/oval/shared.xml
@@ -16262,111 +10432,23 @@ index f5b957e88..b678a4e70 100644
        {{% else %}}
        <criteria operator="AND">
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
-index 03031cd11..4bf9edefc 100644
+index 43168a7cc..7f62e0944 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Set Boot Loader Password in grub2'
- 
-@@ -72,7 +72,7 @@ references:
+@@ -70,7 +70,7 @@ references:
      stigid@ol7: OL07-00-010482
      stigid@ol8: OL08-00-010150
      stigid@rhel7: RHEL-07-010482
 -    stigid@rhel8: RHEL-08-010150
 +    stigid@almalinux8: RHEL-08-010150
+     stigid@rhel9: RHEL-09-212010
      stigid@sle12: SLES-12-010430
      stigid@sle15: SLES-15-010190
-     stigid@ubuntu2004: UBTU-20-010009
-diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml
-index 8a10defce..fe273c155 100644
---- a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Verify the UEFI Boot Loader grub.cfg Group Ownership'
- 
-diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_user_cfg/rule.yml
-index 1fa0facd5..a17809216 100644
---- a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_user_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_user_cfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Verify {{{ grub2_uefi_boot_path }}}/user.cfg Group Ownership'
- 
-diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
-index 9f5bb2745..d5148b20f 100644
---- a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Verify the UEFI Boot Loader grub.cfg User Ownership'
- 
-diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml
-index 104fa81e8..d68cbb603 100644
---- a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Verify {{{ grub2_uefi_boot_path }}}/user.cfg User Ownership'
- 
-diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
-index ee5bdcaf8..a7bbd206a 100644
---- a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- 
- title: 'Verify the UEFI Boot Loader grub.cfg Permissions'
-diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_user_cfg/rule.yml
-index bfea4e047..8945ecc7d 100644
---- a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_user_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_user_cfg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- 
- title: 'Verify {{{ grub2_uefi_boot_path }}}/user.cfg Permissions'
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
-index a277f209f..2ee2ac744 100644
+index 8dbb9aeca..e27499d26 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Set the UEFI Boot Loader Admin Username to a Non-Default Value'
- 
-@@ -57,7 +57,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-010492
      stigid@ol8: OL08-00-010141
      stigid@rhel7: RHEL-07-010492
@@ -16376,18 +10458,10 @@ index a277f209f..2ee2ac744 100644
  ocil_clause: 'superuser account is not set or is set to an existing name or to a common name'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
-index cdaa2b573..6feeaf9c8 100644
+index c77f9b5e7..c475f2568 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Set the UEFI Boot Loader Password'
- 
-@@ -72,7 +72,7 @@ references:
+@@ -70,7 +70,7 @@ references:
      stigid@ol7: OL07-00-010491
      stigid@ol8: OL08-00-010140
      stigid@rhel7: RHEL-07-010491
@@ -16396,30 +10470,6 @@ index cdaa2b573..6feeaf9c8 100644
      stigid@sle12: SLES-12-010440
      stigid@sle15: SLES-15-010200
      stigid@ubuntu2004: UBTU-20-010009
-diff --git a/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml
-index cb1aa0fef..cbfe1986a 100644
---- a/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'UEFI Boot Loader Is Not Installed On Removeable Media'
- 
-diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml
-index 708e29a69..d057e14cf 100644
---- a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml
-+++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhcos4,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: rhcos4,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Enable Auditing to Start Prior to the Audit Daemon in zIPL'
- 
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/correct_option.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/correct_option.pass.sh
 index 7a828837f..d13ae7f52 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/correct_option.pass.sh
@@ -16453,30 +10503,6 @@ index 5650cc0a7..1ee373205 100644
  
  # Remove audit=1 from all boot entries
  sed -Ei 's/(^options.*\s)audit=1(.*?)$/\1\2/' /boot/loader/entries/*
-diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml
-index 98f7ec507..2b638d7e9 100644
---- a/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml
-+++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhcos4,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: rhcos4,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Extend Audit Backlog Limit for the Audit Daemon in zIPL'
- 
-diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml
-index 56b634d4b..3ad83680a 100644
---- a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml
-+++ b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhcos4,rhel8,rhel9
-+prodtype: rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Ensure all zIPL boot entries are BLS compliant'
- 
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/image_configured.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/image_configured.fail.sh
 index e3adb9963..13e5314b1 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/image_configured.fail.sh
@@ -16509,18 +10535,6 @@ index 7f2be3564..80f8b55f3 100644
  # reboot = false
  # strategy = configure
  # complexity = low
-diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml
-index 6c7e33965..b23d9d8cd 100644
---- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml
-+++ b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhcos4,rhel8,rhel9
-+prodtype: rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Ensure zIPL bootmap is up to date'
- 
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh
 index 728c6b7bd..b06f989e6 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh
@@ -16554,18 +10568,6 @@ index 7981ba8c5..8bfdce20e 100644
  # remediation = none
  
  touch /etc/zipl.conf
-diff --git a/linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml
-index a763429f1..a0e5a7baa 100644
---- a/linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml
-+++ b/linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhcos4,rhel8,rhel9
-+prodtype: rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Ensure SELinux Not Disabled in zIPL'
- 
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
 index 50cf1b78f..33cd2971b 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
@@ -16599,30 +10601,6 @@ index 9d330c919..62547cbb3 100644
  
  # Remove init_on_alloc=1 from all boot entries
  sed -Ei 's/(^options.*\s)init_on_alloc=1(.*?)$/\1\2/' /boot/loader/entries/*
-diff --git a/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml
-index 0cd61ae2f..0d87202c2 100644
---- a/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml
-+++ b/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhcos4,rhel8,rhel9
-+prodtype: rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Enable page allocator poisoning in zIPL'
- 
-diff --git a/linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml
-index df0f6c3ee..0f1501c91 100644
---- a/linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml
-+++ b/linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhcos4,rhel8,rhel9
-+prodtype: rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Enable SLUB/SLAB allocator poisoning in zIPL'
- 
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
 index 5585e0eaf..bd860eb70 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
@@ -16643,18 +10621,6 @@ index 0d90d58db..dfc1a2407 100644
  
  # Correct BLS option using grubby, which is a thin wrapper around BLS operations
  grubby --update-kernel=ALL --remove-args="systemd.debug-shell"
-diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/rule.yml
-index 3a442c4eb..cf24d500e 100644
---- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/rule.yml
-+++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhcos4,rhel8,rhel9
-+prodtype: rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Ensure debug-shell service is not enabled in zIPL'
- 
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/argument_missing.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/argument_missing.pass.sh
 index 4649db979..fb4ec1b8a 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/argument_missing.pass.sh
@@ -16699,318 +10665,6 @@ index 0c2febb03..556ea474a 100644
  
  # Make sure boot loader entries doesn't contain systemd.debug-shell
  sed -Ei 's/(^options.*)\s\bsystemd.debug-shell\b\S*(.*?)$/\1\2/' /boot/loader/entries/*
-diff --git a/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml
-index 9d645c887..9ef0b3feb 100644
---- a/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml
-+++ b/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhcos4,rhel8,rhel9
-+prodtype: rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Disable vsyscalls in zIPL'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_latent_entropy/rule.yml b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_latent_entropy/rule.yml
-index ef617d152..c3b3e1137 100644
---- a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_latent_entropy/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_latent_entropy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Generate some entropy during boot and runtime'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak/rule.yml b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak/rule.yml
-index 6a19eb78d..2a548404c 100644
---- a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Force initialization of variables containing userspace addresses'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_arm64_sw_ttbr0_pan/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_arm64_sw_ttbr0_pan/rule.yml
-index 8ca4e0962..0ec72b5f7 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_arm64_sw_ttbr0_pan/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_arm64_sw_ttbr0_pan/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Emulate Privileged Access Never (PAN)'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_bug_on_data_corruption/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_bug_on_data_corruption/rule.yml
-index 7c85b7efe..83fd24802 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_bug_on_data_corruption/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_bug_on_data_corruption/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Trigger a kernel BUG when data corruption is detected'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_debug_wx/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_debug_wx/rule.yml
-index e09a87043..c5e90c8a9 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_debug_wx/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_debug_wx/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Warn on W+X mappings found at boot'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_fortify_source/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_fortify_source/rule.yml
-index b380e43cf..b54ef5778 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_fortify_source/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_fortify_source/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Harden common str/mem functions against buffer overflows'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy/rule.yml
-index 0fd7014cc..9a165fa88 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,rhel9
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Harden memory copies between kernel and userspace'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy_fallback/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy_fallback/rule.yml
-index 785d3d9c2..d6be520e9 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy_fallback/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy_fallback/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Do not allow usercopy whitelist violations to fallback to object size'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_emulate/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_emulate/rule.yml
-index a88d80076..74e388a85 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_emulate/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_emulate/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Disable vsyscall emulation'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_none/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_none/rule.yml
-index 7976cd56c..f8b3f1116 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_none/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_none/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Disable vsyscall mapping'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_modify_ldt_syscall/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_modify_ldt_syscall/rule.yml
-index 35f88e89d..4b9cf3804 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_modify_ldt_syscall/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_modify_ldt_syscall/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Disable the LDT (local descriptor table)'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml
-index db2575974..99a7b6d5e 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Enable poison of pages after freeing'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_refcount_full/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_refcount_full/rule.yml
-index 6b0fb3a20..a4160c8b5 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_refcount_full/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_refcount_full/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,rhel9
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Perform full reference count validation'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_sched_stack_end_check/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_sched_stack_end_check/rule.yml
-index 2753a98ec..baf9f6f5e 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_sched_stack_end_check/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_sched_stack_end_check/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Detect stack corruption on calls to schedule()'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_hardened/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_hardened/rule.yml
-index 78b5db286..bdf63631e 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_hardened/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_hardened/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Harden slab freelist metadata'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_random/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_random/rule.yml
-index 5c93226b1..9b6116b61 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_random/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_random/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Randomize slab freelist'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_slab_merge_default/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_slab_merge_default/rule.yml
-index 3dd3de678..07b6e2ae0 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_slab_merge_default/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_slab_merge_default/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Disallow merge of slab caches'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector/rule.yml
-index ce52a1198..e317a0dcd 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Stack Protector buffer overlow detection'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector_strong/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector_strong/rule.yml
-index 87e6828d1..20b300249 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector_strong/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector_strong/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Strong Stack Protector'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_strict_kernel_rwx/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_strict_kernel_rwx/rule.yml
-index a585ee932..7777de305 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_strict_kernel_rwx/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_strict_kernel_rwx/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Make the kernel text and rodata read-only'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_strict_module_rwx/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_strict_module_rwx/rule.yml
-index 2c34a6816..e950b5fc9 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_strict_module_rwx/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_strict_module_rwx/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'Make the module text and rodata read-only'
- 
-diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_vmap_stack/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_vmap_stack/rule.yml
-index 0f575cad3..c2430c4ea 100644
---- a/linux_os/guide/system/kernel_build_config/kernel_config_vmap_stack/rule.yml
-+++ b/linux_os/guide/system/kernel_build_config/kernel_config_vmap_stack/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9
-+prodtype: fedora,rhel8,almalinux8,rhel9
- 
- title: 'User a virtually-mapped stack'
- 
-diff --git a/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_hostlimit/rule.yml b/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_hostlimit/rule.yml
-index 555d53cbc..9c53ce537 100644
---- a/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_hostlimit/rule.yml
-+++ b/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_hostlimit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Configure Logwatch HostLimit Line'
- 
-diff --git a/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_splithosts/rule.yml b/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_splithosts/rule.yml
-index 405034e95..c1cab9d33 100644
---- a/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_splithosts/rule.yml
-+++ b/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_splithosts/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Configure Logwatch SplitHosts Line'
- 
-diff --git a/linux_os/guide/system/logging/disable_logwatch_for_logserver/rule.yml b/linux_os/guide/system/logging/disable_logwatch_for_logserver/rule.yml
-index 245b9fa89..60ad42446 100644
---- a/linux_os/guide/system/logging/disable_logwatch_for_logserver/rule.yml
-+++ b/linux_os/guide/system/logging/disable_logwatch_for_logserver/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Disable Logwatch on Clients if a Logserver Exists'
- 
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
 index 773f88904..6060189e7 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
@@ -17022,26 +10676,18 @@ index 773f88904..6060189e7 100644
  if ! grep -s "^\s*cron\.\*\s*/var/log/cron$" /etc/rsyslog.conf /etc/rsyslog.d/*.conf; then
  	mkdir -p /etc/rsyslog.d
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
-index 8a7b722b9..36da5ed0b 100644
+index 923a9096d..d66f57206 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Ensure cron Is Logging To Rsyslog'
- 
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      stigid@ol7: OL07-00-021100
      stigid@ol8: OL08-00-030010
      stigid@rhel7: RHEL-07-021100
 -    stigid@rhel8: RHEL-08-030010
 +    stigid@almalinux8: RHEL-08-030010
+     stigid@rhel9: RHEL-09-652060
  
  ocil_clause: 'cron is not logging to rsyslog'
- 
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
 index 4e321fecb..2818c4ca1 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
@@ -17063,7 +10709,7 @@ index 3933f28b4..d71a075f1 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
-index 452294e3a..b85159504 100644
+index fe5623311..9b7964316 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -17072,11 +10718,11 @@ index 452294e3a..b85159504 100644
      stigid@ol8: OL08-00-030720
 -    stigid@rhel8: RHEL-08-030720
 +    stigid@almalinux8: RHEL-08-030720
- 
+     stigid@rhel9: RHEL-09-652040
  
  ocil_clause: '$ActionSendStreamDriverAuthMode in /etc/rsyslog.conf is not set to x509/name'
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
-index d15f2d792..65df1ee81 100644
+index 7fb97b65f..d66b45c27 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -17085,11 +10731,11 @@ index d15f2d792..65df1ee81 100644
      stigid@ol8: OL08-00-030710
 -    stigid@rhel8: RHEL-08-030710
 +    stigid@almalinux8: RHEL-08-030710
+     stigid@rhel9: RHEL-09-652045
  
  ocil_clause: 'rsyslogd ActionSendStreamDriverMode is not set to 1'
- 
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
-index ba1095929..400ae7b76 100644
+index 12c43f3db..699f1e725 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -17098,102 +10744,88 @@ index ba1095929..400ae7b76 100644
      stigid@ol8: OL08-00-030710
 -    stigid@rhel8: RHEL-08-030710
 +    stigid@almalinux8: RHEL-08-030710
+     stigid@rhel9: RHEL-09-652050
  
  ocil_clause: 'rsyslogd DefaultNetstreamDriver not set to gtls'
- 
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_logging_configured/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_logging_configured/rule.yml
-index 76f0e4b38..478fcb3b3 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_logging_configured/rule.yml
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_logging_configured/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Ensure logging is configured'
- 
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
-index bea5ed470..e4f16f70c 100644
+index 9db602a15..44ad370ae 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Ensure remote access methods are monitored in Rsyslog'
- 
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      nist: AC-17(1)
      srg: SRG-OS-000032-GPOS-00013
      stigid@ol8: OL08-00-010070
 -    stigid@rhel8: RHEL-08-010070
 +    stigid@almalinux8: RHEL-08-010070
+     stigid@rhel9: RHEL-09-652030
      stigid@ubuntu2004: UBTU-20-010403
  
- ocil_clause: 'remote access methods are not logging to rsyslog'
 diff --git a/linux_os/guide/system/logging/journald/journald_compress/rule.yml b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
-index 1d7cf6b6f..2bb036475 100644
+index dcfbf1fa2..d104e71a6 100644
 --- a/linux_os/guide/system/logging/journald/journald_compress/rule.yml
 +++ b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,anolis23,anolis8,fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: Ensure journald is configured to compress large log files
+@@ -35,7 +35,7 @@ ocil: |-
+     Storing logs with compression can help avoid filling the system disk.
+     Run the following command to verify that journald is compressing logs.
+     <pre>
+-{{%- if product in ["fedora", "rhel8", "rhel9", "sle15"] %}}
++{{%- if product in ["fedora", "rhel8", "almalinux8", "rhel9", "sle15"] %}}
+     grep "^\sCompress" /etc/systemd/journald.conf {{{ journald_conf_dir_path }}}/*.conf
+ {{% else %}}
+     grep "^\sCompress" /etc/systemd/journald.conf
+@@ -46,7 +46,7 @@ ocil: |-
+     Compress=yes
+     </pre>
  
+-{{%- if product in ["fedora", "rhel8", "rhel9", "sle15"] %}}
++{{%- if product in ["fedora", "rhel8", "almalinux8", "rhel9", "sle15"] %}}
+ template:
+     name: systemd_dropin_configuration
+     vars:
 diff --git a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
-index 602e2601a..b3acb23b5 100644
+index bf0a951ef..ecee756bc 100644
 --- a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
 +++ b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: alinux3,anolis23,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
- 
- title: Ensure journald is configured to send logs to rsyslog
+@@ -35,7 +35,7 @@ ocil: |-
+     Storing logs remotely protects the integrity of the data from local attacks.
+     Run the following command to verify that journald is forwarding logs to a remote host.
+     <pre>
+-{{%- if product in ["rhel8", "rhel9", "sle15"] %}}
++{{%- if product in ["rhel8", "almalinux8", "rhel9", "sle15"] %}}
+     grep "^\sForwardToSyslog" /etc/systemd/journald.conf {{{ journald_conf_dir_path }}}/*.conf
+ {{% else %}}
+     grep "^\sForwardToSyslog" /etc/systemd/journald.conf
+@@ -46,7 +46,7 @@ ocil: |-
+     ForwardToSyslog=yes
+     </pre>
  
+-{{%- if product in ["rhel8", "rhel9", "sle15"] %}}
++{{%- if product in ["rhel8", "almalinux8", "rhel9", "sle15"] %}}
+ template:
+     name: systemd_dropin_configuration
+     vars:
 diff --git a/linux_os/guide/system/logging/journald/journald_storage/rule.yml b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
-index b4348b10b..3a4032efb 100644
+index 2ee5dc216..aef01b335 100644
 --- a/linux_os/guide/system/logging/journald/journald_storage/rule.yml
 +++ b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,anolis23,anolis8,fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: Ensure journald is configured to write log files to persistent disk
- 
-diff --git a/linux_os/guide/system/logging/journald/package_systemd-journal-remote_installed/rule.yml b/linux_os/guide/system/logging/journald/package_systemd-journal-remote_installed/rule.yml
-index 859859c7f..9e9281ab8 100644
---- a/linux_os/guide/system/logging/journald/package_systemd-journal-remote_installed/rule.yml
-+++ b/linux_os/guide/system/logging/journald/package_systemd-journal-remote_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8,ubuntu2204
-+prodtype: rhel8,almalinux8,ubuntu2204
- 
- title: 'Install systemd-journal-remote Package'
- 
-diff --git a/linux_os/guide/system/logging/journald/socket_systemd-journal-remote_disabled/rule.yml b/linux_os/guide/system/logging/journald/socket_systemd-journal-remote_disabled/rule.yml
-index 8510c91a5..1c59fb9df 100644
---- a/linux_os/guide/system/logging/journald/socket_systemd-journal-remote_disabled/rule.yml
-+++ b/linux_os/guide/system/logging/journald/socket_systemd-journal-remote_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8,rhel9,ubuntu2204
-+prodtype: fedora,rhel8,almalinux8,rhel9,ubuntu2204
- 
- title: 'Disable systemd-journal-remote Socket'
+@@ -34,7 +34,7 @@ ocil: |-
+     Storing logs with persistent storage ensures they are available after a reboot or system crash.
+     Run the command below to verify that logs are being persistently stored to disk.
+     <pre>
+-{{%- if product in ["fedora", "rhel8", "rhel9", "sle15"] %}}
++{{%- if product in ["fedora", "rhel8", "almalinux8", "rhel9", "sle15"] %}}
+     grep "^\sStorage" /etc/systemd/journald.conf {{{ journald_conf_dir_path }}}/*.conf
+ {{% else %}}
+     grep "^\sStorage" /etc/systemd/journald.conf
+@@ -45,7 +45,7 @@ ocil: |-
+     Storage=persistent
+     </pre>
  
+-{{%- if product in ["fedora", "rhel8", "rhel9", "sle15"] %}}
++{{%- if product in ["fedora", "rhel8", "almalinux8", "rhel9", "sle15"] %}}
+ template:
+     name: systemd_dropin_configuration
+     vars:
 diff --git a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
 index 892523fc4..9fbba1ccb 100644
 --- a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
@@ -17205,64 +10837,45 @@ index 892523fc4..9fbba1ccb 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
+diff --git a/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml b/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
+index 11544323c..c5e78ed75 100644
+--- a/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
++++ b/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
+@@ -54,7 +54,7 @@ template:
+         timername: logrotate
+         packagename: logrotate
+ 
+-{{% if product in ["rhel7", "rhel8"] %}}
++{{% if product in ["rhel7", "rhel8", "almalinux8"] %}}
+ warnings:
+     - general:
+         The Systemd unit <tt>logrotate.timer</tt> does not exist in
 diff --git a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
-index 0abe60b2d..5dbfb1bc3 100644
+index ed375fc89..46f024c89 100644
 --- a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
 +++ b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- title: 'Ensure rsyslog-gnutls is installed'
- 
- description: |-
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      ospp: FTP_ITC_EXT.1.1
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-030680
 -    stigid@rhel8: RHEL-08-030680
 +    stigid@almalinux8: RHEL-08-030680
+     stigid@rhel9: RHEL-09-652015
  
  ocil_clause: 'the package is not installed'
- 
 diff --git a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
-index 70b97b107..0060678e1 100644
+index 1bd70d3f2..37f319635 100644
 --- a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
 +++ b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      ospp: FTP_ITC_EXT.1.1
      srg: SRG-OS-000479-GPOS-00224,SRG-OS-000051-GPOS-00024,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-030670
 -    stigid@rhel8: RHEL-08-030670
 +    stigid@almalinux8: RHEL-08-030670
+     stigid@rhel9: RHEL-09-652010
  
  ocil_clause: 'the package is not installed'
- 
-diff --git a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
-index 1ff4d159c..f956b132f 100644
---- a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
-+++ b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2204
- 
- title: 'Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server'
- 
-diff --git a/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml b/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml
-index f37af583d..9393c0a64 100644
---- a/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml
-+++ b/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Ensure rsyslog Default File Permissions Configured'
- 
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
 index f42709ef5..8b35da68b 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
@@ -17284,18 +10897,18 @@ index f2019bb9a..a12ceb5c1 100644
  {{{ bash_instantiate_variables("rsyslog_remote_loghost_address") }}}
  
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
-index 99af538e9..4ee7be2ae 100644
+index 92cf57d08..e0f70bf9d 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
 +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
-@@ -69,7 +69,7 @@ references:
+@@ -67,7 +67,7 @@ references:
      stigid@ol7: OL07-00-031000
      stigid@ol8: OL08-00-030690
      stigid@rhel7: RHEL-07-031000
 -    stigid@rhel8: RHEL-08-030690
 +    stigid@almalinux8: RHEL-08-030690
+     stigid@rhel9: RHEL-09-652055
      stigid@sle12: SLES-12-030340
      stigid@sle15: SLES-15-010580
- 
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
 index d6e2b2564..323d3ffaa 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
@@ -17316,127 +10929,71 @@ index ee1cbf7ea..eb4e5adc4 100644
  # reboot = false
  # strategy = configure
  # complexity = low
-diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml
-index 86c0988cf..0aef0d4dc 100644
---- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml
-+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Configure TLS for rsyslog remote logging'
- 
-diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml
-index 1030537bd..12ca07bfb 100644
---- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml
-+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Configure CA certificate for rsyslog remote logging'
- 
 diff --git a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
-index 5dcdc7fb5..570a06d68 100644
+index e423460c5..68f88d27d 100644
 --- a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
 +++ b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.DS-4,PR.PT-1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010561
 -    stigid@rhel8: RHEL-08-010561
 +    stigid@almalinux8: RHEL-08-010561
+     stigid@rhel9: RHEL-09-652020
      stigid@ubuntu2004: UBTU-20-010432
  
- ocil_clause: '{{{ ocil_clause_service_enabled(service="rsyslog") }}}'
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
-index cdf4f0eff..ba602d12a 100644
+index 23204bae4..749046a97 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9,sle15
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9,sle15
- 
- title: 'Configure Firewalld to Use the Nftables Backend'
- 
-@@ -26,7 +26,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      nist: SC-5
      srg: SRG-OS-000420-GPOS-00186
      stigid@ol8: OL08-00-040150
 -    stigid@rhel8: RHEL-08-040150
 +    stigid@almalinux8: RHEL-08-040150
+     stigid@rhel9: RHEL-09-251030
  
  ocil_clause: 'the "nftables" is not set as the "firewallbackend"'
- 
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
-index fd1fe1494..f775c6942 100644
+index 9ddf98026..39fedc08b 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Install firewalld Package'
- 
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115,SRG-OS-000298-GPOS-00116,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00232
      stigid@ol7: OL07-00-040520
      stigid@ol8: OL08-00-040100
 -    stigid@rhel8: RHEL-08-040100
 +    stigid@almalinux8: RHEL-08-040100
+     stigid@rhel9: RHEL-09-251010
      stigid@sle15: SLES-15-010220
  
- ocil_clause: 'the package is not installed'
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
-index 52bc3288f..f2598e60b 100644
+index 225a7057c..6552cc770 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Verify firewalld Enabled'
- 
-@@ -47,7 +47,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-040520
      stigid@ol8: OL08-00-040101
      stigid@rhel7: RHEL-07-040520
 -    stigid@rhel8: RHEL-08-040101
 +    stigid@almalinux8: RHEL-08-040101
+     stigid@rhel9: RHEL-09-251015
      stigid@sle15: SLES-15-010220
  
- ocil_clause: '{{{ ocil_clause_service_enabled("firewalld") }}}'
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
-index 18e51cc42..7cd879662 100644
+index 71a119393..5be80d5bc 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Configure the Firewalld Ports'
- 
 @@ -52,7 +52,7 @@ references:
      stigid@ol7: OL07-00-040100
      stigid@ol8: OL08-00-040030
      stigid@rhel7: RHEL-07-040100
 -    stigid@rhel8: RHEL-08-040030
 +    stigid@almalinux8: RHEL-08-040030
+     stigid@rhel9: RHEL-09-251025
  
  ocil_clause: 'there are additional ports, protocols, or services that are not in the PPSM CLSA, or there are ports, protocols, or services that are prohibited by the PPSM Category Assurance List (CAL), or there are no firewall rules configured'
- 
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml
 index 787eb6976..b507337f8 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml
@@ -17448,85 +11005,30 @@ index 787eb6976..b507337f8 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
-index 2c0820d66..6b057d39e 100644
+index 4553964d2..64dc3525c 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,ol8,ol9,rhel8,rhel9
-+prodtype: alinux2,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Firewalld Must Employ a Deny-all, Allow-by-exception Policy for Allowing Connections to Other Systems'
- 
-@@ -25,7 +25,7 @@ references:
+@@ -23,7 +23,7 @@ references:
      nist: AC-17 (1)
      srg: SRG-OS-000297-GPOS-00115
      stigid@ol8: OL08-00-040090
 -    stigid@rhel8: RHEL-08-040090
 +    stigid@almalinux8: RHEL-08-040090
+     stigid@rhel9: RHEL-09-251020
  
  ocil_clause: 'no zones are active on the interfaces or if the target is set to a different option other than "DROP"'
- 
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
-index d7cd7bc83..105144ee0 100644
+index 18907ee31..21fa42eb8 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
+@@ -47,7 +47,7 @@ references:
+     pcidss4: '1.3.1,1.5.1'
+     srg: SRG-OS-000480-GPOS-00227
+     stigid@rhel7: RHEL-07-040810
+-    stigid@rhel8: RHEL-08-040090
++    stigid@almalinux8: RHEL-08-040090
  
--prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Set Default firewalld Zone for Incoming Packets'
- 
-diff --git a/linux_os/guide/system/network/network-firewalld/set_firewalld_appropriate_zone/rule.yml b/linux_os/guide/system/network/network-firewalld/set_firewalld_appropriate_zone/rule.yml
-index 555ce3099..c88a9bdb5 100644
---- a/linux_os/guide/system/network/network-firewalld/set_firewalld_appropriate_zone/rule.yml
-+++ b/linux_os/guide/system/network/network-firewalld/set_firewalld_appropriate_zone/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,sle15
-+prodtype: rhel7,rhel8,almalinux8,sle15
- 
- title: 'Ensure network interfaces are assigned to appropriate zone'
- 
-diff --git a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
-index 995b046df..a7b7cc3d9 100644
---- a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
-+++ b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Verify Any Configured IPSec Tunnel Connections'
- 
-diff --git a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
-index 9427aee63..e051434d0 100644
---- a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
-+++ b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
- 
- title: 'Install libreswan Package'
- 
-diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/rule.yml b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/rule.yml
-index 777c9d974..7e36d746a 100644
---- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/rule.yml
-+++ b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,ubuntu2204
-+prodtype: rhel7,rhel8,almalinux8,ubuntu2204
- 
- title: 'Ensure ip6tables Firewall Rules Exist for All Open Ports'
+ ocil_clause: 'the default zone is not set to DROP'
  
 diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
 index ccfb8db79..e41d9c2d8 100644
@@ -17539,18 +11041,6 @@ index ccfb8db79..e41d9c2d8 100644
  # check-import = stdout
  
  result=$XCCDF_RESULT_PASS
-diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/rule.yml b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/rule.yml
-index ccb144f33..7a3ba975d 100644
---- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/rule.yml
-+++ b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,ubuntu2204
-+prodtype: rhel7,rhel8,almalinux8,ubuntu2204
- 
- title: 'Ensure iptables Firewall Rules Exist for All Open Ports'
- 
 diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh
 index b2a8e350c..e97d0f4a5 100644
 --- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh
@@ -17562,54 +11052,6 @@ index b2a8e350c..e97d0f4a5 100644
  # check-import = stdout
  
  result=$XCCDF_RESULT_PASS
-diff --git a/linux_os/guide/system/network/network-iptables/package_iptables-services_installed/rule.yml b/linux_os/guide/system/network/network-iptables/package_iptables-services_installed/rule.yml
-index 74fef1fa9..e0fca8171 100644
---- a/linux_os/guide/system/network/network-iptables/package_iptables-services_installed/rule.yml
-+++ b/linux_os/guide/system/network/network-iptables/package_iptables-services_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8
-+prodtype: rhel8,almalinux8
- 
- title: 'Install iptables-services Package'
- 
-diff --git a/linux_os/guide/system/network/network-iptables/package_iptables-services_removed/rule.yml b/linux_os/guide/system/network/network-iptables/package_iptables-services_removed/rule.yml
-index 291cf5694..ec7537abf 100644
---- a/linux_os/guide/system/network/network-iptables/package_iptables-services_removed/rule.yml
-+++ b/linux_os/guide/system/network/network-iptables/package_iptables-services_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Remove iptables-services Package'
- 
-diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/rule.yml b/linux_os/guide/system/network/network-iptables/package_iptables_installed/rule.yml
-index 655d66d0a..6e6c15943 100644
---- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/rule.yml
-+++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- platform: machine and not rhcos4-rhel9
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_default_gateway/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_default_gateway/rule.yml
-index 23dfed41d..e90a8c6af 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_default_gateway/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_default_gateway/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Manually Assign IPv6 Router Address'
- 
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
 index d787fbbbf..d209806d8 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
@@ -17620,30 +11062,6 @@ index d787fbbbf..d209806d8 100644
  
  # enable randomness in ipv6 address generation
  for interface in /etc/sysconfig/network-scripts/ifcfg-*
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/rule.yml
-index 5d554b2c0..fad68a9b2 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Use Privacy Extensions for Address'
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_static_address/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_static_address/rule.yml
-index aac0fae49..ca69e4d4f 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_static_address/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_static_address/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Manually Assign Global IPv6 Address'
- 
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
 index 87306fedb..88e2884bc 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
@@ -17656,62 +11074,18 @@ index 87306fedb..88e2884bc 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
-index f9728d7dc..eab3789e7 100644
+index 3dcc93b93..8567faf1d 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Configure Accepting Router Advertisements on All IPv6 Interfaces'
- 
-@@ -40,7 +40,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040261
 -    stigid@rhel8: RHEL-08-040261
 +    stigid@almalinux8: RHEL-08-040261
+     stigid@rhel9: RHEL-09-254010
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.ipv6.conf.all.accept_ra", value="0") }}}
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_defrtr/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_defrtr/rule.yml
-index 1d1d0c692..e825870ae 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_defrtr/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_defrtr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_pinfo/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_pinfo/rule.yml
-index d61211712..aa03e52e2 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_pinfo/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_pinfo/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_rtr_pref/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_rtr_pref/rule.yml
-index 6cfdfe692..ffecc80c7 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_rtr_pref/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_rtr_pref/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces
- 
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
 index 8792fc668..2c7c4b025 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
@@ -17724,26 +11098,18 @@ index 8792fc668..2c7c4b025 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
-index 2d8036595..f562e29d1 100644
+index b5f8b62a6..3ba5d0c76 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Accepting ICMP Redirects for All IPv6 Interfaces'
- 
-@@ -41,7 +41,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040280
 -    stigid@rhel8: RHEL-08-040280
 +    stigid@almalinux8: RHEL-08-040280
+     stigid@rhel9: RHEL-09-254015
      stigid@sle12: SLES-12-030363
      stigid@sle15: SLES-15-040341
- 
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
 index e222b1c88..85b92ce90 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
@@ -17756,83 +11122,31 @@ index e222b1c88..85b92ce90 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
-index 834c8c2c1..bf8edca1e 100644
+index 57ea1cb8f..c6551fef7 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces'
- 
-@@ -51,7 +51,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-040830
      stigid@ol8: OL08-00-040240
      stigid@rhel7: RHEL-07-040830
 -    stigid@rhel8: RHEL-08-040240
 +    stigid@almalinux8: RHEL-08-040240
+     stigid@rhel9: RHEL-09-254020
      stigid@sle12: SLES-12-030361
      stigid@sle15: SLES-15-040310
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_autoconf/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_autoconf/rule.yml
-index eb1264282..94093f853 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_autoconf/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_autoconf/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: Configure Auto Configuration on All IPv6 Interfaces
- 
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
-index 7373f9a7d..0e7192238 100644
+index 02e493846..ed401ad45 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Kernel Parameter for IPv6 Forwarding'
- 
-@@ -40,7 +40,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      nist-csf: DE.CM-1,PR.DS-4,PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040260
 -    stigid@rhel8: RHEL-08-040260
 +    stigid@almalinux8: RHEL-08-040260
+     stigid@rhel9: RHEL-09-254025
      stigid@sle12: SLES-12-030364
      stigid@sle15: SLES-15-040381
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_max_addresses/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_max_addresses/rule.yml
-index 5323d1473..571dc0ad2 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_max_addresses/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_max_addresses/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_router_solicitations/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_router_solicitations/rule.yml
-index 70f5e7919..0fc7d4c34 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_router_solicitations/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_router_solicitations/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Configure Denying Router Solicitations on All IPv6 Interfaces'
- 
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
 index 4ed2c480c..f59b6d7c3 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
@@ -17845,62 +11159,18 @@ index 4ed2c480c..f59b6d7c3 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
-index 68083fac1..6122a3838 100644
+index 8f20c4de7..b91a262f0 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Accepting Router Advertisements on all IPv6 Interfaces by Default'
- 
-@@ -40,7 +40,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040262
 -    stigid@rhel8: RHEL-08-040262
 +    stigid@almalinux8: RHEL-08-040262
+     stigid@rhel9: RHEL-09-254030
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.ipv6.conf.default.accept_ra", value="0") }}}
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_defrtr/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_defrtr/rule.yml
-index e5b1d3405..641cc00f6 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_defrtr/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_defrtr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_pinfo/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_pinfo/rule.yml
-index 561bf545a..d68230e4f 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_pinfo/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_pinfo/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_rtr_pref/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_rtr_pref/rule.yml
-index 67e3ac551..f1a53f465 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_rtr_pref/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_rtr_pref/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default
- 
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
 index 845b013ed..063776b85 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
@@ -17913,26 +11183,18 @@ index 845b013ed..063776b85 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
-index 1fa3ff038..fc4d6d718 100644
+index 0c832ff4e..33bbb66ae 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces'
- 
-@@ -43,7 +43,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist@sle15: CM-6(b),CM-6.1(iv)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040210
 -    stigid@rhel8: RHEL-08-040210
 +    stigid@almalinux8: RHEL-08-040210
+     stigid@rhel9: RHEL-09-254035
      stigid@sle12: SLES-12-030401
      stigid@sle15: SLES-15-040350
- 
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
 index e2951d845..0335df123 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
@@ -17945,74 +11207,18 @@ index e2951d845..0335df123 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
-index 6f29e358d..5cd193854 100644
+index 0e74c07dc..da640932c 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default'
- 
-@@ -50,7 +50,7 @@ references:
-     pcidss: Req-1.4.3
+@@ -48,7 +48,7 @@ references:
+     pcidss4: '1.4.2'
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040250
 -    stigid@rhel8: RHEL-08-040250
 +    stigid@almalinux8: RHEL-08-040250
+     stigid@rhel9: RHEL-09-254040
      stigid@sle12: SLES-12-030362
      stigid@sle15: SLES-15-040321
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_autoconf/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_autoconf/rule.yml
-index 0362586d3..67cb4caf9 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_autoconf/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_autoconf/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: Configure Auto Configuration on All IPv6 Interfaces By Default
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_max_addresses/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_max_addresses/rule.yml
-index 145dd2df5..20e1a40a5 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_max_addresses/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_max_addresses/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_router_solicitations/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_router_solicitations/rule.yml
-index b46af1bf7..cfc157a90 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_router_solicitations/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_router_solicitations/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Configure Denying Router Solicitations on All IPv6 Interfaces By Default'
- 
-diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml
-index 284850ced..488499f22 100644
---- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure IPv6 is disabled through kernel boot parameter'
- 
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh
 index 5d8daaa6b..604dc02c0 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh
@@ -18045,18 +11251,6 @@ index db339c353..38d2f0d62 100644
  
  # Break the ipv6.disable argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
-diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_interfaces/rule.yml
-index 86299ffbc..672d504af 100644
---- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_interfaces/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_interfaces/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Disable Interface Usage of IPv6'
- 
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
 index 2bd1bdbca..63ab3fe59 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
@@ -18067,18 +11261,6 @@ index 2bd1bdbca..63ab3fe59 100644
  
  # Drop 'tcp6' and 'udp6' entries from /etc/netconfig to prevent RPC
  # services for NFSv4 from attempting to start IPv6 network listeners
-diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/rule.yml b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/rule.yml
-index 603b98156..107c219ec 100644
---- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/rule.yml
-+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Disable Support for RPC IPv6'
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
 index 6bb6de134..1f0664a02 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
@@ -18091,26 +11273,18 @@ index 6bb6de134..1f0664a02 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
-index 643403856..aca51e29a 100644
+index 82876444a..17e33c67f 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Accepting ICMP Redirects for All IPv4 Interfaces'
- 
-@@ -51,7 +51,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-040641
      stigid@ol8: OL08-00-040279
      stigid@rhel7: RHEL-07-040641
 -    stigid@rhel8: RHEL-08-040279
 +    stigid@almalinux8: RHEL-08-040279
+     stigid@rhel9: RHEL-09-253015
      stigid@sle12: SLES-12-030390
      stigid@sle15: SLES-15-040330
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
 index b3d72bb4a..b89b8a35a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
@@ -18123,59 +11297,31 @@ index b3d72bb4a..b89b8a35a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
-index 2620e4288..21d64b193 100644
+index 0f0b45802..466d198a1 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces'
- 
-@@ -52,7 +52,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-040610
      stigid@ol8: OL08-00-040239
      stigid@rhel7: RHEL-07-040610
 -    stigid@rhel8: RHEL-08-040239
 +    stigid@almalinux8: RHEL-08-040239
+     stigid@rhel9: RHEL-09-253020
      stigid@sle12: SLES-12-030360
      stigid@sle15: SLES-15-040300
- 
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_drop_gratuitous_arp/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_drop_gratuitous_arp/rule.yml
-index 977a5770b..175a4cc65 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_drop_gratuitous_arp/rule.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_drop_gratuitous_arp/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Drop Gratuitious ARP frames on All IPv4 Interfaces'
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
-index a75bcc616..d79fa93ba 100644
+index 5e49b1e1e..266940353 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces'
- 
 @@ -22,7 +22,7 @@ references:
-     disa: CCI-000366
      nist: CM-6(b)
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040259
 -    stigid@rhel8: RHEL-08-040259
 +    stigid@almalinux8: RHEL-08-040259
+     stigid@rhel9: RHEL-09-253075
  
  ocil_clause: 'IP forwarding value is "1" and the system is not router'
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
 index 70e767cc4..fbe1a27a2 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
@@ -18187,18 +11333,6 @@ index 70e767cc4..fbe1a27a2 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
-index 11dc1ce81..c55b3d4f0 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces'
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
 index c64da37a3..08535e5a1 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
@@ -18211,26 +11345,18 @@ index c64da37a3..08535e5a1 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
-index 3a4507eff..c9463daec 100644
+index 9039cffc2..54949f4c0 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces'
- 
-@@ -49,7 +49,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      stigid@ol7: OL07-00-040611
      stigid@ol8: OL08-00-040285
      stigid@rhel7: RHEL-07-040611
 -    stigid@rhel8: RHEL-08-040285
 +    stigid@almalinux8: RHEL-08-040285
+     stigid@rhel9: RHEL-09-253035
  
  ocil: |-
-     The runtime status of the <code>net.ipv4.conf.all.rp_filter</code> parameter can be queried
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
 index 583b70a3b..d9bca3de6 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
@@ -18264,18 +11390,6 @@ index 8b075d55e..0dd17a34b 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
-index 092fd29ce..55f20369d 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces'
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
 index 2bfbd9e46..8ea37100a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
@@ -18288,26 +11402,18 @@ index 2bfbd9e46..8ea37100a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
-index 4184bfc83..a27a22828 100644
+index 9693c7912..17c781220 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces'
- 
-@@ -51,7 +51,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-040640
      stigid@ol8: OL08-00-040209
      stigid@rhel7: RHEL-07-040640
 -    stigid@rhel8: RHEL-08-040209
 +    stigid@almalinux8: RHEL-08-040209
+     stigid@rhel9: RHEL-09-253040
      stigid@sle12: SLES-12-030400
      stigid@sle15: SLES-15-040340
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
 index aa7d1562b..08668d03c 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
@@ -18320,26 +11426,18 @@ index aa7d1562b..08668d03c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
-index 0de834a15..f4a8c8a41 100644
+index 514557228..82c4af364 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default'
- 
-@@ -53,7 +53,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      stigid@ol7: OL07-00-040620
      stigid@ol8: OL08-00-040249
      stigid@rhel7: RHEL-07-040620
 -    stigid@rhel8: RHEL-08-040249
 +    stigid@almalinux8: RHEL-08-040249
+     stigid@rhel9: RHEL-09-253045
      stigid@sle12: SLES-12-030370
      stigid@sle15: SLES-15-040320
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
 index 3a60ab17c..728ddb817 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
@@ -18351,18 +11449,6 @@ index 3a60ab17c..728ddb817 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
-index 84b4b78e7..67fc4f72e 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enable Kernel Paremeter to Log Martian Packets on all IPv4 Interfaces by Default'
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
 index b6e53de36..0b652c7cf 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
@@ -18374,18 +11460,6 @@ index b6e53de36..0b652c7cf 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
-index 2de023866..63f521295 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default'
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
 index aeb67c4e0..f47a8ab67 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
@@ -18397,18 +11471,6 @@ index aeb67c4e0..f47a8ab67 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
-index 363dcf7d4..6eb7362bb 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Configure Kernel Parameter for Accepting Secure Redirects By Default'
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
 index 52d74441b..08c8c256d 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
@@ -18421,26 +11483,18 @@ index 52d74441b..08c8c256d 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
-index 6aa5a30a5..4b2254ad2 100644
+index 857186d06..6ede72fc5 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces'
- 
-@@ -50,7 +50,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-040630
      stigid@ol8: OL08-00-040230
      stigid@rhel7: RHEL-07-040630
 -    stigid@rhel8: RHEL-08-040230
 +    stigid@almalinux8: RHEL-08-040230
+     stigid@rhel9: RHEL-09-253055
      stigid@sle12: SLES-12-030380
  
- {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.ipv4.icmp_echo_ignore_broadcasts", value="1") }}}
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
 index 9e3a85af9..d4f4d31cb 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
@@ -18452,54 +11506,6 @@ index 9e3a85af9..d4f4d31cb 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
-index 5e9c18bcb..598d94611 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces'
- 
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_ip_local_port_range/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_ip_local_port_range/rule.yml
-index e5bb48138..c85832264 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_ip_local_port_range/rule.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_ip_local_port_range/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Set Kernel Parameter to Increase Local Port Range'
- 
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml
-index 59462471b..36daa50fa 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle15
-+prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15
- 
- title: 'Configure Kernel to Rate Limit Sending of Duplicate TCP Acknowledgments'
- 
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_rfc1337/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_rfc1337/rule.yml
-index f62f1616f..510e999d3 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_rfc1337/rule.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_rfc1337/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces'
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
 index 0c8dae788..a26df0c5a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
@@ -18511,18 +11517,6 @@ index 0c8dae788..a26df0c5a 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
-index 0b4f36272..1eb8bb91b 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces'
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
 index ea1db12fe..5d8b19f68 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
@@ -18535,26 +11529,18 @@ index ea1db12fe..5d8b19f68 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
-index 3bdc1dfea..1009ab2a0 100644
+index 88531b904..258f726c0 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces'
- 
-@@ -51,7 +51,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-040660
      stigid@ol8: OL08-00-040220
      stigid@rhel7: RHEL-07-040660
 -    stigid@rhel8: RHEL-08-040220
 +    stigid@almalinux8: RHEL-08-040220
+     stigid@rhel9: RHEL-09-253065
      stigid@sle12: SLES-12-030420
      stigid@sle15: SLES-15-040370
- 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
 index b54e3d12b..125464d7a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
@@ -18567,86 +11553,18 @@ index b54e3d12b..125464d7a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
-index d456a9de6..083a9d033 100644
+index 43baaf2f3..c9316d17b 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default'
- 
-@@ -50,7 +50,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-040650
      stigid@ol8: OL08-00-040270
      stigid@rhel7: RHEL-07-040650
 -    stigid@rhel8: RHEL-08-040270
 +    stigid@almalinux8: RHEL-08-040270
+     stigid@rhel9: RHEL-09-253070
      stigid@sle12: SLES-12-030410
      stigid@sle15: SLES-15-040360
- 
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
-index 3b4f06fef..5e5d0d4cc 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces'
- 
-diff --git a/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml b/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml
-index bce0bf37f..11326b3da 100644
---- a/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml
-+++ b/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Install nftables Package'
- 
-diff --git a/linux_os/guide/system/network/network-nftables/service_nftables_disabled/rule.yml b/linux_os/guide/system/network/network-nftables/service_nftables_disabled/rule.yml
-index 983065df5..3dd2c6f15 100644
---- a/linux_os/guide/system/network/network-nftables/service_nftables_disabled/rule.yml
-+++ b/linux_os/guide/system/network/network-nftables/service_nftables_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,rhel7,rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify nftables Service is Disabled'
- 
-diff --git a/linux_os/guide/system/network/network-nftables/service_nftables_enabled/rule.yml b/linux_os/guide/system/network/network-nftables/service_nftables_enabled/rule.yml
-index 5be921e29..5f89841b4 100644
---- a/linux_os/guide/system/network/network-nftables/service_nftables_enabled/rule.yml
-+++ b/linux_os/guide/system/network/network-nftables/service_nftables_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,sle15,ubuntu2004,ubuntu2204
-+prodtype: rhel7,rhel8,almalinux8,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify nftables Service is Enabled'
- 
-diff --git a/linux_os/guide/system/network/network-nftables/set_nftables_table/rule.yml b/linux_os/guide/system/network/network-nftables/set_nftables_table/rule.yml
-index 7dc9a9212..ef93ad06a 100644
---- a/linux_os/guide/system/network/network-nftables/set_nftables_table/rule.yml
-+++ b/linux_os/guide/system/network/network-nftables/set_nftables_table/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure a Table Exists for Nftables'
- 
 diff --git a/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh b/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh
 index 89d344c4f..1a926adaa 100644
 --- a/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh
@@ -18659,59 +11577,31 @@ index 89d344c4f..1a926adaa 100644
  
  tbl_output=$(nft list tables | grep inet)
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
-index f995e2795..e1d8819ce 100644
+index 5bf60eb12..602f283c4 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable ATM Support'
- 
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040021
 -    stigid@rhel8: RHEL-08-040021
 +    stigid@almalinux8: RHEL-08-040021
+     stigid@rhel9: RHEL-09-213045
  
  {{{ complete_ocil_entry_module_disable(module="atm") }}}
- 
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
-index 420485c11..0a36c302c 100644
+index 7f951a269..b7f4f9516 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable CAN Support'
- 
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040022
 -    stigid@rhel8: RHEL-08-040022
 +    stigid@almalinux8: RHEL-08-040022
+     stigid@rhel9: RHEL-09-213050
  
  {{{ complete_ocil_entry_module_disable(module="can") }}}
- 
-diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
-index 2f556b8ec..1d86a360e 100644
---- a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
-+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable DCCP Support'
- 
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
 index 57cc29270..4b1b2805e 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
@@ -18724,49 +11614,33 @@ index 57cc29270..4b1b2805e 100644
  rm -f /etc/modprobe.d/dccp-blacklist.conf
  echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
-index 0522abc15..1109e3ccb 100644
+index 2af5055af..0a1aa3a30 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable IEEE 1394 (FireWire) Support'
- 
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040026
 -    stigid@rhel8: RHEL-08-040026
 +    stigid@almalinux8: RHEL-08-040026
+     stigid@rhel9: RHEL-09-213055
  
  {{{ complete_ocil_entry_module_disable(module="firewire-core") }}}
- 
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
-index 0da8cd9fe..96365ae00 100644
+index 4ebec10ec..786273f30 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable SCTP Support'
- 
-@@ -48,7 +48,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      pcidss4: "1.4.2"
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040023
 -    stigid@rhel8: RHEL-08-040023
 +    stigid@almalinux8: RHEL-08-040023
+     stigid@rhel9: RHEL-09-213060
  
  {{{ complete_ocil_entry_module_disable(module="sctp") }}}
- 
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
-index 075d86c27..5d0928edc 100644
+index b1e4d2557..9e83ffa34 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
 @@ -44,7 +44,7 @@ references:
@@ -18775,144 +11649,48 @@ index 075d86c27..5d0928edc 100644
      stigid@ol8: OL08-00-040024
 -    stigid@rhel8: RHEL-08-040024
 +    stigid@almalinux8: RHEL-08-040024
+     stigid@rhel9: RHEL-09-213065
  
  {{{ complete_ocil_entry_module_disable(module="tipc") }}}
- 
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
-index 847d21236..1edba79ba 100644
+index ebeb377a9..ba37f5ec1 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable Bluetooth Kernel Module'
- 
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      nist-csf: PR.AC-3,PR.IP-1,PR.PT-3,PR.PT-4
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000300-GPOS-00118
      stigid@ol8: OL08-00-040111
 -    stigid@rhel8: RHEL-08-040111
 +    stigid@almalinux8: RHEL-08-040111
+     stigid@rhel9: RHEL-09-291035
  
  {{{ complete_ocil_entry_module_disable(module="bluetooth") }}}
- 
-diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_cfg80211_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_cfg80211_disabled/rule.yml
-index 5d3161776..29d115daf 100644
---- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_cfg80211_disabled/rule.yml
-+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_cfg80211_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhcos4,rhel8,rhel9
-+prodtype: fedora,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Disable Kernel cfg80211 Module'
- 
-diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlmvm_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlmvm_disabled/rule.yml
-index 25123181d..cc641d3f0 100644
---- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlmvm_disabled/rule.yml
-+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlmvm_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhcos4,rhel8,rhel9
-+prodtype: fedora,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Disable Kernel iwlmvm Module'
- 
-diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlwifi_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlwifi_disabled/rule.yml
-index 2ae0cd340..1f1c8ed7e 100644
---- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlwifi_disabled/rule.yml
-+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlwifi_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhcos4,rhel8,rhel9
-+prodtype: fedora,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Disable Kernel iwlwifi Module'
- 
-diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_mac80211_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_mac80211_disabled/rule.yml
-index 409baf905..5f85883e3 100644
---- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_mac80211_disabled/rule.yml
-+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_mac80211_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhcos4,rhel8,rhel9
-+prodtype: fedora,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Disable Kernel mac80211 Module'
- 
-diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/service_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/service_bluetooth_disabled/rule.yml
-index a0a9fbc23..0d3c20a3d 100644
---- a/linux_os/guide/system/network/network-wireless/wireless_software/service_bluetooth_disabled/rule.yml
-+++ b/linux_os/guide/system/network/network-wireless/wireless_software/service_bluetooth_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Disable Bluetooth Service'
- 
-diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_in_bios/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_in_bios/rule.yml
-index 6a541594f..8c47fed5a 100644
---- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_in_bios/rule.yml
-+++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_in_bios/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhcos4,rhel7,rhel8
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8
- 
- title: 'Disable WiFi or Bluetooth in BIOS'
- 
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
-index cb5749653..21e369337 100644
+index 398948718..afb2d3480 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Deactivate Wireless Network Interfaces'
- 
-@@ -65,7 +65,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-041010
      stigid@ol8: OL08-00-040110
      stigid@rhel7: RHEL-07-041010
 -    stigid@rhel8: RHEL-08-040110
 +    stigid@almalinux8: RHEL-08-040110
+     stigid@rhel9: RHEL-09-291040
      stigid@sle12: SLES-12-030450
      stigid@sle15: SLES-15-010380
-     stigid@ubuntu2004: UBTU-20-010455
 diff --git a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
-index bf2339bbd..2116460e1 100644
+index a9dc1b633..ea03598c7 100644
 --- a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
 +++ b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Configure Multiple DNS Servers in /etc/resolv.conf'
- 
-@@ -54,7 +54,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-040600
      stigid@ol8: OL08-00-010680
      stigid@rhel7: RHEL-07-040600
 -    stigid@rhel8: RHEL-08-010680
 +    stigid@almalinux8: RHEL-08-010680
+     stigid@rhel9: RHEL-09-252035
  
  ocil_clause: 'less than two lines are returned that are not commented out'
- 
 diff --git a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
 index 0f2d15979..27572472b 100644
 --- a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
@@ -18932,18 +11710,6 @@ index 469db24e9..671a4d019 100644
  
  source common.sh
  
-diff --git a/linux_os/guide/system/network/network_disable_ddns_interfaces/rule.yml b/linux_os/guide/system/network/network_disable_ddns_interfaces/rule.yml
-index 06a84a9df..dba6f82ce 100644
---- a/linux_os/guide/system/network/network_disable_ddns_interfaces/rule.yml
-+++ b/linux_os/guide/system/network/network_disable_ddns_interfaces/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Disable Client Dynamic DNS Updates'
- 
 diff --git a/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh b/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh
 index 6f2e6fa20..ea9c566f9 100644
 --- a/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh
@@ -18952,18 +11718,6 @@ index 6f2e6fa20..ea9c566f9 100644
 -# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
 +# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  echo "NOZEROCONF=yes" >> /etc/sysconfig/network
-diff --git a/linux_os/guide/system/network/network_disable_zeroconf/rule.yml b/linux_os/guide/system/network/network_disable_zeroconf/rule.yml
-index 34f6e07e1..202330a73 100644
---- a/linux_os/guide/system/network/network_disable_zeroconf/rule.yml
-+++ b/linux_os/guide/system/network/network_disable_zeroconf/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Disable Zeroconf Networking'
- 
 diff --git a/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml b/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
 index 3f497dc7b..f85aac045 100644
 --- a/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
@@ -18974,62 +11728,34 @@ index 3f497dc7b..f85aac045 100644
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/network/network_nmcli_permissions/rule.yml b/linux_os/guide/system/network/network_nmcli_permissions/rule.yml
-index fe5704ea6..d71dee1c7 100644
---- a/linux_os/guide/system/network/network_nmcli_permissions/rule.yml
-+++ b/linux_os/guide/system/network/network_nmcli_permissions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Prevent non-Privileged Users from Modifying Network Interfaces using nmcli'
- 
 diff --git a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
-index 6970bbdba..2c78e4818 100644
+index 08e686c80..6c088d51f 100644
 --- a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure System is Not Acting as a Network Sniffer'
- 
 @@ -47,7 +47,7 @@ references:
      stigid@ol7: OL07-00-040670
      stigid@ol8: OL08-00-040330
      stigid@rhel7: RHEL-07-040670
 -    stigid@rhel8: RHEL-08-040330
 +    stigid@almalinux8: RHEL-08-040330
+     stigid@rhel9: RHEL-09-251040
      stigid@sle12: SLES-12-030440
      stigid@sle15: SLES-15-040390
- 
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
-index 678b06d33..0050efcdd 100644
+index e4ceeaa8b..30049daa5 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure All World-Writable Directories Are Owned by root User'
- 
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      anssi: BP28(R40)
      disa: CCI-000366
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000138-GPOS-00069
 -    stigid@rhel8: RHEL-08-010700
 +    stigid@almalinux8: RHEL-08-010700
+     stigid@rhel9: RHEL-09-232240
  
  ocil_clause: 'there are world-writable directories not owned by root'
- 
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
-index 63827dff3..41c0ed380 100644
+index dcb2b99b7..8dbb02940 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -19049,43 +11775,23 @@ index 91b3495c9..7f3876c49 100644
  | xargs -I '$6' find '$6' -xdev -type d \
  \( -perm -0002 -a ! -perm -1000 \) 2>/dev/null \
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
-index be74f698e..e8d9dcf34 100644
+index e950afe03..401060402 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
-@@ -61,7 +61,7 @@ references:
-     nist-csf: PR.AC-4,PR.DS-5
+@@ -55,7 +55,7 @@ references:
+     pcidss4: '2.2.6'
      srg: SRG-OS-000138-GPOS-00069
      stigid@ol8: OL08-00-010190
 -    stigid@rhel8: RHEL-08-010190
 +    stigid@almalinux8: RHEL-08-010190
+     stigid@rhel9: RHEL-09-232245
      stigid@sle12: SLES-12-010460
      stigid@sle15: SLES-15-010300
-     stigid@ubuntu2004: UBTU-20-010411
-diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/rule.yml
-index 35c176014..65ae3c8fe 100644
---- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/rule.yml
-+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Ensure All World-Writable Directories Are Owned by a System Account'
- 
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
-index 79457f385..221fa3e48 100644
+index fb414f5d7..9bdf10430 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
- 
- title: 'Ensure All World-Writable Directories Are Group Owned by a System Account'
- 
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      stigid@ol7: OL07-00-021030
      stigid@ol8: OL08-00-010710
      stigid@rhel7: RHEL-07-021030
@@ -19095,117 +11801,59 @@ index 79457f385..221fa3e48 100644
      stigid@sle15: SLES-15-040180
  
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
-index c9ed36852..e9de85764 100644
+index d692cae80..9ed181e88 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Verify Permissions on /etc/audit/auditd.conf'
- 
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      nist: AU-12(b)
      srg: SRG-OS-000063-GPOS-00032
      stigid@ol8: OL08-00-030610
 -    stigid@rhel8: RHEL-08-030610
 +    stigid@almalinux8: RHEL-08-030610
+     stigid@rhel9: RHEL-09-653115
      stigid@ubuntu2004: UBTU-20-010133
  
- ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/audit/auditd.conf", perms="-rw-r-----") }}}'
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
-index ec3bba5b8..72fc391b9 100644
+index 19606408d..e54d23d4b 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Verify Permissions on /etc/audit/rules.d/*.rules'
- 
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      nist: AU-12(b)
      srg: SRG-OS-000063-GPOS-00032
      stigid@ol8: OL08-00-030610
 -    stigid@rhel8: RHEL-08-030610
 +    stigid@almalinux8: RHEL-08-030610
+     stigid@rhel9: RHEL-09-653110
      stigid@ubuntu2004: UBTU-20-010133
  
- ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/audit/rules.d/*.rules", perms="-rw-r-----") }}}'
-diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
-index b3e2a1a00..d7a1cde06 100644
---- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
-+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
-@@ -2,7 +2,7 @@ documentation_complete: true
- 
- title: 'Ensure All SGID Executables Are Authorized'
- 
--prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,uos20
-+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,uos20
- 
- description: |-
-     The SGID (set group id) bit should be set only on files that were
-diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
-index 7d1ac5d38..147fce716 100644
---- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
-+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
-@@ -2,7 +2,7 @@ documentation_complete: true
- 
- title: 'Ensure All SUID Executables Are Authorized'
- 
--prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,uos20
-+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,uos20
- 
- description: |-
-     The SUID (set user id) bit should be set only on files that were
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
-index d2aa53a98..31342f505 100644
+index 71f7d9bb4..e81113895 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure All Files Are Owned by a Group'
- 
-@@ -57,7 +57,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-020330
      stigid@ol8: OL08-00-010790
      stigid@rhel7: RHEL-07-020330
 -    stigid@rhel8: RHEL-08-010790
 +    stigid@almalinux8: RHEL-08-010790
+     stigid@rhel9: RHEL-09-232250
      stigid@sle12: SLES-12-010700
      stigid@sle15: SLES-15-040410
- 
 diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
-index 13650fcea..0f71e2abc 100644
+index 62e980833..456f758e0 100644
 --- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
 +++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure All Files Are Owned by a User'
- 
-@@ -56,7 +56,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      stigid@ol7: OL07-00-020320
      stigid@ol8: OL08-00-010780
      stigid@rhel7: RHEL-07-020320
 -    stigid@rhel8: RHEL-08-010780
 +    stigid@almalinux8: RHEL-08-010780
+     stigid@rhel9: RHEL-09-232255
      stigid@sle12: SLES-12-010690
      stigid@sle15: SLES-15-040400
- 
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
-index aff9b4912..351ee43ab 100644
+index 8c5204806..e178d9508 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -19214,11 +11862,11 @@ index aff9b4912..351ee43ab 100644
      stigid@ol8: OL08-00-010260
 -    stigid@rhel8: RHEL-08-010260
 +    stigid@almalinux8: RHEL-08-010260
+     stigid@rhel9: RHEL-09-232175
      stigid@ubuntu2004: UBTU-20-010417
  
- ocil_clause: '{{{ ocil_clause_file_group_owner(file="/var/log", group=gid) }}}'
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
-index 797bfafc3..9518e6eb6 100644
+index 8e4b7d00c..768d99cfa 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
 @@ -18,7 +18,7 @@ references:
@@ -19227,11 +11875,11 @@ index 797bfafc3..9518e6eb6 100644
      stigid@ol8: OL08-00-010230
 -    stigid@rhel8: RHEL-08-010230
 +    stigid@almalinux8: RHEL-08-010230
+     stigid@rhel9: RHEL-09-232185
  
  ocil_clause: '{{{ ocil_clause_file_group_owner(file="/var/log/messages", group="root") }}}'
- 
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
-index f81fce93e..3cd2c4845 100644
+index 5870e7e27..cb37f1ee4 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
 @@ -20,7 +20,7 @@ references:
@@ -19240,11 +11888,11 @@ index f81fce93e..3cd2c4845 100644
      stigid@ol8: OL08-00-010250
 -    stigid@rhel8: RHEL-08-010250
 +    stigid@almalinux8: RHEL-08-010250
+     stigid@rhel9: RHEL-09-232170
      stigid@ubuntu2004: UBTU-20-010418
  
- ocil_clause: '{{{ ocil_clause_file_owner(file="/var/log", owner="root") }}}'
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
-index f0d63e361..21c82f341 100644
+index a286eff79..79ef6c7fe 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
 @@ -18,7 +18,7 @@ references:
@@ -19253,24 +11901,24 @@ index f0d63e361..21c82f341 100644
      stigid@ol8: OL08-00-010220
 -    stigid@rhel8: RHEL-08-010220
 +    stigid@almalinux8: RHEL-08-010220
+     stigid@rhel9: RHEL-09-232180
  
  ocil_clause: '{{{ ocil_clause_file_owner(file="/var/log/messages", owner="root") }}}'
- 
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
-index fa83358bf..ce0002b49 100644
+index abf9a202e..baac59007 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
-@@ -22,7 +22,7 @@ references:
+@@ -21,7 +21,7 @@ references:
      disa: CCI-001314
      srg: SRG-OS-000206-GPOS-00084,SRG-APP-000118-CTR-000240
      stigid@ol8: OL08-00-010240
 -    stigid@rhel8: RHEL-08-010240
 +    stigid@almalinux8: RHEL-08-010240
+     stigid@rhel9: RHEL-09-232025
      stigid@ubuntu2004: UBTU-20-010419
  
- ocil_clause: '{{{ ocil_clause_file_permissions(file="/var/log", perms="drwxr-xr-x") }}}'
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
-index d0cded9af..5125eb59e 100644
+index b92a28282..558a60be1 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
 @@ -19,7 +19,7 @@ references:
@@ -19279,32 +11927,24 @@ index d0cded9af..5125eb59e 100644
      stigid@ol8: OL08-00-010210
 -    stigid@rhel8: RHEL-08-010210
 +    stigid@almalinux8: RHEL-08-010210
+     stigid@rhel9: RHEL-09-232030
  
  ocil_clause: '{{{ ocil_clause_file_permissions(file="/var/log/messages", perms="-rw-r-----") }}}'
- 
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
-index 8f41e6219..5293927d7 100644
+index 6b98f1d51..fff9e1cae 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify that Shared Library Directories Have Root Group Ownership'
- 
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010351
 -    stigid@rhel8: RHEL-08-010351
 +    stigid@almalinux8: RHEL-08-010351
+     stigid@rhel9: RHEL-09-232215
      stigid@sle12: SLES-12-010876
      stigid@sle15: SLES-15-010356
-     stigid@ubuntu2004: UBTU-20-010431
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
-index c5d67497f..1214cbbde 100644
+index d69dcf07e..d879c084d 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
 @@ -37,7 +37,7 @@ references:
@@ -19313,9 +11953,9 @@ index c5d67497f..1214cbbde 100644
      stigid@ol8: OL08-00-010341
 -    stigid@rhel8: RHEL-08-010341
 +    stigid@almalinux8: RHEL-08-010341
+     stigid@rhel9: RHEL-09-232210
      stigid@sle12: SLES-12-010874
      stigid@sle15: SLES-15-010354
-     stigid@ubuntu2004: UBTU-20-010429
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
 index d2b47d989..9f25146b9 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
@@ -19337,7 +11977,7 @@ index 542184ae8..9cdfbf737 100644
  DIRS="/lib /lib64"
  for dirPath in $DIRS; do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
-index 68230eb4b..d9808b10a 100644
+index 5e9aeae2b..5fb5bef83 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
 @@ -44,7 +44,7 @@ references:
@@ -19346,9 +11986,9 @@ index 68230eb4b..d9808b10a 100644
      stigid@ol8: OL08-00-010331
 -    stigid@rhel8: RHEL-08-010331
 +    stigid@almalinux8: RHEL-08-010331
+     stigid@rhel9: RHEL-09-232015
      stigid@sle12: SLES-12-010872
      stigid@sle15: SLES-15-010352
-     stigid@ubuntu2004: UBTU-20-010427
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
 index 5f8dcd2eb..7980d87b5 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
@@ -19389,18 +12029,6 @@ index ebaf9b766..858020d51 100644
  DIRS="/usr/lib /usr/lib64"
  for dirPath in $DIRS; do
  	mkdir -p "$dirPath/testme" && chmod 777 "$dirPath/testme"
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml
-index 607aba3c6..922795582 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Verify that audit tools are owned by group root'
- 
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
 index 8f479451b..21a923e63 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
@@ -19422,38 +12050,18 @@ index b9bbe4dbe..2652ea041 100644
  for SYSCMDFILES in /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin
  do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
-index d50a7162e..41968db17 100644
+index 57435e380..a7b75a27e 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Verify that system commands files are group owned by root or a system account'
- 
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010320
 -    stigid@rhel8: RHEL-08-010320
 +    stigid@almalinux8: RHEL-08-010320
+     stigid@rhel9: RHEL-09-232195
      stigid@sle12: SLES-12-010882
      stigid@sle15: SLES-15-010361
-     stigid@ubuntu2004: UBTU-20-010458
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml
-index e1caace87..556d69b87 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Verify that audit tools are owned by root'
- 
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
 index 04178f485..ce116710e 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
@@ -19475,7 +12083,7 @@ index 5471f360f..1a2c2a9fa 100644
  /usr/bin/ \
  /usr/local/bin/ \
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
-index 32b2d523d..390c82540 100644
+index 735092787..473d6c8af 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
 @@ -43,7 +43,7 @@ references:
@@ -19484,11 +12092,11 @@ index 32b2d523d..390c82540 100644
      stigid@ol8: OL08-00-010310
 -    stigid@rhel8: RHEL-08-010310
 +    stigid@almalinux8: RHEL-08-010310
-     stigid@sle12: SLES-15-010879
+     stigid@rhel9: RHEL-09-232190
+     stigid@sle12: SLES-12-010879
      stigid@sle15: SLES-15-010359
-     stigid@ubuntu2004: UBTU-20-010457
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
-index bc1f3caff..e0bf781b4 100644
+index c02b4c896..6992f5dfc 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
 @@ -44,7 +44,7 @@ references:
@@ -19497,9 +12105,9 @@ index bc1f3caff..e0bf781b4 100644
      stigid@ol8: OL08-00-010340
 -    stigid@rhel8: RHEL-08-010340
 +    stigid@almalinux8: RHEL-08-010340
+     stigid@rhel9: RHEL-09-232200
      stigid@sle12: SLES-12-010873
      stigid@sle15: SLES-15-010353
-     stigid@ubuntu2004: UBTU-20-010428
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
 index 9c3fa6fe9..78ab97152 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
@@ -19540,18 +12148,6 @@ index 3382568ce..b4f4bd0a0 100644
  
  useradd user_test
  
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml
-index f87b5094a..6eb6e3866 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Verify that audit tools Have Mode 0755 or less'
- 
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
 index aeaa1f058..b69b5cd7a 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
@@ -19573,7 +12169,7 @@ index ab89b277a..f4a7c33a9 100644
  for dirPath in $DIRS; do
  	find "$dirPath" -perm /022 -exec chmod go-w '{}' \;
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
-index aed33a494..50ceca9a3 100644
+index 2a3e521fa..592cffa8b 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
 @@ -43,7 +43,7 @@ references:
@@ -19582,11 +12178,11 @@ index aed33a494..50ceca9a3 100644
      stigid@ol8: OL08-00-010300
 -    stigid@rhel8: RHEL-08-010300
 +    stigid@almalinux8: RHEL-08-010300
+     stigid@rhel9: RHEL-09-232010
      stigid@sle12: SLES-12-010878
      stigid@sle15: SLES-15-010358
-     stigid@ubuntu2004: UBTU-20-010456
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
-index f497a602a..26766e94b 100644
+index 12d8448a7..a34484685 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
 @@ -44,7 +44,7 @@ references:
@@ -19595,30 +12191,22 @@ index f497a602a..26766e94b 100644
      stigid@ol8: OL08-00-010330
 -    stigid@rhel8: RHEL-08-010330
 +    stigid@almalinux8: RHEL-08-010330
+     stigid@rhel9: RHEL-09-232020
      stigid@sle12: SLES-12-010871
      stigid@sle15: SLES-15-010351
-     stigid@ubuntu2004: UBTU-20-010426
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
-index 662778c70..c68b89e80 100644
+index db7cf42de..913ce7e4d 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: |-
-     Verify the system-wide library files in directories
-@@ -43,7 +43,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010350
 -    stigid@rhel8: RHEL-08-010350
 +    stigid@almalinux8: RHEL-08-010350
+     stigid@rhel9: RHEL-09-232205
      stigid@sle12: SLES-12-010875
      stigid@sle15: SLES-15-010355
-     stigid@ubuntu2004: UBTU-20-01430
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
 index 5356d3742..a85c88001 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
@@ -19651,7 +12239,7 @@ index b0d594003..4a71eccda 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
-index 710fc0bf6..bb5efb398 100644
+index ccb1b8ea4..cae76a731 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
 +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -19660,9 +12248,9 @@ index 710fc0bf6..bb5efb398 100644
      stigid@ol8: OL08-00-010374
 -    stigid@rhel8: RHEL-08-010374
 +    stigid@almalinux8: RHEL-08-010374
+     stigid@rhel9: RHEL-09-213030
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="fs.protected_hardlinks", value="1") }}}
- 
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
 index 5ce0decba..b7a4243e4 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
@@ -19675,7 +12263,7 @@ index 5ce0decba..b7a4243e4 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
-index 3b66b3c9b..11eb7181a 100644
+index 34ed37a00..d7a3ae8a7 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
 +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
 @@ -29,7 +29,7 @@ references:
@@ -19684,171 +12272,35 @@ index 3b66b3c9b..11eb7181a 100644
      stigid@ol8: OL08-00-010373
 -    stigid@rhel8: RHEL-08-010373
 +    stigid@almalinux8: RHEL-08-010373
+     stigid@rhel9: RHEL-09-213035
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="fs.protected_symlinks", value="1") }}}
- 
-diff --git a/linux_os/guide/system/permissions/mounting/bios_assign_password/rule.yml b/linux_os/guide/system/permissions/mounting/bios_assign_password/rule.yml
-index 184a746ff..0807776c6 100644
---- a/linux_os/guide/system/permissions/mounting/bios_assign_password/rule.yml
-+++ b/linux_os/guide/system/permissions/mounting/bios_assign_password/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Assign Password to Prevent Changes to Boot Firmware Configuration'
- 
-diff --git a/linux_os/guide/system/permissions/mounting/bios_disable_usb_boot/rule.yml b/linux_os/guide/system/permissions/mounting/bios_disable_usb_boot/rule.yml
-index 311ae83b6..a11f1d66d 100644
---- a/linux_os/guide/system/permissions/mounting/bios_disable_usb_boot/rule.yml
-+++ b/linux_os/guide/system/permissions/mounting/bios_disable_usb_boot/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhcos4,rhel7,rhel8
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8
- 
- title: 'Disable Booting from USB Devices in Boot Firmware'
- 
-diff --git a/linux_os/guide/system/permissions/mounting/grub2_nousb_argument/rule.yml b/linux_os/guide/system/permissions/mounting/grub2_nousb_argument/rule.yml
-index f06e24767..5951a4402 100644
---- a/linux_os/guide/system/permissions/mounting/grub2_nousb_argument/rule.yml
-+++ b/linux_os/guide/system/permissions/mounting/grub2_nousb_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,rhcos4,rhel7,rhel8
-+prodtype: alinux2,fedora,rhcos4,rhel7,rhel8,almalinux8
- 
- title: 'Disable Kernel Support for USB via Bootloader Configuration'
- 
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
-index 664c7364e..9e6c956b3 100644
+index 6a57bd06a..3c42ed39b 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Disable Mounting of cramfs'
- 
-@@ -49,7 +49,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040025
 -    stigid@rhel8: RHEL-08-040025
 +    stigid@almalinux8: RHEL-08-040025
+     stigid@rhel9: RHEL-09-231195
  
  {{{ complete_ocil_entry_module_disable(module="cramfs") }}}
- 
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/rule.yml
-index ce22f6058..fdc397ade 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/rule.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Disable Mounting of freevxfs'
- 
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/rule.yml
-index ec81e6f9a..d565d6bd3 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/rule.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Disable Mounting of hfs'
- 
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/rule.yml
-index f6080cd7b..f1506bd6a 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/rule.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Disable Mounting of hfsplus'
- 
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/rule.yml
-index b311a36be..6433b07a8 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/rule.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Disable Mounting of jffs2'
- 
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
-index 67bc619a3..43177a592 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
- 
- title: 'Disable Mounting of squashfs'
- 
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml
-index f36e2b226..8e71fccf2 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Disable Mounting of udf'
- 
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
-index 144d855a0..c631eb6ba 100644
+index da4bc6591..18dc7020d 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Modprobe Loading of USB Storage Driver'
- 
-@@ -50,7 +50,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-020100
      stigid@ol8: OL08-00-040080
      stigid@rhel7: RHEL-07-020100
 -    stigid@rhel8: RHEL-08-040080
 +    stigid@almalinux8: RHEL-08-040080
+     stigid@rhel9: RHEL-09-291010
      stigid@sle12: SLES-12-010580
      stigid@sle15: SLES-15-010480
- 
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/rule.yml
-index 3eb2828f6..dd7b566ca 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/rule.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Disable Mounting of vFAT filesystems'
- 
 diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/kubernetes/shared.yml
 index 41352695f..8b69802ab 100644
 --- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/kubernetes/shared.yml
@@ -19861,574 +12313,278 @@ index 41352695f..8b69802ab 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
-index 27f23dd29..5606031e2 100644
+index bb3febec5..4246c3e26 100644
 --- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204,uos20
- 
- title: 'Disable the Automounter'
- 
-@@ -56,7 +56,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-020110
      stigid@ol8: OL08-00-040070
      stigid@rhel7: RHEL-07-020110
 -    stigid@rhel8: RHEL-08-040070
 +    stigid@almalinux8: RHEL-08-040070
+     stigid@rhel9: RHEL-09-231040
      stigid@sle12: SLES-12-010590
      stigid@sle15: SLES-15-010240
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
-index c6901e86d..09f1a1131 100644
+index 1142ad726..ab5a6140b 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
- 
- title: 'Add nosuid Option to /boot/efi'
- 
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      nist: CM-6(b),CM-6.1(iv)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010572
 -    stigid@rhel8: RHEL-08-010572
 +    stigid@almalinux8: RHEL-08-010572
+     stigid@rhel9: RHEL-09-231105
  
  platform: machine and uefi
- 
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_noauto/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_noauto/rule.yml
-index e3d538abf..79bc8be0c 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_boot_noauto/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_noauto/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Add noauto Option to /boot'
- 
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
-index 9ac722d0e..78e4577d0 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Add nodev Option to /boot'
- 
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_noexec/rule.yml
-index 56a22ce45..c8857e0a5 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_boot_noexec/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_noexec/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Add noexec Option to /boot'
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
-index 583dd2b60..4ea56f9ce 100644
+index a783272e8..0d12086a6 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Add nosuid Option to /boot'
- 
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010571
 -    stigid@rhel8: RHEL-08-010571
 +    stigid@almalinux8: RHEL-08-010571
+     stigid@rhel9: RHEL-09-231100
  
  platform: machine
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
-index 17d1273f9..1b395dc90 100644
+index f82495084..ccb0940c6 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-021024
      stigid@ol8: OL08-00-040120
      stigid@rhel7: RHEL-07-021024
 -    stigid@rhel8: RHEL-08-040120
 +    stigid@almalinux8: RHEL-08-040120
+     stigid@rhel9: RHEL-09-231110
  
  platform: machine
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
-index ea5701f9b..5c95af403 100644
+index f95eff16a..ddb39cfde 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Add noexec Option to /dev/shm'
- 
-@@ -50,7 +50,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-021024
      stigid@ol8: OL08-00-040122
      stigid@rhel7: RHEL-07-021024
 -    stigid@rhel8: RHEL-08-040122
 +    stigid@almalinux8: RHEL-08-040122
+     stigid@rhel9: RHEL-09-231115
  
  platform: machine
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
-index 808035e3a..4129eab2e 100644
+index 8ceb7d18a..f3ecb97e3 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-021024
      stigid@ol8: OL08-00-040121
      stigid@rhel7: RHEL-07-021024
 -    stigid@rhel8: RHEL-08-040121
 +    stigid@almalinux8: RHEL-08-040121
+     stigid@rhel9: RHEL-09-231120
  
  platform: machine
- 
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_grpquota/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_grpquota/rule.yml
-index dfc449d17..df8415041 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_home_grpquota/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_grpquota/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Add grpquota Option to /home'
- 
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
-index d454139b4..c3209b7a9 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Add nodev Option to /home'
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
-index bee3a60e8..d8b60d3d1 100644
+index 2b8b3e4f3..413e0da68 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Add noexec Option to /home'
- 
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      nist: CM-6(b)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010590
 -    stigid@rhel8: RHEL-08-010590
 +    stigid@almalinux8: RHEL-08-010590
+     stigid@rhel9: RHEL-09-231055
  
  platform: machine
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
-index 5e42ac0a7..e184dad3f 100644
+index 7dd5cc0b4..cfab794e7 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2204
- 
- title: 'Add nosuid Option to /home'
- 
-@@ -42,7 +42,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      stigid@ol7: OL07-00-021000
      stigid@ol8: OL08-00-010570
      stigid@rhel7: RHEL-07-021000
 -    stigid@rhel8: RHEL-08-010570
 +    stigid@almalinux8: RHEL-08-010570
+     stigid@rhel9: RHEL-09-231050
      stigid@sle12: SLES-12-010790
      stigid@sle15: SLES-15-040140
- 
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml
-index 86536b375..10c488aec 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Add usrquota Option to /home'
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
-index a22d24b1a..05dba6105 100644
+index c31eaa313..6187f1360 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Add nodev Option to Non-Root Local Partitions'
- 
-@@ -47,7 +47,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010580
 -    stigid@rhel8: RHEL-08-010580
 +    stigid@almalinux8: RHEL-08-010580
+     stigid@rhel9: RHEL-09-231200
  
  platform: machine
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
-index d06852da9..67d3c85cf 100644
+index b6224a603..92f3eb421 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804
- 
- title: 'Add nodev Option to Removable Media Partitions'
- 
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.AC-3,PR.AC-6,PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010600
 -    stigid@rhel8: RHEL-08-010600
 +    stigid@almalinux8: RHEL-08-010600
+     stigid@rhel9: RHEL-09-231085
  
  platform: machine
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
-index 75934b9d7..d1da5bbc3 100644
+index 6ec1b8f8f..f1779a4e1 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804
- 
- title: 'Add noexec Option to Removable Media Partitions'
- 
-@@ -42,7 +42,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      nist-csf: PR.AC-3,PR.AC-6,PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010610
 -    stigid@rhel8: RHEL-08-010610
 +    stigid@almalinux8: RHEL-08-010610
+     stigid@rhel9: RHEL-09-231080
  
  ocil_clause: 'removable media partitions are present'
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
-index 2ae9f064c..b9ce16e9d 100644
+index 8cf194781..51ba46c0f 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804
- 
- title: 'Add nosuid Option to Removable Media Partitions'
- 
-@@ -46,7 +46,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      stigid@ol7: OL07-00-021010
      stigid@ol8: OL08-00-010620
      stigid@rhel7: RHEL-07-021010
 -    stigid@rhel8: RHEL-08-010620
 +    stigid@almalinux8: RHEL-08-010620
+     stigid@rhel9: RHEL-09-231090
      stigid@sle12: SLES-12-010800
      stigid@sle15: SLES-15-040150
- 
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_opt_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_opt_nosuid/rule.yml
-index b7ec9c569..0502e318d 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_opt_nosuid/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_opt_nosuid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Add nosuid Option to /opt'
- 
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_proc_hidepid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_proc_hidepid/rule.yml
-index a85e9d12c..7e277a682 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_proc_hidepid/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_proc_hidepid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,rhel9
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Add hidepid Option to /proc'
- 
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_srv_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_srv_nosuid/rule.yml
-index 5ff970bd7..e4321f56d 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_srv_nosuid/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_srv_nosuid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Add nosuid Option to /srv'
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
-index 105a4549d..c720e1922 100644
+index d787e746e..ef92d5824 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Add nodev Option to /tmp'
- 
-@@ -48,7 +48,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040123
 -    stigid@rhel8: RHEL-08-040123
 +    stigid@almalinux8: RHEL-08-040123
+     stigid@rhel9: RHEL-09-231125
  
  platform: machine and mount[tmp]
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
-index d4105fd2b..225e4be20 100644
+index 59069f5eb..a62157515 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Add noexec Option to /tmp'
- 
-@@ -47,7 +47,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040125
 -    stigid@rhel8: RHEL-08-040125
 +    stigid@almalinux8: RHEL-08-040125
+     stigid@rhel9: RHEL-09-231130
  
  platform: machine and mount[tmp]
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
-index e8f8b86b6..cd8054422 100644
+index 5fde7f0fc..70e7d39ff 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Add nosuid Option to /tmp'
- 
-@@ -48,7 +48,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040124
 -    stigid@rhel8: RHEL-08-040124
 +    stigid@almalinux8: RHEL-08-040124
+     stigid@rhel9: RHEL-09-231135
  
  platform: machine and mount[tmp]
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
-index 844f31d18..4c427178b 100644
+index 307393654..5e1234579 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
- 
- title: 'Add nodev Option to /var/log/audit'
- 
 @@ -35,7 +35,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040129
 -    stigid@rhel8: RHEL-08-040129
 +    stigid@almalinux8: RHEL-08-040129
+     stigid@rhel9: RHEL-09-231160
  
  platform: machine and mount[var-log-audit]
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
-index f5c55f7d4..232848cf5 100644
+index 7946d878f..5e168f7f9 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
- 
- title: 'Add noexec Option to /var/log/audit'
- 
 @@ -33,7 +33,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040131
 -    stigid@rhel8: RHEL-08-040131
 +    stigid@almalinux8: RHEL-08-040131
+     stigid@rhel9: RHEL-09-231165
  
  platform: machine and mount[var-log-audit]
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
-index 38c807ee5..80c93d999 100644
+index a549df2a6..69f51d8ed 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
- 
- title: 'Add nosuid Option to /var/log/audit'
- 
 @@ -34,7 +34,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040130
 -    stigid@rhel8: RHEL-08-040130
 +    stigid@almalinux8: RHEL-08-040130
+     stigid@rhel9: RHEL-09-231170
  
  platform: machine and mount[var-log-audit]
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
-index b59aeba7f..2e963aa36 100644
+index 7f79fb5c6..c0cf11cc3 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
- 
- title: 'Add nodev Option to /var/log'
- 
 @@ -35,7 +35,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040126
 -    stigid@rhel8: RHEL-08-040126
 +    stigid@almalinux8: RHEL-08-040126
+     stigid@rhel9: RHEL-09-231145
  
  platform: machine and mount[var-log]
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
-index e3885b497..770a4745e 100644
+index 388ed247d..5b0958a2c 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
- 
- title: 'Add noexec Option to /var/log'
- 
 @@ -36,7 +36,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040128
 -    stigid@rhel8: RHEL-08-040128
 +    stigid@almalinux8: RHEL-08-040128
+     stigid@rhel9: RHEL-09-231150
  
  platform: machine and mount[var-log]
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
-index c46396311..88a182d5a 100644
+index 6fd03f817..f3a539c5d 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
- 
- title: 'Add nosuid Option to /var/log'
- 
 @@ -37,7 +37,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040127
 -    stigid@rhel8: RHEL-08-040127
 +    stigid@almalinux8: RHEL-08-040127
+     stigid@rhel9: RHEL-09-231155
  
  platform: machine and mount[var-log]
- 
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
-index d2723fd05..f2eb30534 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
- 
- title: 'Add nodev Option to /var'
- 
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_noexec/rule.yml
-index d617a3b2e..82ad3ba11 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_var_noexec/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_noexec/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Add noexec Option to /var'
- 
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml
-index 09646acc0..9ba927a2d 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
- 
- title: 'Add nosuid Option to /var'
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
 index 59e39270d..5c154d333 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
@@ -20439,81 +12595,45 @@ index 59e39270d..5c154d333 100644
  
  # Delete particular /etc/fstab's row if /var/tmp is already configured to
  # represent a mount point (for some device or filesystem other than /tmp)
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml
-index 0d5c5a8c2..89b6d40c9 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Bind Mount /var/tmp To /tmp'
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
-index 0496b5523..47c99a019 100644
+index 10ffc6b84..ca2b543dd 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Add nodev Option to /var/tmp'
- 
-@@ -41,7 +41,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      disa: CCI-001764
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040132
 -    stigid@rhel8: RHEL-08-040132
 +    stigid@almalinux8: RHEL-08-040132
+     stigid@rhel9: RHEL-09-231175
  
  platforms:
-   - machine and mount[var-tmp]
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
-index 355ed84dd..49ae8734c 100644
+index b7ed162e0..68d8bcd66 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Add noexec Option to /var/tmp'
- 
-@@ -41,7 +41,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      disa: CCI-001764
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040134
 -    stigid@rhel8: RHEL-08-040134
 +    stigid@almalinux8: RHEL-08-040134
+     stigid@rhel9: RHEL-09-231180
  
  platform: machine and mount[var-tmp]
- 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
-index 6a5862650..1101313c9 100644
+index 4517a6efe..c3e33dbff 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Add nosuid Option to /var/tmp'
- 
-@@ -41,7 +41,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      disa: CCI-001764
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040133
 -    stigid@rhel8: RHEL-08-040133
 +    stigid@almalinux8: RHEL-08-040133
+     stigid@rhel9: RHEL-09-231185
  
  platform: machine and mount[var-tmp]
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
 index d94802273..554e34e00 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
@@ -20526,18 +12646,18 @@ index d94802273..554e34e00 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
-index a80679673..be2228c85 100644
+index 984721275..1b5b9b426 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
-@@ -45,7 +45,7 @@ references:
-     pcidss4: "3.3.1.1,3.3.1.2,3.3.1.3"
+@@ -43,7 +43,7 @@ references:
+     pcidss4: '3.3.1'
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010675
 -    stigid@rhel8: RHEL-08-010675
 +    stigid@almalinux8: RHEL-08-010675
+     stigid@rhel9: RHEL-09-213085
  
  ocil_clause: 'the "ProcessSizeMax" item is missing, commented out, or the value is anything other than "0" and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core" item assigned'
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
 index d94802273..554e34e00 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
@@ -20550,18 +12670,18 @@ index d94802273..554e34e00 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
-index 4206d067c..0cf8d91a9 100644
+index 5eb907d0c..a4d77bd7d 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
-@@ -45,7 +45,7 @@ references:
-     pcidss4: "3.3.1.1,3.3.1.2,3.3.1.3"
+@@ -43,7 +43,7 @@ references:
+     pcidss4: '3.3.1'
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010674
 -    stigid@rhel8: RHEL-08-010674
 +    stigid@almalinux8: RHEL-08-010674
+     stigid@rhel9: RHEL-09-213090
  
  ocil_clause: Storage is not set to none or is commented out and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core" item assigned
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
 index 32651fa92..b68ea1c66 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
@@ -20584,47 +12704,31 @@ index 41cbd1197..481afa583 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
-index 4de1534fb..f64a3c784 100644
+index 9b1c0c36f..c5e2b96c0 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable Core Dumps for All Users'
- 
-@@ -44,7 +44,7 @@ references:
-     pcidss4: "3.3.1.1,3.3.1.2,3.3.1.3"
+@@ -41,7 +41,7 @@ references:
+     pcidss4: '3.3.1'
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010673
 -    stigid@rhel8: RHEL-08-010673
 +    stigid@almalinux8: RHEL-08-010673
+     stigid@rhel9: RHEL-09-213095
  
  ocil_clause: 'the "core" item is missing, commented out, or the value is anything other than "0" and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core"'
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
-index 6d62d139a..643bf3b70 100644
+index 5f34c7ff9..548dafcf4 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Disable acquiring, saving, and processing core dumps'
- 
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010672
 -    stigid@rhel8: RHEL-08-010672
 +    stigid@almalinux8: RHEL-08-010672
+     stigid@rhel9: RHEL-09-213100
  
  ocil_clause: unit systemd-coredump.socket is not masked or running
- 
 @@ -51,7 +51,7 @@ template:
      name: socket_disabled
      vars:
@@ -20644,30 +12748,6 @@ index a51038bb8..13f289b8f 100644
  
  {{{ bash_instantiate_variables("var_umask_for_daemons") }}}
  
-diff --git a/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/rule.yml b/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/rule.yml
-index 6b2922e13..6cccb08ad 100644
---- a/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/rule.yml
-+++ b/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8
-+prodtype: fedora,rhel7,rhel8,almalinux8
- 
- title: 'Set Daemon Umask'
- 
-diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
-index 461484337..6f936396a 100644
---- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
-+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Enable ExecShield via sysctl'
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
 index 415b0486d..02b1e991a 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
@@ -20680,7 +12760,7 @@ index 415b0486d..02b1e991a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
-index 367934b56..939da659b 100644
+index 8f7a99d5e..e7f107fcc 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
 @@ -28,7 +28,7 @@ references:
@@ -20689,9 +12769,9 @@ index 367934b56..939da659b 100644
      stigid@ol8: OL08-00-040283
 -    stigid@rhel8: RHEL-08-040283
 +    stigid@almalinux8: RHEL-08-040283
+     stigid@rhel9: RHEL-09-213025
      stigid@sle12: SLES-12-030320
      stigid@sle15: SLES-15-010540
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
 index 70189666c..22f9e966b 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
@@ -20726,31 +12806,23 @@ index 7a4c107b2..22e209120 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
-index 444d7b11c..df74d683f 100644
+index 549f3ac85..7d8007bfc 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-040201
      stigid@ol8: OL08-00-010430
      stigid@rhel7: RHEL-07-040201
 -    stigid@rhel8: RHEL-08-010430
 +    stigid@almalinux8: RHEL-08-010430
+     stigid@rhel9: RHEL-09-213070
      stigid@sle12: SLES-12-030330
      stigid@sle15: SLES-15-010550
-     stigid@ubuntu2004: UBTU-20-010448
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
-index 9bc399fc3..8007d2fe2 100644
+index 0c078dd88..b1575c670 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enable NX or XD Support in the BIOS'
- 
-@@ -40,7 +40,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      pcidss4: "2.2.1"
      srg: SRG-OS-000433-GPOS-00192,SRG-APP-000450-CTR-001105
      stigid@ol8: OL08-00-010420
@@ -20758,7 +12830,7 @@ index 9bc399fc3..8007d2fe2 100644
 +    stigid@almalinux8: RHEL-08-010420
      stigid@ubuntu2004: UBTU-20-010447
  
- platform: machine
+ # In aarch64 cpus the bit is XN and it is not disableable
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
 index 6d87da5f2..021acd31f 100755
 --- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
@@ -20781,18 +12853,6 @@ index 3260539b3..29d22d491 100755
  # remediation = none
  
  cp /proc/cpuinfo /tmp/cpuinfo
-diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/install_PAE_kernel_on_x86-32/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_nx/install_PAE_kernel_on_x86-32/rule.yml
-index 310d1ab11..ca3e204ed 100644
---- a/linux_os/guide/system/permissions/restrictions/enable_nx/install_PAE_kernel_on_x86-32/rule.yml
-+++ b/linux_os/guide/system/permissions/restrictions/enable_nx/install_PAE_kernel_on_x86-32/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
- 
- title: 'Install PAE Kernel on Supported 32-bit x86 Systems'
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
 index 4fcb716d1..ddc46922a 100644
 --- a/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
@@ -20807,47 +12867,31 @@ index 4fcb716d1..ddc46922a 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
-index 78c982211..9c0b1d86f 100644
+index 53ce18c0d..405988116 100644
 --- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable page allocator poisoning'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      nist: CM-6(a)
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
      stigid@ol8: OL08-00-010421
 -    stigid@rhel8: RHEL-08-010421
 +    stigid@almalinux8: RHEL-08-010421
+     stigid@rhel9: RHEL-09-212040
  
  ocil_clause: 'page allocator poisoning is not enabled'
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
-index ea3560cec..5946b88c3 100644
+index 334d29f55..db2c32ba6 100644
 --- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable SLUB/SLAB allocator poisoning'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      nist: CM-6(a)
      srg: SRG-OS-000433-GPOS-00192,SRG-OS-000134-GPOS-00068
      stigid@ol8: OL08-00-010423
 -    stigid@rhel8: RHEL-08-010423
 +    stigid@almalinux8: RHEL-08-010423
+     stigid@rhel9: RHEL-09-212045
  
  ocil_clause: 'SLUB/SLAB poisoning is not enabled'
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
 index 88c683445..fa9b2020d 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
@@ -20860,38 +12904,18 @@ index 88c683445..fa9b2020d 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-index e36985406..5a3a5583b 100644
+index abcf132fd..dc8a7fe22 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Disable storing core dumps'
- 
 @@ -29,7 +29,7 @@ references:
-     ospp: FMT_SMF_EXT.1
+     pcidss4: '3.3.1'
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010671
 -    stigid@rhel8: RHEL-08-010671
 +    stigid@almalinux8: RHEL-08-010671
+     stigid@rhel9: RHEL-09-213040
  
  ocil_clause:  |-
-     the returned line does not have a value of "|/bin/false", or a line is not
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_uses_pid/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_uses_pid/rule.yml
-index 8f51f97c1..439a8ba93 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_uses_pid/rule.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_uses_pid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Configure file name of core dumps'
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
 index 36e025cc3..e97acde11 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
@@ -20904,26 +12928,18 @@ index 36e025cc3..e97acde11 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
-index b7acaf128..49d4af88c 100644
+index de07abef6..a8483ce26 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Restrict Access to Kernel Message Buffer'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      stigid@ol7: OL07-00-010375
      stigid@ol8: OL08-00-010375
      stigid@rhel7: RHEL-07-010375
 -    stigid@rhel8: RHEL-08-010375
 +    stigid@almalinux8: RHEL-08-010375
+     stigid@rhel9: RHEL-09-213010
      stigid@sle12: SLES-12-010375
      stigid@sle15: SLES-15-010375
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
 index 505b3c12b..cdf18e6dd 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
@@ -20936,62 +12952,18 @@ index 505b3c12b..cdf18e6dd 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
-index 4e68361c2..4147b3046 100644
+index d666f6ad1..0dd38a3f0 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable Kernel Image Loading'
- 
-@@ -23,7 +23,7 @@ references:
+@@ -22,7 +22,7 @@ references:
      nist: CM-6
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000366-GPOS-00153
      stigid@ol8: OL08-00-010372
 -    stigid@rhel8: RHEL-08-010372
 +    stigid@almalinux8: RHEL-08-010372
- 
+     stigid@rhel9: RHEL-09-213020
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.kexec_load_disabled", value="1") }}}
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_modules_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_modules_disabled/rule.yml
-index 7ddced284..42131cf8e 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_modules_disabled/rule.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_modules_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disable loading and unloading of kernel modules'
- 
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_cpu_time_max_percent/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_cpu_time_max_percent/rule.yml
-index 6accbf9b0..94dbf56fe 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_cpu_time_max_percent/rule.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_cpu_time_max_percent/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Limit CPU consumption of the Perf system'
- 
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_max_sample_rate/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_max_sample_rate/rule.yml
-index a5f2dda78..cc25348e1 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_max_sample_rate/rule.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_max_sample_rate/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Limit sampling frequency of the Perf system'
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
 index 0541e59a7..50020c28c 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
@@ -21004,50 +12976,18 @@ index 0541e59a7..50020c28c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
-index a39ff72ee..0e332d7e8 100644
+index 066bcd9d1..02465e4dc 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disallow kernel profiling by unprivileged users'
- 
-@@ -26,7 +26,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069,SRG-APP-000243-CTR-000600
      stigid@ol8: OL08-00-010376
 -    stigid@rhel8: RHEL-08-010376
 +    stigid@almalinux8: RHEL-08-010376
+     stigid@rhel9: RHEL-09-213015
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.perf_event_paranoid", value="2") }}}
- 
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_pid_max/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_pid_max/rule.yml
-index 939a02998..bce4141e4 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_pid_max/rule.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_pid_max/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Configure maximum number of process identifiers'
- 
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml
-index bf2e14302..c0bfb1a64 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Disallow magic SysRq key'
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
 index 2e24d9211..7b706bb32 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
@@ -21060,26 +13000,18 @@ index 2e24d9211..7b706bb32 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
-index ca51c5534..f3871bd5e 100644
+index 4365ced4f..c14e3c816 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Disable Access to Network bpf() Syscall From Unprivileged Processes'
- 
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040281
 -    stigid@rhel8: RHEL-08-040281
 +    stigid@almalinux8: RHEL-08-040281
+     stigid@rhel9: RHEL-09-213075
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.unprivileged_bpf_disabled", value="1") }}}
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
 index ceafd4839..7006e2066 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
@@ -21092,26 +13024,18 @@ index ceafd4839..7006e2066 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
-index e03106c01..375cf36e8 100644
+index 9c4d9262f..c75b04069 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Restrict usage of ptrace to descendant processes'
- 
-@@ -28,7 +28,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      nist: SC-7(10)
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040282
 -    stigid@rhel8: RHEL-08-040282
 +    stigid@almalinux8: RHEL-08-040282
+     stigid@rhel9: RHEL-09-213080
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.yama.ptrace_scope", value="1") }}}
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
 index 7519b7740..af6c30abd 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
@@ -21124,26 +13048,18 @@ index 7519b7740..af6c30abd 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
-index 323fef1e6..36ed03c39 100644
+index b594399d7..bd08cc1fe 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Harden the operation of the BPF just-in-time compiler'
- 
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040286
 -    stigid@rhel8: RHEL-08-040286
 +    stigid@almalinux8: RHEL-08-040286
+     stigid@rhel9: RHEL-09-251045
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.core.bpf_jit_harden", value="2") }}}
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
 index fdd4fb83e..3274d5b36 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
@@ -21156,50 +13072,18 @@ index fdd4fb83e..3274d5b36 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
-index 2932ebe23..ca071eafe 100644
+index 5e2508b9d..da921a343 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
- 
- title: 'Disable the use of user namespaces'
- 
-@@ -35,7 +35,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040284
 -    stigid@rhel8: RHEL-08-040284
 +    stigid@almalinux8: RHEL-08-040284
+     stigid@rhel9: RHEL-09-213105
  
  ocil: |
-     Verify that {{{ full_name }}} disables the use of user namespaces with the following commands:
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_vm_mmap_min_addr/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_vm_mmap_min_addr/rule.yml
-index ba7269b99..5e6426594 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_vm_mmap_min_addr/rule.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_vm_mmap_min_addr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Prevent applications from mapping low portion of virtual memory'
- 
-diff --git a/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml b/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml
-index cd65b5921..7114fe503 100644
---- a/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml
-+++ b/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Ensure SELinux Not Disabled in the kernel arguments'
- 
 diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml b/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
 index 4be24a89d..76c0cc6df 100644
 --- a/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
@@ -21220,30 +13104,6 @@ index 735354a2d..0c13b196e 100644
  
  sed -i --follow-symlinks "s/selinux=0//gI" /etc/default/grub /etc/grub2.cfg /etc/grub.d/*
  sed -i --follow-symlinks "s/enforcing=0//gI" /etc/default/grub /etc/grub2.cfg /etc/grub.d/*
-diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml b/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
-index 5c94eafa2..37aa83fa7 100644
---- a/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
-+++ b/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Ensure SELinux Not Disabled in /etc/default/grub'
- 
-diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml b/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
-index 622ccb2a2..47675d63f 100644
---- a/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
-+++ b/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Install libselinux Package'
- 
 diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
 index 2520d3dcc..ed0bc9538 100644
 --- a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
@@ -21255,3663 +13115,19 @@ index 2520d3dcc..ed0bc9538 100644
  
  # Package libselinux cannot be uninstalled normally
  # as it would cause removal of sudo package which is
-diff --git a/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml b/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
-index f11bd265b..de204f528 100644
---- a/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
-+++ b/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,rhel7,rhel8,rhel9,sle15
-+prodtype: alinux2,alinux3,fedora,rhel7,rhel8,almalinux8,rhel9,sle15
- 
- title: 'Uninstall mcstrans Package'
- 
-diff --git a/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml
-index eb5f39b45..caa6811b0 100644
---- a/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml
-+++ b/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Install policycoreutils-python-utils package'
- 
 diff --git a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
-index 71e5c70a6..33de1a128 100644
+index c9bddfefc..fb8565762 100644
 --- a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
 +++ b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Install policycoreutils Package'
- 
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      disa: CCI-001084
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
      stigid@ol8: OL08-00-010171
 -    stigid@rhel8: RHEL-08-010171
 +    stigid@almalinux8: RHEL-08-010171
+     stigid@rhel9: RHEL-09-431025
  
  ocil_clause: 'the policycoreutils package is not installed'
- 
-diff --git a/linux_os/guide/system/selinux/package_setroubleshoot-plugins_removed/rule.yml b/linux_os/guide/system/selinux/package_setroubleshoot-plugins_removed/rule.yml
-index d43a519f7..c66fdfb51 100644
---- a/linux_os/guide/system/selinux/package_setroubleshoot-plugins_removed/rule.yml
-+++ b/linux_os/guide/system/selinux/package_setroubleshoot-plugins_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Uninstall setroubleshoot-plugins Package'
- 
-diff --git a/linux_os/guide/system/selinux/package_setroubleshoot-server_removed/rule.yml b/linux_os/guide/system/selinux/package_setroubleshoot-server_removed/rule.yml
-index 3c1fddd4b..b2644dc30 100644
---- a/linux_os/guide/system/selinux/package_setroubleshoot-server_removed/rule.yml
-+++ b/linux_os/guide/system/selinux/package_setroubleshoot-server_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Uninstall setroubleshoot-server Package'
- 
-diff --git a/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml b/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml
-index f8852e965..42d0c440c 100644
---- a/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml
-+++ b/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Uninstall setroubleshoot Package'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_anon_write/rule.yml
-index 73493cc19..930e08716 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Disable the abrt_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_handle_event/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_handle_event/rule.yml
-index c7ac3bd2a..43464994f 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_handle_event/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_handle_event/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Disable the abrt_handle_event SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_upload_watch_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_upload_watch_anon_write/rule.yml
-index a05ef583a..fa0c94ca7 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_upload_watch_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_upload_watch_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Disable the abrt_upload_watch_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_can_scan_system/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_can_scan_system/rule.yml
-index 9059fdf0f..2f1dd2ed9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_can_scan_system/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_can_scan_system/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the antivirus_can_scan_system SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_use_jit/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_use_jit/rule.yml
-index ebbce6ed1..fec2f5d6d 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_use_jit/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_use_jit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the antivirus_use_jit SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_auditadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_auditadm_exec_content/rule.yml
-index ad4e91f50..89a9cf9db 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_auditadm_exec_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_auditadm_exec_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the auditadm_exec_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_nsswitch_use_ldap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_nsswitch_use_ldap/rule.yml
-index 1de5f715d..c45f45d5b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_nsswitch_use_ldap/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_nsswitch_use_ldap/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the authlogin_nsswitch_use_ldap SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_radius/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_radius/rule.yml
-index 57cb33c8d..00e5d2e79 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_radius/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_radius/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the authlogin_radius SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_yubikey/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_yubikey/rule.yml
-index fc7a57709..b937eb9a7 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_yubikey/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_yubikey/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the authlogin_yubikey SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_awstats_purge_apache_log_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_awstats_purge_apache_log_files/rule.yml
-index e6c6bbe3b..b3411ada1 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_awstats_purge_apache_log_files/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_awstats_purge_apache_log_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the awstats_purge_apache_log_files SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_boinc_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_boinc_execmem/rule.yml
-index 8cba7a6c1..e6fe999d7 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_boinc_execmem/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_boinc_execmem/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the boinc_execmem SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cdrecord_read_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cdrecord_read_content/rule.yml
-index 6d1ab1fb9..b657ac124 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cdrecord_read_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cdrecord_read_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the cdrecord_read_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_can_network_connect/rule.yml
-index d38be9368..09cc2e6e0 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_can_network_connect/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_can_network_connect/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the cluster_can_network_connect SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_manage_all_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_manage_all_files/rule.yml
-index a6558b754..acb9fd610 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_manage_all_files/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_manage_all_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the cluster_manage_all_files SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_use_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_use_execmem/rule.yml
-index 4dba59fcc..8d2948e65 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_use_execmem/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_use_execmem/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the cluster_use_execmem SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_anon_write/rule.yml
-index 9c4052419..11375b947 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the cobbler_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_can_network_connect/rule.yml
-index 96c0e2564..08ea062ac 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_can_network_connect/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_can_network_connect/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the cobbler_can_network_connect SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_cifs/rule.yml
-index 93bdc97c0..3b2b401df 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_cifs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_cifs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the cobbler_use_cifs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_nfs/rule.yml
-index a7d6e9e76..02a7c4dbf 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the cobbler_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_collectd_tcp_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_collectd_tcp_network_connect/rule.yml
-index d2c8b686a..f9c7e326b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_collectd_tcp_network_connect/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_collectd_tcp_network_connect/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the collectd_tcp_network_connect SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_condor_tcp_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_condor_tcp_network_connect/rule.yml
-index 1f5602853..38809dd30 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_condor_tcp_network_connect/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_condor_tcp_network_connect/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the condor_tcp_network_connect SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_conman_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_conman_can_network/rule.yml
-index c880bf747..cc1d9b922 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_conman_can_network/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_conman_can_network/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the conman_can_network SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_container_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_container_connect_any/rule.yml
-index e9051bb95..e4bd10748 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_container_connect_any/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_container_connect_any/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the container_connect_any SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_can_relabel/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_can_relabel/rule.yml
-index f01af3d61..44e260128 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_can_relabel/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_can_relabel/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the cron_can_relabel SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_system_cronjob_use_shares/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_system_cronjob_use_shares/rule.yml
-index c1d20f8e7..7888d3a9b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_system_cronjob_use_shares/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_system_cronjob_use_shares/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the cron_system_cronjob_use_shares SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_userdomain_transition/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_userdomain_transition/rule.yml
-index f4daf0a69..a10e7531f 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_userdomain_transition/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_userdomain_transition/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the cron_userdomain_transition SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cups_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cups_execmem/rule.yml
-index d1d7ded60..4fb4bf2c1 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cups_execmem/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cups_execmem/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the cups_execmem SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cvs_read_shadow/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cvs_read_shadow/rule.yml
-index af5727d6e..6cae839d9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cvs_read_shadow/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cvs_read_shadow/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the cvs_read_shadow SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_dump_core/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_dump_core/rule.yml
-index e2f136bf0..2cd35d862 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_dump_core/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_dump_core/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the daemons_dump_core SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_enable_cluster_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_enable_cluster_mode/rule.yml
-index 07ef43204..0a1a11d7c 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_enable_cluster_mode/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_enable_cluster_mode/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the daemons_enable_cluster_mode SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tcp_wrapper/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tcp_wrapper/rule.yml
-index f84422911..27257edfb 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tcp_wrapper/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tcp_wrapper/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the daemons_use_tcp_wrapper SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tty/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tty/rule.yml
-index 02622dcd4..b1194c39d 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tty/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tty/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the daemons_use_tty SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_exec_content/rule.yml
-index c75cce8ad..cb56c79e6 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_exec_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_exec_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the dbadm_exec_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_manage_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_manage_user_files/rule.yml
-index 2b9a11bad..3e1236fb0 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_manage_user_files/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_manage_user_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the dbadm_manage_user_files SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_read_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_read_user_files/rule.yml
-index 707d71132..82b8a2282 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_read_user_files/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_read_user_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the dbadm_read_user_files SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_execmem/rule.yml
-index cc97623af..6fb9f4b51 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_execmem/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_execmem/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Configure the deny_execmem SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_ptrace/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_ptrace/rule.yml
-index 89693152e..c6564ac45 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_ptrace/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_ptrace/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the deny_ptrace SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpc_exec_iptables/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpc_exec_iptables/rule.yml
-index 9b4bfe10d..d648713f9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpc_exec_iptables/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpc_exec_iptables/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the dhcpc_exec_iptables SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpd_use_ldap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpd_use_ldap/rule.yml
-index 75f044c45..c2cec43e9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpd_use_ldap/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpd_use_ldap/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the dhcpd_use_ldap SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_fd_use/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_fd_use/rule.yml
-index 5afdc364c..b02f2c50e 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_fd_use/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_fd_use/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the domain_fd_use SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_kernel_load_modules/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_kernel_load_modules/rule.yml
-index 90f835f04..8774054ce 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_kernel_load_modules/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_kernel_load_modules/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the domain_kernel_load_modules SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_entropyd_use_audio/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_entropyd_use_audio/rule.yml
-index 2c75b1176..a87eabb48 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_entropyd_use_audio/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_entropyd_use_audio/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the entropyd_use_audio SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_can_connect_db/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_can_connect_db/rule.yml
-index 12305e08a..3d287f7c0 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_can_connect_db/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_can_connect_db/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the exim_can_connect_db SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_manage_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_manage_user_files/rule.yml
-index 2d54130dd..3c3d36451 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_manage_user_files/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_manage_user_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the exim_manage_user_files SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_read_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_read_user_files/rule.yml
-index b240c1161..93ecd94c5 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_read_user_files/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_read_user_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the exim_read_user_files SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_fcron_crond/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_fcron_crond/rule.yml
-index 9b3cf7564..f8ea2f6ca 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_fcron_crond/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_fcron_crond/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the fcron_crond SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_network_connect/rule.yml
-index 1f71bedb2..3316263f4 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_network_connect/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_network_connect/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the fenced_can_network_connect SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_ssh/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_ssh/rule.yml
-index cac41de7b..96edf0ff1 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_ssh/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_ssh/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the fenced_can_ssh SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_fips_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_fips_mode/rule.yml
-index 57686707b..4728a291f 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_fips_mode/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_fips_mode/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the fips_mode SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_anon_write/rule.yml
-index dbf31b534..2b2f5bc31 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the ftpd_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_all_unreserved/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_all_unreserved/rule.yml
-index 579ac3f59..7ebfb8bd4 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_all_unreserved/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_all_unreserved/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the ftpd_connect_all_unreserved SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_db/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_db/rule.yml
-index f2d973bab..b473ef966 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_db/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_db/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the ftpd_connect_db SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_full_access/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_full_access/rule.yml
-index cf9e78266..017cfec40 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_full_access/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_full_access/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the ftpd_full_access SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_cifs/rule.yml
-index 14b1f7526..73153bbfc 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_cifs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_cifs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the ftpd_use_cifs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_fusefs/rule.yml
-index 6cb9d9df4..896fb999b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_fusefs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_fusefs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the ftpd_use_fusefs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_nfs/rule.yml
-index 4035d4f83..e9e734e1a 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the ftpd_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_passive_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_passive_mode/rule.yml
-index c12360649..f22766973 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_passive_mode/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_passive_mode/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the ftpd_use_passive_mode SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_enable_homedirs/rule.yml
-index 47e9b420c..86d7f8193 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_enable_homedirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_enable_homedirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the git_cgi_enable_homedirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_cifs/rule.yml
-index ca5a2bcdf..cc91e16f6 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_cifs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_cifs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the git_cgi_use_cifs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_nfs/rule.yml
-index f8b5c912a..cee5cb7ac 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the git_cgi_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_bind_all_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_bind_all_unreserved_ports/rule.yml
-index 8dffa1dd3..855a231f5 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_bind_all_unreserved_ports/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_bind_all_unreserved_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the git_session_bind_all_unreserved_ports SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_users/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_users/rule.yml
-index f4dca61aa..7c8c3dd29 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_users/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_users/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the git_session_users SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_enable_homedirs/rule.yml
-index 170fcfdfd..31ad34ce6 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_enable_homedirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_enable_homedirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the git_system_enable_homedirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_cifs/rule.yml
-index c46e622e3..8935f8320 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_cifs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_cifs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the git_system_use_cifs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_nfs/rule.yml
-index b149744b9..4006fe665 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the git_system_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gitosis_can_sendmail/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gitosis_can_sendmail/rule.yml
-index 2fa3db75f..dba2c36f0 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gitosis_can_sendmail/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gitosis_can_sendmail/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the gitosis_can_sendmail SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_api_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_api_can_network/rule.yml
-index f83249183..790d5167a 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_api_can_network/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_api_can_network/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the glance_api_can_network SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_execmem/rule.yml
-index ee835d3e6..24ee3fae5 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_execmem/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_execmem/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the glance_use_execmem SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_fusefs/rule.yml
-index 70546358d..3146c8019 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_fusefs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_fusefs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the glance_use_fusefs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_global_ssp/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_global_ssp/rule.yml
-index 12cb7bdcd..ec058a020 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_global_ssp/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_global_ssp/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the global_ssp SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_anon_write/rule.yml
-index 19903fc98..31bf578dc 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the gluster_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_ro/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_ro/rule.yml
-index c586752c0..3eac3ab03 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_ro/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_ro/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the gluster_export_all_ro SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_rw/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_rw/rule.yml
-index 953d6f515..445c6f2ab 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_rw/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_rw/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Configure the gluster_export_all_rw SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gpg_web_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gpg_web_anon_write/rule.yml
-index d5d68c103..d21a0ec41 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gpg_web_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gpg_web_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the gpg_web_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gssd_read_tmp/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gssd_read_tmp/rule.yml
-index 9cf94d269..fe53e4a30 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gssd_read_tmp/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gssd_read_tmp/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the gssd_read_tmp SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_guest_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_guest_exec_content/rule.yml
-index d889a510c..2d4332665 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_guest_exec_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_guest_exec_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the guest_exec_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_haproxy_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_haproxy_connect_any/rule.yml
-index f5e5a38ea..f96727fff 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_haproxy_connect_any/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_haproxy_connect_any/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the haproxy_connect_any SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_anon_write/rule.yml
-index 7ac8bcaca..8717ac94b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_builtin_scripting/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_builtin_scripting/rule.yml
-index 9d1fbe439..e2eef2adc 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_builtin_scripting/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_builtin_scripting/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Configure the httpd_builtin_scripting SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_check_spam/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_check_spam/rule.yml
-index f08b0711b..4c2f36035 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_check_spam/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_check_spam/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_can_check_spam SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ftp/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ftp/rule.yml
-index 6511bfe2c..6f07db4d0 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ftp/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ftp/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_can_connect_ftp SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ldap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ldap/rule.yml
-index 9d088182d..5f01b6158 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ldap/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ldap/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_can_connect_ldap SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_mythtv/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_mythtv/rule.yml
-index fe8400ee8..c292070a3 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_mythtv/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_mythtv/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_can_connect_mythtv SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_zabbix/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_zabbix/rule.yml
-index d82826068..3d80037c9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_zabbix/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_zabbix/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_can_connect_zabbix SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect/rule.yml
-index 51f2d075d..ea465e8c7 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_can_network_connect SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_cobbler/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_cobbler/rule.yml
-index 04ffe7de1..d45f0d7d0 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_cobbler/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_cobbler/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_can_network_connect_cobbler SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_db/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_db/rule.yml
-index 38b2cbfe4..2b40a15cc 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_db/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_db/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_can_network_connect_db SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_memcache/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_memcache/rule.yml
-index d844dcdb3..d45a00310 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_memcache/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_memcache/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_can_network_memcache SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_relay/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_relay/rule.yml
-index bff3c8cef..8dad299f6 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_relay/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_relay/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_can_network_relay SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_sendmail/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_sendmail/rule.yml
-index 8d73dd264..3582c1a4b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_sendmail/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_sendmail/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_can_sendmail SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_avahi/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_avahi/rule.yml
-index 3cfbca8a6..de20f8747 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_avahi/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_avahi/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_dbus_avahi SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_sssd/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_sssd/rule.yml
-index da62291cf..398bc8c7c 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_sssd/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_sssd/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_dbus_sssd SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dontaudit_search_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dontaudit_search_dirs/rule.yml
-index dc9651f93..2fec140e9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dontaudit_search_dirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dontaudit_search_dirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_dontaudit_search_dirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_cgi/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_cgi/rule.yml
-index 63eb6e1e9..21df07074 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_cgi/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_cgi/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Configure the httpd_enable_cgi SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_ftp_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_ftp_server/rule.yml
-index 677ed3ce7..4f1a47910 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_ftp_server/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_ftp_server/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_enable_ftp_server SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_homedirs/rule.yml
-index a2b052311..c0d756708 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_homedirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_homedirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_enable_homedirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_execmem/rule.yml
-index ee05eba77..bf3793e58 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_execmem/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_execmem/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_execmem SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_graceful_shutdown/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_graceful_shutdown/rule.yml
-index b5a42076c..fd15c0316 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_graceful_shutdown/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_graceful_shutdown/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the httpd_graceful_shutdown SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_manage_ipa/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_manage_ipa/rule.yml
-index d8453a7d0..5fcb23b5e 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_manage_ipa/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_manage_ipa/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_manage_ipa SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_ntlm_winbind/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_ntlm_winbind/rule.yml
-index 0b2ad316e..3347f0274 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_ntlm_winbind/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_ntlm_winbind/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_mod_auth_ntlm_winbind SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_pam/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_pam/rule.yml
-index eaf8ea4de..2adfa1ac8 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_pam/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_pam/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_mod_auth_pam SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_read_user_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_read_user_content/rule.yml
-index e258ff541..cf04e5bbb 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_read_user_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_read_user_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_read_user_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_ipa/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_ipa/rule.yml
-index d8b3f4e6c..c17c8a973 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_ipa/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_ipa/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_run_ipa SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_preupgrade/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_preupgrade/rule.yml
-index 413472cbb..f96365f8f 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_preupgrade/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_preupgrade/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_run_preupgrade SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_stickshift/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_stickshift/rule.yml
-index 4cc542849..3c320028b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_stickshift/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_stickshift/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_run_stickshift SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_serve_cobbler_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_serve_cobbler_files/rule.yml
-index 27a979c82..6200f0a0d 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_serve_cobbler_files/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_serve_cobbler_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_serve_cobbler_files SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_setrlimit/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_setrlimit/rule.yml
-index e09231f7a..08f760376 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_setrlimit/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_setrlimit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_setrlimit SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_ssi_exec/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_ssi_exec/rule.yml
-index 81ee37989..c00302d06 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_ssi_exec/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_ssi_exec/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_ssi_exec SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_sys_script_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_sys_script_anon_write/rule.yml
-index 61140b8d5..165856858 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_sys_script_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_sys_script_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_sys_script_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tmp_exec/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tmp_exec/rule.yml
-index ad6c2ea72..c8a12f680 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tmp_exec/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tmp_exec/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_tmp_exec SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tty_comm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tty_comm/rule.yml
-index 12b4dcc14..04841fb30 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tty_comm/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tty_comm/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_tty_comm SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_unified/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_unified/rule.yml
-index ffcda8a2b..364640adc 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_unified/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_unified/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_unified SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_cifs/rule.yml
-index 4a5c7bdc1..88d0bf75f 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_cifs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_cifs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_use_cifs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_fusefs/rule.yml
-index 79c4149f4..3df100b7b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_fusefs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_fusefs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_use_fusefs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_gpg/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_gpg/rule.yml
-index d022811e8..1e157cfa5 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_gpg/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_gpg/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_use_gpg SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_nfs/rule.yml
-index 4080ca052..b872c1a88 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_openstack/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_openstack/rule.yml
-index dbbb07cfe..d0477e449 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_openstack/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_openstack/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_use_openstack SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_sasl/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_sasl/rule.yml
-index fe0840e27..f88ad4855 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_sasl/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_sasl/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_use_sasl SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_verify_dns/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_verify_dns/rule.yml
-index 61def0aac..6bfb1a2c0 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_verify_dns/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_verify_dns/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the httpd_verify_dns SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_icecast_use_any_tcp_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_icecast_use_any_tcp_ports/rule.yml
-index 724cbbce6..97bd40b0e 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_icecast_use_any_tcp_ports/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_icecast_use_any_tcp_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the icecast_use_any_tcp_ports SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_irc_use_any_tcp_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_irc_use_any_tcp_ports/rule.yml
-index a7da73c3e..666210100 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_irc_use_any_tcp_ports/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_irc_use_any_tcp_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the irc_use_any_tcp_ports SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_irssi_use_full_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_irssi_use_full_network/rule.yml
-index d82f9ff24..d14ca2364 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_irssi_use_full_network/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_irssi_use_full_network/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the irssi_use_full_network SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_kdumpgui_run_bootloader/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_kdumpgui_run_bootloader/rule.yml
-index fdb0a982d..4573675cf 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_kdumpgui_run_bootloader/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_kdumpgui_run_bootloader/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the kdumpgui_run_bootloader SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_kerberos_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_kerberos_enabled/rule.yml
-index 37235acc6..b97790cc1 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_kerberos_enabled/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_kerberos_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the kerberos_enabled SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_cifs/rule.yml
-index eb32deaf5..48b830901 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_cifs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_cifs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the ksmtuned_use_cifs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_nfs/rule.yml
-index 86376cba8..74e8dfb6a 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the ksmtuned_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logadm_exec_content/rule.yml
-index 5b5dd95a9..d43a379c7 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logadm_exec_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logadm_exec_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the logadm_exec_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_can_sendmail/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_can_sendmail/rule.yml
-index b515961c1..a159839a0 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_can_sendmail/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_can_sendmail/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the logging_syslogd_can_sendmail SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_run_nagios_plugins/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_run_nagios_plugins/rule.yml
-index 3c520540b..6acdf6615 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_run_nagios_plugins/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_run_nagios_plugins/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the logging_syslogd_run_nagios_plugins SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_use_tty/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_use_tty/rule.yml
-index 7b90abe8a..68a43994e 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_use_tty/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_use_tty/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the logging_syslogd_use_tty SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_login_console_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_login_console_enabled/rule.yml
-index 3112822f5..ea43946dc 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_login_console_enabled/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_login_console_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the login_console_enabled SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logrotate_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logrotate_use_nfs/rule.yml
-index 8e3277728..e5b4122de 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logrotate_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logrotate_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the logrotate_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logwatch_can_network_connect_mail/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logwatch_can_network_connect_mail/rule.yml
-index d5e181b98..5da3e9c0a 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logwatch_can_network_connect_mail/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logwatch_can_network_connect_mail/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the logwatch_can_network_connect_mail SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_lsmd_plugin_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_lsmd_plugin_connect_any/rule.yml
-index 4d3c78388..32b05be7a 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_lsmd_plugin_connect_any/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_lsmd_plugin_connect_any/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the lsmd_plugin_connect_any SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mailman_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mailman_use_fusefs/rule.yml
-index 6dfb2e01a..5eb9727d0 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mailman_use_fusefs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mailman_use_fusefs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mailman_use_fusefs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_client/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_client/rule.yml
-index d235fe6f6..95b28e437 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_client/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_client/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mcelog_client SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_exec_scripts/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_exec_scripts/rule.yml
-index 46c9d61a1..706520e30 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_exec_scripts/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_exec_scripts/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the mcelog_exec_scripts SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_foreground/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_foreground/rule.yml
-index 807579406..86ada5a32 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_foreground/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_foreground/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mcelog_foreground SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_server/rule.yml
-index 48cc45cbc..8a59bf4c3 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_server/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_server/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mcelog_server SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_minidlna_read_generic_user_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_minidlna_read_generic_user_content/rule.yml
-index 040edc1fb..068785b40 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_minidlna_read_generic_user_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_minidlna_read_generic_user_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the minidlna_read_generic_user_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mmap_low_allowed/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mmap_low_allowed/rule.yml
-index 9429d9431..f7ff9e504 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mmap_low_allowed/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mmap_low_allowed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the mmap_low_allowed SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mock_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mock_enable_homedirs/rule.yml
-index 7f95fd02d..e141cd1e4 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mock_enable_homedirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mock_enable_homedirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the mock_enable_homedirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mount_anyfile/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mount_anyfile/rule.yml
-index 3fa8cfdf0..e0c3580de 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mount_anyfile/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mount_anyfile/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the mount_anyfile SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_bind_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_bind_unreserved_ports/rule.yml
-index a461e3018..5a57d1622 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_bind_unreserved_ports/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_bind_unreserved_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mozilla_plugin_bind_unreserved_ports SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_can_network_connect/rule.yml
-index b544dd129..17206906c 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_can_network_connect/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_can_network_connect/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mozilla_plugin_can_network_connect SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_bluejeans/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_bluejeans/rule.yml
-index 878c10bd9..69c810a9b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_bluejeans/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_bluejeans/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mozilla_plugin_use_bluejeans SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_gps/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_gps/rule.yml
-index eba60ff34..66ab4c430 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_gps/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_gps/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mozilla_plugin_use_gps SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_spice/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_spice/rule.yml
-index a5655a348..ba398fec4 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_spice/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_spice/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mozilla_plugin_use_spice SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_read_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_read_content/rule.yml
-index 8d8407db2..b56b3b40e 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_read_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_read_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mozilla_read_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_enable_homedirs/rule.yml
-index db538e06f..7c6f98ea2 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_enable_homedirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_enable_homedirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mpd_enable_homedirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_cifs/rule.yml
-index 5bff3c990..d359d2819 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_cifs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_cifs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mpd_use_cifs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_nfs/rule.yml
-index 97140465f..a4af6e2d0 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mpd_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mplayer_execstack/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mplayer_execstack/rule.yml
-index bb5e59484..a412fc8b8 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mplayer_execstack/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mplayer_execstack/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mplayer_execstack SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mysql_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mysql_connect_any/rule.yml
-index 98a1ebcf9..cce1c87e1 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mysql_connect_any/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mysql_connect_any/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the mysql_connect_any SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_pnp4nagios/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_pnp4nagios/rule.yml
-index 70347807f..2d91a12ff 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_pnp4nagios/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_pnp4nagios/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the nagios_run_pnp4nagios SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_sudo/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_sudo/rule.yml
-index 489a099a9..7d208a858 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_sudo/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_sudo/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the nagios_run_sudo SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_named_tcp_bind_http_port/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_named_tcp_bind_http_port/rule.yml
-index a51fbbeac..1f31780ad 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_named_tcp_bind_http_port/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_named_tcp_bind_http_port/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the named_tcp_bind_http_port SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_named_write_master_zones/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_named_write_master_zones/rule.yml
-index c9d54a988..b4bb8d074 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_named_write_master_zones/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_named_write_master_zones/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the named_write_master_zones SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_neutron_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_neutron_can_network/rule.yml
-index b543c7330..3df85ab6d 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_neutron_can_network/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_neutron_can_network/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the neutron_can_network SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_ro/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_ro/rule.yml
-index c0718a62c..4ade28e78 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_ro/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_ro/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the nfs_export_all_ro SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_rw/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_rw/rule.yml
-index 0355bad7c..7d4a3dfc7 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_rw/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_rw/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the nfs_export_all_rw SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfsd_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfsd_anon_write/rule.yml
-index 8d21a80bb..0b0a2ee52 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfsd_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfsd_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the nfsd_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nis_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nis_enabled/rule.yml
-index 9ae527eef..b93245675 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nis_enabled/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nis_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the nis_enabled SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nscd_use_shm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nscd_use_shm/rule.yml
-index 2223ef849..abb410463 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nscd_use_shm/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nscd_use_shm/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the nscd_use_shm SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_openshift_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_openshift_use_nfs/rule.yml
-index 1c4fa8c18..9c06f2965 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_openshift_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_openshift_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the openshift_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_can_network_connect/rule.yml
-index affa929a5..b0ba05f19 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_can_network_connect/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_can_network_connect/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the openvpn_can_network_connect SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_enable_homedirs/rule.yml
-index 425be626d..20e4922a8 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_enable_homedirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_enable_homedirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the openvpn_enable_homedirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_run_unconfined/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_run_unconfined/rule.yml
-index 8ebfe5426..04fcdf6db 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_run_unconfined/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_run_unconfined/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the openvpn_run_unconfined SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_bind_all_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_bind_all_unreserved_ports/rule.yml
-index c1a13523f..fe23e7765 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_bind_all_unreserved_ports/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_bind_all_unreserved_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the pcp_bind_all_unreserved_ports SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_read_generic_logs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_read_generic_logs/rule.yml
-index 9f902520a..a76d45235 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_read_generic_logs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_read_generic_logs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the pcp_read_generic_logs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_piranha_lvs_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_piranha_lvs_can_network_connect/rule.yml
-index bf1ea51c4..3c76e1fcd 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_piranha_lvs_can_network_connect/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_piranha_lvs_can_network_connect/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the piranha_lvs_can_network_connect SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_connect_all_unreserved/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_connect_all_unreserved/rule.yml
-index 7e628966d..82442a136 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_connect_all_unreserved/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_connect_all_unreserved/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the polipo_connect_all_unreserved SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_bind_all_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_bind_all_unreserved_ports/rule.yml
-index fa974402e..39da107db 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_bind_all_unreserved_ports/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_bind_all_unreserved_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the polipo_session_bind_all_unreserved_ports SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_users/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_users/rule.yml
-index f2f93ba30..2993b2f91 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_users/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_users/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the polipo_session_users SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_cifs/rule.yml
-index 0f0fe5d6c..bd263df1b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_cifs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_cifs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the polipo_use_cifs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_nfs/rule.yml
-index 1c1d302e5..7353b3ab8 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the polipo_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polyinstantiation_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polyinstantiation_enabled/rule.yml
-index 29a752033..35ec69678 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polyinstantiation_enabled/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polyinstantiation_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Configure the polyinstantiation_enabled SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postfix_local_write_mail_spool/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postfix_local_write_mail_spool/rule.yml
-index 1c0612800..f607bdc22 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postfix_local_write_mail_spool/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postfix_local_write_mail_spool/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the postfix_local_write_mail_spool SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_can_rsync/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_can_rsync/rule.yml
-index 2d4f2e59f..dcfcc5b4a 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_can_rsync/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_can_rsync/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the postgresql_can_rsync SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_transmit_client_label/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_transmit_client_label/rule.yml
-index f7fdf042b..e2bde893b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_transmit_client_label/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_transmit_client_label/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the postgresql_selinux_transmit_client_label SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_unconfined_dbadm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_unconfined_dbadm/rule.yml
-index e4e888a81..0935fa0f3 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_unconfined_dbadm/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_unconfined_dbadm/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the postgresql_selinux_unconfined_dbadm SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_users_ddl/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_users_ddl/rule.yml
-index 215daf937..c8f70c020 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_users_ddl/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_users_ddl/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the postgresql_selinux_users_ddl SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_can_insmod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_can_insmod/rule.yml
-index 9ff991731..6e8c37d12 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_can_insmod/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_can_insmod/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the pppd_can_insmod SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_for_user/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_for_user/rule.yml
-index ef5d648f7..a3f5a525a 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_for_user/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_for_user/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the pppd_for_user SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_privoxy_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_privoxy_connect_any/rule.yml
-index b9f049901..320d69e0b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_privoxy_connect_any/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_privoxy_connect_any/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the privoxy_connect_any SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_prosody_bind_http_port/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_prosody_bind_http_port/rule.yml
-index ec8fa105b..3f3d870e6 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_prosody_bind_http_port/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_prosody_bind_http_port/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the prosody_bind_http_port SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetagent_manage_all_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetagent_manage_all_files/rule.yml
-index ce7bc2f5f..f1b87a1db 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetagent_manage_all_files/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetagent_manage_all_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the puppetagent_manage_all_files SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetmaster_use_db/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetmaster_use_db/rule.yml
-index 894fed16b..7f85d5e05 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetmaster_use_db/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetmaster_use_db/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the puppetmaster_use_db SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_racoon_read_shadow/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_racoon_read_shadow/rule.yml
-index 2cae0d28b..4120691cf 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_racoon_read_shadow/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_racoon_read_shadow/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the racoon_read_shadow SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_anon_write/rule.yml
-index 8720c0306..614c4e604 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the rsync_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_client/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_client/rule.yml
-index 588788376..5ea8dc21c 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_client/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_client/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the rsync_client SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_export_all_ro/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_export_all_ro/rule.yml
-index 154646cfa..4aec9d3ed 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_export_all_ro/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_export_all_ro/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the rsync_export_all_ro SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_full_access/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_full_access/rule.yml
-index 832dfa25a..2de80cb7a 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_full_access/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_full_access/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the rsync_full_access SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_create_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_create_home_dirs/rule.yml
-index 85b65a88f..207d77e85 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_create_home_dirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_create_home_dirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the samba_create_home_dirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_domain_controller/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_domain_controller/rule.yml
-index c67f1f86c..8cd0f5e0c 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_domain_controller/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_domain_controller/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the samba_domain_controller SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_enable_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_enable_home_dirs/rule.yml
-index 1698ed1d4..90798fe79 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_enable_home_dirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_enable_home_dirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the samba_enable_home_dirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_ro/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_ro/rule.yml
-index 9a21f5f63..b3efb3e96 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_ro/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_ro/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the samba_export_all_ro SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_rw/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_rw/rule.yml
-index fd52c836b..49a8ec859 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_rw/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_rw/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the samba_export_all_rw SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_load_libgfapi/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_load_libgfapi/rule.yml
-index 826beddf1..5a08118ea 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_load_libgfapi/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_load_libgfapi/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the samba_load_libgfapi SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_portmapper/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_portmapper/rule.yml
-index d901e6866..9073796ef 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_portmapper/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_portmapper/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the samba_portmapper SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_run_unconfined/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_run_unconfined/rule.yml
-index c409c6bb0..9729d7fa3 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_run_unconfined/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_run_unconfined/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the samba_run_unconfined SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_fusefs/rule.yml
-index cc2efcfb9..707659d6b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_fusefs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_fusefs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the samba_share_fusefs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_nfs/rule.yml
-index 085f7118f..0230e13e1 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the samba_share_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_fusefs/rule.yml
-index 074280640..aa479f165 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_fusefs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_fusefs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the sanlock_use_fusefs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_nfs/rule.yml
-index c1a64ba85..550a22a0f 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the sanlock_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_samba/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_samba/rule.yml
-index c413f111f..6b4110bf2 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_samba/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_samba/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the sanlock_use_samba SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_saslauthd_read_shadow/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_saslauthd_read_shadow/rule.yml
-index f0d4bbc9b..def16a427 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_saslauthd_read_shadow/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_saslauthd_read_shadow/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the saslauthd_read_shadow SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secadm_exec_content/rule.yml
-index d781baab8..69b4ab65b 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secadm_exec_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secadm_exec_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the secadm_exec_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml
-index 36c8756dd..20316bcee 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the secure_mode SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml
-index 17babc7f3..bad92e4d9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Configure the secure_mode_insmod SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_policyload/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_policyload/rule.yml
-index 062b9686f..f46ca75eb 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_policyload/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_policyload/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the secure_mode_policyload SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_direct_dri_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_direct_dri_enabled/rule.yml
-index 7e58c5f26..589e30e49 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_direct_dri_enabled/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_direct_dri_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Configure the selinuxuser_direct_dri_enabled SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
-index e2bb4d6cf..04a3cbd81 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Disable the selinuxuser_execheap SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
-index 46f76ce22..e1288fdd3 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Enable the selinuxuser_execmod SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
-index 446c8225b..2cc254c0f 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Disable the selinuxuser_execstack SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_mysql_connect_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_mysql_connect_enabled/rule.yml
-index 88a2a92d6..3cdf3685a 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_mysql_connect_enabled/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_mysql_connect_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the selinuxuser_mysql_connect_enabled SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_ping/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_ping/rule.yml
-index 79b96246b..05a7d02cf 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_ping/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_ping/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the selinuxuser_ping SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_postgresql_connect_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_postgresql_connect_enabled/rule.yml
-index 6d70e9d53..0f9bbc688 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_postgresql_connect_enabled/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_postgresql_connect_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the selinuxuser_postgresql_connect_enabled SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_rw_noexattrfile/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_rw_noexattrfile/rule.yml
-index 7092bbffc..dd0877542 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_rw_noexattrfile/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_rw_noexattrfile/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the selinuxuser_rw_noexattrfile SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_share_music/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_share_music/rule.yml
-index fb492e6d3..38bed7a64 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_share_music/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_share_music/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the selinuxuser_share_music SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_tcp_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_tcp_server/rule.yml
-index 3dcf75440..9fea8784c 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_tcp_server/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_tcp_server/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the selinuxuser_tcp_server SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_udp_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_udp_server/rule.yml
-index 89bb3dc5e..2bc5697c9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_udp_server/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_udp_server/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the selinuxuser_udp_server SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_use_ssh_chroot/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_use_ssh_chroot/rule.yml
-index 518bd1745..f2d8bbc1d 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_use_ssh_chroot/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_use_ssh_chroot/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the selinuxuser_use_ssh_chroot SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_domain_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_domain_can_network_connect/rule.yml
-index 17054b75b..da8b92c6c 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_domain_can_network_connect/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_domain_can_network_connect/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the sge_domain_can_network_connect SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_use_nfs/rule.yml
-index df44870be..1ad1905af 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the sge_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_smartmon_3ware/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_smartmon_3ware/rule.yml
-index 03a20026b..8496b4125 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_smartmon_3ware/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_smartmon_3ware/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the smartmon_3ware SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_smbd_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_smbd_anon_write/rule.yml
-index a597045a1..b9f168cab 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_smbd_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_smbd_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the smbd_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_spamassassin_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_spamassassin_can_network/rule.yml
-index 04514bdec..570b320f1 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_spamassassin_can_network/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_spamassassin_can_network/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the spamassassin_can_network SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_spamd_enable_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_spamd_enable_home_dirs/rule.yml
-index 3f743cbf1..32ec94a08 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_spamd_enable_home_dirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_spamd_enable_home_dirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the spamd_enable_home_dirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_connect_any/rule.yml
-index ec5c45e7e..6345f86af 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_connect_any/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_connect_any/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the squid_connect_any SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_use_tproxy/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_use_tproxy/rule.yml
-index dd156deb2..e39be3fdc 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_use_tproxy/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_use_tproxy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the squid_use_tproxy SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_chroot_rw_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_chroot_rw_homedirs/rule.yml
-index df38b35f8..2f5198960 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_chroot_rw_homedirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_chroot_rw_homedirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the ssh_chroot_rw_homedirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml
-index 60b99ed0a..30eb252ce 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the ssh_keysign SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
-index 79b12b381..daf679049 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Disable the ssh_sysadm_login SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_exec_content/rule.yml
-index 2292c61e9..844c40180 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_exec_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_exec_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the staff_exec_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_use_svirt/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_use_svirt/rule.yml
-index 4cb6582d4..83c50aef7 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_use_svirt/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_use_svirt/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the staff_use_svirt SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_swift_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_swift_can_network/rule.yml
-index 60ac4523f..5bea5bedf 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_swift_can_network/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_swift_can_network/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the swift_can_network SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sysadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sysadm_exec_content/rule.yml
-index 0fc83bc14..8d996d407 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sysadm_exec_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sysadm_exec_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the sysadm_exec_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_connect_all_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_connect_all_ports/rule.yml
-index d4d469d26..4ecc36599 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_connect_all_ports/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_connect_all_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the telepathy_connect_all_ports SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_tcp_connect_generic_network_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_tcp_connect_generic_network_ports/rule.yml
-index 1321809ab..24257e703 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_tcp_connect_generic_network_ports/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_tcp_connect_generic_network_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the telepathy_tcp_connect_generic_network_ports SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_anon_write/rule.yml
-index 7d8a2cc23..a94486834 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the tftp_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_home_dir/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_home_dir/rule.yml
-index 9b553ff79..e3b67bd51 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_home_dir/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_home_dir/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the tftp_home_dir SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_nfs/rule.yml
-index 1d6ea593c..fe9613475 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the tmpreaper_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_samba/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_samba/rule.yml
-index 0981d8bb7..768670d40 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_samba/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_samba/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the tmpreaper_use_samba SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_bind_all_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_bind_all_unreserved_ports/rule.yml
-index df86f4519..8f307e565 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_bind_all_unreserved_ports/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_bind_all_unreserved_ports/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the tor_bind_all_unreserved_ports SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_can_network_relay/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_can_network_relay/rule.yml
-index 86e08e388..7e863ca92 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_can_network_relay/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_can_network_relay/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the tor_can_network_relay SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_chrome_sandbox_transition/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_chrome_sandbox_transition/rule.yml
-index f0556d174..b6c44d72e 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_chrome_sandbox_transition/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_chrome_sandbox_transition/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the unconfined_chrome_sandbox_transition SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_login/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_login/rule.yml
-index 839767ab2..c19863dc9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_login/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_login/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the unconfined_login SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_mozilla_plugin_transition/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_mozilla_plugin_transition/rule.yml
-index d8f69ced2..45d778d20 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_mozilla_plugin_transition/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_mozilla_plugin_transition/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the unconfined_mozilla_plugin_transition SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_unprivuser_use_svirt/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_unprivuser_use_svirt/rule.yml
-index b9ea2bbe1..cda7f2813 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_unprivuser_use_svirt/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_unprivuser_use_svirt/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the unprivuser_use_svirt SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_ecryptfs_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_ecryptfs_home_dirs/rule.yml
-index 74b827fc1..42e7272ad 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_ecryptfs_home_dirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_ecryptfs_home_dirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the use_ecryptfs_home_dirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_fusefs_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_fusefs_home_dirs/rule.yml
-index 0b74be730..fde9d57ea 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_fusefs_home_dirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_fusefs_home_dirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the use_fusefs_home_dirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_lpd_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_lpd_server/rule.yml
-index ec79d2ec8..dd36abc18 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_lpd_server/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_lpd_server/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the use_lpd_server SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_nfs_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_nfs_home_dirs/rule.yml
-index fdfad24e7..8708942ec 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_nfs_home_dirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_nfs_home_dirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the use_nfs_home_dirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_samba_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_samba_home_dirs/rule.yml
-index 4da19ea45..32b015882 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_samba_home_dirs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_samba_home_dirs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the use_samba_home_dirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_user_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_user_exec_content/rule.yml
-index 2ba42daf6..84cbc6cc3 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_user_exec_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_user_exec_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the user_exec_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_varnishd_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_varnishd_connect_any/rule.yml
-index 0b2097dc3..0619143c6 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_varnishd_connect_any/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_varnishd_connect_any/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the varnishd_connect_any SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_read_qemu_ga_data/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_read_qemu_ga_data/rule.yml
-index 7899bd3b7..f7a88517a 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_read_qemu_ga_data/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_read_qemu_ga_data/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_read_qemu_ga_data SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_rw_qemu_ga_data/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_rw_qemu_ga_data/rule.yml
-index 822b9894f..8f57e4e5d 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_rw_qemu_ga_data/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_rw_qemu_ga_data/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_rw_qemu_ga_data SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_all_caps/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_all_caps/rule.yml
-index df5c0c827..559cd12b5 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_all_caps/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_all_caps/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_sandbox_use_all_caps SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_audit/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_audit/rule.yml
-index f0009fe45..df761480f 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_audit/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_audit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the virt_sandbox_use_audit SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_mknod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_mknod/rule.yml
-index 03b024c0e..7689f05a4 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_mknod/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_mknod/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_sandbox_use_mknod SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_netlink/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_netlink/rule.yml
-index 1891511d2..3b80c5e81 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_netlink/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_netlink/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_sandbox_use_netlink SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_sys_admin/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_sys_admin/rule.yml
-index b7fcd58a9..a15774495 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_sys_admin/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_sys_admin/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_sandbox_use_sys_admin SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_transition_userdomain/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_transition_userdomain/rule.yml
-index 3a54abbba..25d71216d 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_transition_userdomain/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_transition_userdomain/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_transition_userdomain SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_comm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_comm/rule.yml
-index bef0f9a8f..901dc85eb 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_comm/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_comm/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_use_comm SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_execmem/rule.yml
-index b4c890c43..baa86e1ba 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_execmem/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_execmem/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_use_execmem SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_fusefs/rule.yml
-index f92f814f0..1ef74b8a6 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_fusefs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_fusefs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_use_fusefs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_nfs/rule.yml
-index 7db9e5b36..1e0cd0f56 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_rawip/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_rawip/rule.yml
-index ea059d549..23c6e6325 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_rawip/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_rawip/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_use_rawip SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_samba/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_samba/rule.yml
-index bd6cccac2..b664f2999 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_samba/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_samba/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_use_samba SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_sanlock/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_sanlock/rule.yml
-index 7db733fe8..9707ac1cf 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_sanlock/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_sanlock/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_use_sanlock SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_usb/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_usb/rule.yml
-index bc2e3350b..cb103a38e 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_usb/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_usb/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_use_usb SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_xserver/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_xserver/rule.yml
-index 8420fe493..ed9094f45 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_xserver/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_xserver/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the virt_use_xserver SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_manage_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_manage_user_files/rule.yml
-index 3d69f6b2a..bf19fbb8c 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_manage_user_files/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_manage_user_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the webadm_manage_user_files SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_read_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_read_user_files/rule.yml
-index c8859dd0e..e0d5a9d1f 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_read_user_files/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_read_user_files/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the webadm_read_user_files SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_wine_mmap_zero_ignore/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_wine_mmap_zero_ignore/rule.yml
-index 46ea5e901..f9940356e 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_wine_mmap_zero_ignore/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_wine_mmap_zero_ignore/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the wine_mmap_zero_ignore SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_bind_vnc_tcp_port/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_bind_vnc_tcp_port/rule.yml
-index 456b95fa5..6efc0b8c7 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_bind_vnc_tcp_port/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_bind_vnc_tcp_port/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the xdm_bind_vnc_tcp_port SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_exec_bootloader/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_exec_bootloader/rule.yml
-index 0e2d6630e..f71120b85 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_exec_bootloader/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_exec_bootloader/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the xdm_exec_bootloader SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_sysadm_login/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_sysadm_login/rule.yml
-index 5c7983247..f30ee9fb9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_sysadm_login/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_sysadm_login/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the xdm_sysadm_login SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_write_home/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_write_home/rule.yml
-index 1231f32f4..97eb45c83 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_write_home/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_write_home/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the xdm_write_home SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xen_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xen_use_nfs/rule.yml
-index 38ff90e0a..c6fd91eb9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xen_use_nfs/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xen_use_nfs/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the xen_use_nfs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_blktap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_blktap/rule.yml
-index 9bd435159..8971006b9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_blktap/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_blktap/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the xend_run_blktap SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_qemu/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_qemu/rule.yml
-index 1faef3c80..42a5a4f66 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_qemu/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_qemu/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the xend_run_qemu SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_connect_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_connect_network/rule.yml
-index 13fc1d0ad..32949b275 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_connect_network/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_connect_network/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the xguest_connect_network SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_exec_content/rule.yml
-index fa2c6693c..254d4034d 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_exec_content/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_exec_content/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the xguest_exec_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_mount_media/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_mount_media/rule.yml
-index 59420f0aa..af83cc614 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_mount_media/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_mount_media/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the xguest_mount_media SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_use_bluetooth/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_use_bluetooth/rule.yml
-index 7052e9875..4cf579516 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_use_bluetooth/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_use_bluetooth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the xguest_use_bluetooth SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_clients_write_xshm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_clients_write_xshm/rule.yml
-index aca077be5..e8efed4b8 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_clients_write_xshm/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_clients_write_xshm/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the xserver_clients_write_xshm SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_execmem/rule.yml
-index 393ec2b3b..91d24bcd6 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_execmem/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_execmem/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the xserver_execmem SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_object_manager/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_object_manager/rule.yml
-index 6f9a0de7f..fead3a0ed 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_object_manager/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_object_manager/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the xserver_object_manager SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zabbix_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zabbix_can_network/rule.yml
-index f48eccf14..ce7b6cac0 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zabbix_can_network/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zabbix_can_network/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the zabbix_can_network SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zarafa_setrlimit/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zarafa_setrlimit/rule.yml
-index 4775f9297..28113c1f9 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zarafa_setrlimit/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zarafa_setrlimit/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the zarafa_setrlimit SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zebra_write_config/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zebra_write_config/rule.yml
-index ede5e2a43..0159cace0 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zebra_write_config/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zebra_write_config/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the zebra_write_config SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_anon_write/rule.yml
-index f97013e6c..ad916ea1f 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_anon_write/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_anon_write/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the zoneminder_anon_write SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_run_sudo/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_run_sudo/rule.yml
-index dc7b1290a..9596c2d57 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_run_sudo/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_run_sudo/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the zoneminder_run_sudo SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
-index 7065c1eb9..b1d38588e 100644
---- a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Ensure No Device Files are Unlabeled by SELinux'
- 
-diff --git a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
-index 00cc2ffc2..73a381123 100644
---- a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
- 
- title: 'Ensure No Daemons are Unconfined by SELinux'
- 
 diff --git a/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml b/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
 index fa39b8af6..33e2978d4 100644
 --- a/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
@@ -24933,26 +13149,18 @@ index 0b33e5768..c9b647b8e 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
-index d84bae70e..fed0e7fd8 100644
+index eb020851d..690015e10 100644
 --- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Configure SELinux Policy'
- 
-@@ -58,7 +58,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-020220
      stigid@ol8: OL08-00-010450
      stigid@rhel7: RHEL-07-020220
 -    stigid@rhel8: RHEL-08-010450
 +    stigid@almalinux8: RHEL-08-010450
+     stigid@rhel9: RHEL-09-431015
  
  ocil_clause: 'the loaded policy name is not "{{{ xccdf_value("var_selinux_policy_name") }}}"'
- 
 diff --git a/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml b/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
 index 3234ef102..9961cbdd9 100644
 --- a/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
@@ -24974,31 +13182,23 @@ index 1f458fa5b..3a9811ea3 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_state/rule.yml b/linux_os/guide/system/selinux/selinux_state/rule.yml
-index 8a67f6cae..b4f2870dd 100644
+index 974c1c791..87c66527f 100644
 --- a/linux_os/guide/system/selinux/selinux_state/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_state/rule.yml
-@@ -50,7 +50,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-020210
      stigid@ol8: OL08-00-010170
      stigid@rhel7: RHEL-07-020210
 -    stigid@rhel8: RHEL-08-010170
 +    stigid@almalinux8: RHEL-08-010170
+     stigid@rhel9: RHEL-09-431010
  
  ocil_clause: 'SELINUX is not set to enforcing'
- 
 diff --git a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
-index d4c211c10..b909ccace 100644
+index b9bd06bcd..b69db1723 100644
 --- a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Map System Users To The Appropriate SELinux Role'
- 
-@@ -42,7 +42,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      stigid@ol7: OL07-00-020020
      stigid@ol8: OL08-00-040400
      stigid@rhel7: RHEL-07-020020
@@ -25008,172 +13208,96 @@ index d4c211c10..b909ccace 100644
  ocil_clause: 'non-admin users are not confined correctly'
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
-index a7b2c5bcc..431536d72 100644
+index 3c73b4cde..beb5b86cd 100644
 --- a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Encrypt Partitions'
- 
-@@ -77,7 +77,7 @@ references:
+@@ -76,7 +76,7 @@ references:
      nist@sle15: SC-28,SC-28.1
      srg: SRG-OS-000405-GPOS-00184,SRG-OS-000185-GPOS-00079,SRG-OS-000404-GPOS-00183
      stigid@ol8: OL08-00-010030
 -    stigid@rhel8: RHEL-08-010030
 +    stigid@almalinux8: RHEL-08-010030
+     stigid@rhel9: RHEL-09-231190
      stigid@sle12: SLES-12-010450
      stigid@sle15: SLES-15-010330
-     stigid@ubuntu2004: UBTU-20-010414
-diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml
-index be86d0437..f420ac864 100644
---- a/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml
-+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
- 
- title: 'Ensure /boot Located On Separate Partition'
- 
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
-index 92fb55553..0bd349bf9 100644
+index 38bf96760..7d76efdb5 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      stigid@ol7: OL07-00-021310
      stigid@ol8: OL08-00-010800
      stigid@rhel7: RHEL-07-021310
 -    stigid@rhel8: RHEL-08-010800
 +    stigid@almalinux8: RHEL-08-010800
+     stigid@rhel9: RHEL-09-231010
      stigid@sle12: SLES-12-010850
      stigid@sle15: SLES-15-040200
- 
-diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml
-index cef52e21e..01488f38e 100644
---- a/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml
-+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
- 
- title: 'Ensure /opt Located On Separate Partition'
- 
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
-index 1fd3af83a..d5702637c 100644
+index c0c938f2b..8f3b33363 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-021340
      stigid@ol8: OL08-00-010543
      stigid@rhel7: RHEL-07-021340
 -    stigid@rhel8: RHEL-08-010543
 +    stigid@almalinux8: RHEL-08-010543
+     stigid@rhel9: RHEL-09-231015
  
  {{{ complete_ocil_entry_separate_partition(part="/tmp") }}}
- 
-diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml
-index f40201b20..bb043b8c4 100644
---- a/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml
-+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
- 
- title: 'Ensure /usr Located On Separate Partition'
- 
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
-index 9f87a0028..584ec0c35 100644
+index 74bbec5a8..cb538f13d 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      stigid@ol7: OL07-00-021320
      stigid@ol8: OL08-00-010540
      stigid@rhel7: RHEL-07-021320
 -    stigid@rhel8: RHEL-08-010540
 +    stigid@almalinux8: RHEL-08-010540
+     stigid@rhel9: RHEL-09-231020
      stigid@sle12: SLES-12-010860
      stigid@sle15: SLES-15-040210
- 
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
-index e2f69fef8..4a102e1b7 100644
+index 563251a11..1fae6d160 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      nist-csf: PR.PT-1,PR.PT-4
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010541
 -    stigid@rhel8: RHEL-08-010541
 +    stigid@almalinux8: RHEL-08-010541
+     stigid@rhel9: RHEL-09-231025
  
  {{{ complete_ocil_entry_separate_partition(part="/var/log") }}}
- 
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
-index 9758b0625..4263bccdb 100644
+index 25ab26c3e..4d4ca84c0 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      stigid@ol7: OL07-00-021330
      stigid@ol8: OL08-00-010542
      stigid@rhel7: RHEL-07-021330
 -    stigid@rhel8: RHEL-08-010542
 +    stigid@almalinux8: RHEL-08-010542
+     stigid@rhel9: RHEL-09-231030
      stigid@sle12: SLES-12-010870
      stigid@sle15: SLES-15-030810
- 
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
-index 65cde9418..5bbac4fac 100644
+index 423da9c42..6e697d50e 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'Ensure /var/tmp Located On Separate Partition'
- 
-@@ -38,7 +38,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      cis@ubuntu2204: 1.1.4.1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010544
 -    stigid@rhel8: RHEL-08-010544
 +    stigid@almalinux8: RHEL-08-010544
+     stigid@rhel9: RHEL-09-231035
  
  {{{ complete_ocil_entry_separate_partition(part="/var/tmp") }}}
- 
-diff --git a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
-index 814a0103c..cd2de3213 100644
---- a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
-+++ b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Make sure that the dconf databases are up-to-date with regards to respective keyfiles'
- 
-diff --git a/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml b/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml
-index fd69a8620..f2ab70604 100644
---- a/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml
-+++ b/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Configure GNOME3 DConf User Profile'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
 index c3baa1b80..be83f158f 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
@@ -25184,18 +13308,6 @@ index c3baa1b80..be83f158f 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml
-index b5bf2b998..30c4b5e49 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable the GNOME3 Login Restart and Shutdown Buttons'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
 index 917fc7dc4..bc1d7c63c 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
@@ -25207,26 +13319,18 @@ index 917fc7dc4..bc1d7c63c 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
-index 50a8651ab..9207e612e 100644
+index 49fd4c26a..ab9b2a806 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Disable the GNOME3 Login User List'
- 
-@@ -48,7 +48,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      stigid@ol7: OL07-00-010063
      stigid@ol8: OL08-00-020032
      stigid@rhel7: RHEL-07-010063
 -    stigid@rhel8: RHEL-08-020032
 +    stigid@almalinux8: RHEL-08-020032
+     stigid@rhel9: RHEL-09-271115
  
  ocil_clause: 'disable-user-list has not been configured or is not disabled'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
 index f5d68f1c3..91f02c0d4 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
@@ -25237,39 +13341,19 @@ index f5d68f1c3..91f02c0d4 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml
-index 0e5f22171..00c88f4e6 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Enable the GNOME3 Login Smartcard Authentication'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
-index 3bdd2128d..0558856b4 100644
+index 640a61e51..ae0fcb24e 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Enable the GNOME3 Screen Locking On Smartcard Removal'
- 
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      disa: CCI-000056,CCI-000058
      srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol8: OL08-00-020050
 -    stigid@rhel8: RHEL-08-020050
 +    stigid@almalinux8: RHEL-08-020050
+     stigid@rhel9: RHEL-09-271045,RHEL-09-271050
  
  ocil_clause: 'removal-action has not been configured'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
 index 45e6c24aa..e06d9600f 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
@@ -25280,18 +13364,6 @@ index 45e6c24aa..e06d9600f 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml
-index baf8f8a1f..6bede2b81 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Set the GNOME3 Login Number of Failures'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
 index 6b19c8138..1f656f5a8 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
@@ -25303,26 +13375,18 @@ index 6b19c8138..1f656f5a8 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
-index cbfcb9c18..e3f39a01f 100644
+index 99bc0c878..b3fac1ffa 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable GDM Automatic Login'
- 
 @@ -39,7 +39,7 @@ references:
      stigid@ol7: OL07-00-010440
      stigid@ol8: OL08-00-010820
      stigid@rhel7: RHEL-07-010440
 -    stigid@rhel8: RHEL-08-010820
 +    stigid@almalinux8: RHEL-08-010820
+     stigid@rhel9: RHEL-09-271040
  
  ocil_clause: 'GDM allows users to automatically login'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
 index ef2933c52..0d72f6f65 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
@@ -25343,18 +13407,6 @@ index 0fa83b269..4264c8889 100644
  
  if rpm --quiet -q gdm
  then
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml
-index 2d7584c37..b260701c0 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Disable GDM Guest Login'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
 index 0ca67c74a..332a5018a 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
@@ -25375,18 +13427,6 @@ index 60417ff4e..0af05e798 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
-index f969464a3..2e7ed286b 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,ubuntu2204
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
- 
- title: 'Disable GNOME3 Automounting'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
 index ac168ef9f..69ecfa6a7 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
@@ -25397,18 +13437,6 @@ index ac168ef9f..69ecfa6a7 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
-index 429314038..e7370bd25 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
- 
- title: 'Disable GNOME3 Automount Opening'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
 index 51e4063c3..3591b7266 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
@@ -25419,18 +13447,6 @@ index 51e4063c3..3591b7266 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
-index b7662be6f..0b85618cb 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
- 
- title: 'Disable GNOME3 Automount running'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
 index 33460b61c..04074e66b 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
@@ -25441,18 +13457,6 @@ index 33460b61c..04074e66b 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
-index 0ed279aa0..9b140e2e5 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable All GNOME3 Thumbnailers'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
 index 4e389aa5c..254db9bfe 100644
 --- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
@@ -25463,18 +13467,6 @@ index 4e389aa5c..254db9bfe 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml
-index 87f7c6e9a..dc246f706 100644
---- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable WIFI Network Connection Creation in GNOME3'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
 index c3922e5b0..40515598a 100644
 --- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
@@ -25485,18 +13477,6 @@ index c3922e5b0..40515598a 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml
-index af8909aab..b6b3ba0be 100644
---- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable WIFI Network Notification in GNOME3'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
 index 09eed8367..601191b49 100644
 --- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
@@ -25507,18 +13487,6 @@ index 09eed8367..601191b49 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
-index ae37afd2e..00e550e63 100644
---- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle15
- 
- title: 'Require Credential Prompting for Remote Access in GNOME3'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
 index bf1efbe61..efa5b96a6 100644
 --- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
@@ -25529,18 +13497,6 @@ index bf1efbe61..efa5b96a6 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
-index 0d7b7c540..c332f4f60 100644
---- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle15
- 
- title: 'Require Encryption for Remote Access in GNOME3'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
 index f7c7b4379..95781d5ab 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
@@ -25551,18 +13507,6 @@ index f7c7b4379..95781d5ab 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
-index 89d2ecdff..947324d01 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Enable GNOME3 Screensaver Idle Activation'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
 index d3f144c89..ae170b802 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
@@ -25573,18 +13517,6 @@ index d3f144c89..ae170b802 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml
-index b94df803c..aaa45d942 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Ensure Users Cannot Change GNOME3 Screensaver Idle Activation'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
 index 5b08acff4..d1af90b16 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
@@ -25596,26 +13528,18 @@ index 5b08acff4..d1af90b16 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
-index 58488e8aa..bb3ae452d 100644
+index c3aae1f94..27893d7fa 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Set GNOME3 Screensaver Inactivity Timeout'
- 
-@@ -52,7 +52,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-010070
      stigid@ol8: OL08-00-020060
      stigid@rhel7: RHEL-07-010070
 -    stigid@rhel8: RHEL-08-020060
 +    stigid@almalinux8: RHEL-08-020060
+     stigid@rhel9: RHEL-09-271065
      stigid@sle12: SLES-12-010080
      stigid@sle15: SLES-15-010120
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
 index 9d034e519..2c45806b4 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
@@ -25627,26 +13551,18 @@ index 9d034e519..2c45806b4 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
-index 99c897f17..fdf719386 100644
+index 9caab7125..5571ec5d1 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
- 
- title: 'Set GNOME3 Screensaver Lock Delay After Activation Period'
- 
-@@ -43,7 +43,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      stigid@ol7: OL07-00-010110
      stigid@ol8: OL08-00-020031
      stigid@rhel7: RHEL-07-010110
 -    stigid@rhel8: RHEL-08-020031
 +    stigid@almalinux8: RHEL-08-020031
+     stigid@rhel9: RHEL-09-271075
  
  ocil_clause: 'the screensaver lock delay is missing, or is set to a value greater than {{{ xccdf_value("var_screensaver_lock_delay") }}}'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
 index d04e6893f..5b9cba007 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
@@ -25658,26 +13574,18 @@ index d04e6893f..5b9cba007 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
-index 8a86e3806..82ba2fc3e 100644
+index 7281b7192..a0b8093d1 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Enable GNOME3 Screensaver Lock After Idle Period'
- 
-@@ -58,7 +58,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-010060
-     stigid@ol8: OL08-00-020030
+     stigid@ol8: OL08-00-020030,OL08-00-020082
      stigid@rhel7: RHEL-07-010060
 -    stigid@rhel8: RHEL-08-020030
 +    stigid@almalinux8: RHEL-08-020030
+     stigid@rhel9: RHEL-09-271060,RHEL-09-271055
      stigid@sle12: SLES-12-010060
      stigid@sle15: SLES-15-010100
-     stigid@ubuntu2004: UBTU-20-010004
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
 index 34ff91ab3..875abf68d 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
@@ -25689,18 +13597,10 @@ index 34ff91ab3..875abf68d 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
-index 92ddf0d12..2147b87eb 100644
+index f263324e7..79bfbe76d 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Ensure Users Cannot Change GNOME3 Screensaver Lock After Idle Period'
- 
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol7: OL07-00-010062
      stigid@rhel7: RHEL-07-010062
@@ -25719,18 +13619,6 @@ index 4dbe2b3c8..7313b6bcd 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
-index 48735e16a..8051d84aa 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Implement Blank Screensaver'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
 index 606e00c5f..792db4ca4 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
@@ -25741,18 +13629,6 @@ index 606e00c5f..792db4ca4 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
-index 9f86c7ede..556d12272 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable Full User Name on Splash Shield'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
 index ed7d98843..a41cb7151 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
@@ -25764,26 +13640,18 @@ index ed7d98843..a41cb7151 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
-index a1169934f..bed6e6550 100644
+index 8af7828af..23932ed00 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Ensure Users Cannot Change GNOME3 Screensaver Settings'
- 
-@@ -42,7 +42,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      stigid@ol7: OL07-00-010081
      stigid@ol8: OL08-00-020080
      stigid@rhel7: RHEL-07-010081
 -    stigid@rhel8: RHEL-08-020080
 +    stigid@almalinux8: RHEL-08-020080
+     stigid@rhel9: RHEL-09-271080
  
  ocil_clause: 'GNOME3 session settings are not locked or configured properly'
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
 index aae97c962..18c7ec75f 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
@@ -25795,26 +13663,18 @@ index aae97c962..18c7ec75f 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
-index 762e8c789..2ca30055a 100644
+index 8f83ef5b1..07aa048e9 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Ensure Users Cannot Change GNOME3 Session Idle Settings'
- 
-@@ -46,7 +46,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      stigid@ol7: OL07-00-010082
      stigid@ol8: OL08-00-020081
      stigid@rhel7: RHEL-07-010082
 -    stigid@rhel8: RHEL-08-020081
 +    stigid@almalinux8: RHEL-08-020081
- 
- ocil_clause: 'idle-delay is not locked'
- 
+     stigid@rhel9: RHEL-09-271070
+     stigid@sle12: SLES-12-010080
+     stigid@sle15: SLES-15-010120
 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
 index 76181547b..eb340cb5b 100644
 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
@@ -25826,26 +13686,18 @@ index 76181547b..eb340cb5b 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
-index 1f04e0af0..9ca43d03a 100644
+index 6700f0533..30d3068ab 100644
 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Disable Ctrl-Alt-Del Reboot Key Sequence in GNOME3'
- 
-@@ -47,7 +47,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-020231
      stigid@ol8: OL08-00-040171
      stigid@rhel7: RHEL-07-020231
 -    stigid@rhel8: RHEL-08-040171
 +    stigid@almalinux8: RHEL-08-040171
+     stigid@rhel9: RHEL-09-271105,RHEL-09-271110
      stigid@ubuntu2004: UBTU-20-010459
  
- ocil_clause: 'GNOME3 is configured to reboot when Ctrl-Alt-Del is pressed'
 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
 index fa4f578ef..f0d0708d1 100644
 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
@@ -25856,42 +13708,6 @@ index fa4f578ef..f0d0708d1 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml
-index faa389c25..d0e22b414 100644
---- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable Geolocation in GNOME3'
- 
-diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_power_settings/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_power_settings/rule.yml
-index 7a2e35b8f..8d2debf74 100644
---- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_power_settings/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_power_settings/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,rhel9
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable Power Settings in GNOME3'
- 
-diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml
-index 592f85584..664c876cb 100644
---- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Disable User Administration in GNOME3'
- 
 diff --git a/linux_os/guide/system/software/gnome/group.yml b/linux_os/guide/system/software/gnome/group.yml
 index c7617bc43..7de8de33c 100644
 --- a/linux_os/guide/system/software/gnome/group.yml
@@ -25905,32 +13721,8 @@ index c7617bc43..7de8de33c 100644
      {{% endif %}}
      <br /><br />
      For more information on GNOME and the GNOME Project, see <b>{{{ weblink(link="https://www.gnome.org") }}}</b>.
-diff --git a/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml b/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml
-index 205adaf50..51042b381 100644
---- a/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml
-+++ b/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Remove the GDM Package Group'
- 
-diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
-index d7610c432..7318192f0 100644
---- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
-+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
-+prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
- 
- title: 'The Installed Operating System Is FIPS 140-2 Certified'
- 
 diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
-index 16c3847ad..73477c511 100644
+index 7ef0e5992..be7bc59b3 100644
 --- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
 +++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
 @@ -4,6 +4,7 @@
@@ -25942,18 +13734,10 @@ index 16c3847ad..73477c511 100644
        <extend_definition comment="Installed OS is RHEL8" definition_ref="installed_OS_is_rhel8" />
        <extend_definition comment="Installed OS is RHEL9" definition_ref="installed_OS_is_rhel9" />
 diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
-index 234eb42b8..04b4d84e4 100644
+index 90d7c08b0..a19283b81 100644
 --- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
 +++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'The Installed Operating System Is Vendor Supported'
- 
-@@ -12,6 +12,9 @@ description: |-
+@@ -11,6 +11,9 @@ description: |-
  {{% elif product in ["sle12", "sle15"] %}}
      SUSE Linux Enterprise is supported by SUSE. As the SUSE Linux Enterprise
      vendor, SUSE is responsible for providing security patches.
@@ -25963,36 +13747,28 @@ index 234eb42b8..04b4d84e4 100644
  {{% else %}}
      Red Hat Enterprise Linux is supported by Red Hat, Inc. As the Red Hat Enterprise
      Linux vendor, Red Hat, Inc. is responsible for providing security patches.
-@@ -49,7 +52,7 @@ references:
+@@ -48,7 +51,7 @@ references:
      stigid@ol7: OL07-00-020250
      stigid@ol8: OL08-00-010000
      stigid@rhel7: RHEL-07-020250
 -    stigid@rhel8: RHEL-08-010000
 +    stigid@almalinux8: RHEL-08-010000
+     stigid@rhel9: RHEL-09-211010
      stigid@sle12: SLES-12-010000
      stigid@sle15: SLES-15-010000
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
-index cafd1940a..485ee6538 100644
+index 395e7a665..ed739f421 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4,uos20
- 
- title: 'Configure BIND to use System Crypto Policy'
- 
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      nist: SC-13,SC-12(2),SC-12(3)
      srg: SRG-OS-000423-GPOS-00187,SRG-OS-000426-GPOS-00190
      stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
+     stigid@rhel9: RHEL-09-672050
  
  ocil_clause: |-
-     BIND is installed and the BIND config file doesn't contain the
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
 index c7385d2c3..637496acd 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
@@ -26064,26 +13840,18 @@ index dd096ab41..b180ed3b3 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
-index d1aec7744..a8584851e 100644
+index 89225c96f..c2b0b4a14 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle15,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle15,uos20
- 
- title: 'Configure System Cryptography Policy'
- 
-@@ -71,7 +71,7 @@ references:
-     ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1
+@@ -70,7 +70,7 @@ references:
+     pcidss4: '2.2.7'
      srg: SRG-OS-000396-GPOS-00176,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174
      stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
+     stigid@rhel9: RHEL-09-671010,RHEL-09-672030,RHEL-09-672045
  
  ocil_clause: 'cryptographic policy is not configured or is configured incorrectly'
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
 index 053093a64..b7e1ee47a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
@@ -26228,18 +13996,10 @@ index 9461c3ddd..5b5b06ac9 100644
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
-index 12ca11e55..92ec0ac36 100644
+index 55b77f667..19f3893df 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
- 
- title: 'Configure GnuTLS library to use DoD-approved TLS Encryption'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      nist: AC-17(2)
      srg: SRG-OS-000250-GPOS-00093,SRG-OS-000423-GPOS-00187
      stigid@ol8: OL08-00-010295
@@ -26293,26 +14053,18 @@ index 3776d35aa..8710aef51 100644
  configfile=/etc/crypto-policies/back-ends/gnutls.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
-index 094beadb3..3c2f3ba54 100644
+index de54d7f96..6c2c30188 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4,uos20
- 
- title: 'Configure Kerberos to use System Crypto Policy'
- 
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      nist: SC-13,SC-12(2),SC-12(3)
      srg: SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
+     stigid@rhel9: RHEL-09-672025
  
  ocil_clause: 'the symlink does not exist or points to a different target'
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
 index 4834387dc..1d404fe6e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
@@ -26346,26 +14098,18 @@ index 4eb5348f2..9047445c5 100644
  rm -f /etc/krb5.conf.d/crypto-policies
  ln -s /etc/crypto-policies/back-ends/openssh.config /etc/krb5.conf.d/crypto-policies
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
-index 5c8655c92..cbcd98958 100644
+index f0b782571..c85593f9e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle12,sle15,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
- 
- title: 'Configure Libreswan to use System Crypto Policy'
- 
-@@ -37,7 +37,7 @@ references:
-     pcidss4: "2.2"
+@@ -35,7 +35,7 @@ references:
+     pcidss: Req-2.2
      srg: SRG-OS-000033-GPOS-00014
      stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
+     stigid@rhel9: RHEL-09-671020
  
  ocil_clause: |-
-     the "IPsec" service is active and the ipsec configuration file does not contain does not contain <tt>include /etc/crypto-policies/back-ends/libreswan.config</tt>
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
 index 9379b5ff3..c8fdbd4f5 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
@@ -26425,26 +14169,18 @@ index 2863c6102..aeeddb9a1 100644
  
  cp ipsec.conf /etc
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
-index 8cf86b739..34f206aeb 100644
+index 0f60c61d7..523515c11 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle12,sle15,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
- 
- title: 'Configure OpenSSL library to use System Crypto Policy'
- 
-@@ -46,7 +46,7 @@ references:
-     pcidss4: "2.2"
+@@ -44,7 +44,7 @@ references:
+     pcidss: Req-2.2
      srg: SRG-OS-000250-GPOS-00093
      stigid@ol8: OL08-00-010293
 -    stigid@rhel8: RHEL-08-010293
 +    stigid@almalinux8: RHEL-08-010293
+     stigid@rhel9: RHEL-09-672035
  
  ocil_clause: |-
-     the OpenSSL config file doesn't contain the whole section,
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
 index 8ccb6cef9..306b29698 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
@@ -26501,26 +14237,18 @@ index 1b2ea8d80..7795d5a96 100644
  . common.sh
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
-index 767481d1e..4787a7307 100644
+index 6fad634d7..969472391 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Configure OpenSSL library to use TLS Encryption'
- 
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist: AC-17(2)
      srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174
      stigid@ol8: OL08-00-010294
 -    stigid@rhel8: RHEL-08-010294
 +    stigid@almalinux8: RHEL-08-010294
+     stigid@rhel9: RHEL-09-672040
  
  ocil_clause: 'cryptographic policy for openssl is not configured or is configured incorrectly'
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct.pass.sh
 index 48ccb9b98..80b0cdbbc 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct.pass.sh
@@ -26599,26 +14327,18 @@ index 1593ce8ae..e42f42388 100644
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
-index 2373c03c3..b622e0e33 100644
+index 3fcebafa3..f5be4edbb 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle12,sle15,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
- 
- title: 'Configure SSH to use System Crypto Policy'
- 
-@@ -37,7 +37,7 @@ references:
-     pcidss4: "2.2"
+@@ -36,7 +36,7 @@ references:
+     pcidss4: '2.2.7'
      srg: SRG-OS-000250-GPOS-00093
      stigid@ol8: OL08-00-010287
 -    stigid@rhel8: RHEL-08-010287
 +    stigid@almalinux8: RHEL-08-010287
+     stigid@rhel9: RHEL-09-255055
  
  ocil_clause: 'the CRYPTO_POLICY variable is set or is not commented out in the /etc/sysconfig/sshd'
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
 index 96ae6a064..399d9d334 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
@@ -26699,18 +14419,6 @@ index cd7c4fb6c..1deb135a3 100644
  
  cp="Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256"
  file="/etc/crypto-policies/local.d/opensslcnf-ospp.config"
-diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml
-index 067adc6a5..eb5225df9 100644
---- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml
-+++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhcos4,rhel8
-+prodtype: rhcos4,rhel8,almalinux8
- 
- title: 'Harden OpenSSL Crypto Policy'
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct.pass.sh
 index 0debb6c70..f7e5d9219 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct.pass.sh
@@ -27106,26 +14814,18 @@ index 6db8f9654..2f0172991 100644
  {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
-index 00bbcf955..185a604c4 100644
+index d8dbff009..2ff8a7b55 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Configure SSH Client to Use FIPS 140-2 Validated Ciphers: openssh.config'
- 
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      nist: AC-17(2)
      srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000423-GPOS-00187
      stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
+     stigid@rhel9: RHEL-09-255060
  
  ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
 index 0bf0e7eef..9521cde55 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
@@ -27235,68 +14935,60 @@ index 14d764ca8..49e23f8c7 100644
  {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
-index c4edc79bf..3462c42d7 100644
+index 946f7e102..0553c1e54 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Configure SSH Server to Use FIPS 140-2 Validated Ciphers: opensshserver.config'
- 
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      nist: AC-17(2)
      srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093
      stigid@ol8: OL08-00-010291
 -    stigid@rhel8: RHEL-08-010291
 +    stigid@almalinux8: RHEL-08-010291
+     stigid@rhel9: RHEL-09-255065
  
  ocil_clause: 'Crypto Policy for OpenSSH Server is not configured correctly'
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
-index c84e0c157..d4c2b9ba7 100644
+index 34b69406a..7156acfe3 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
- # profiles = xccdf_org.ssgproject.content_profile_stig
+ # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com
  
- sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
+ sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
-index 66483e898..fae4417ec 100644
+index 60b4616ce..66961be70 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
- # profiles = xccdf_org.ssgproject.content_profile_stig
+ # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com
  
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
-index e350ce5f0..0a9a9f01a 100644
+index 3eca150b3..499776123 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
- # profiles = xccdf_org.ssgproject.content_profile_stig
+ # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com
  
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
-index 11b194db0..09699474f 100644
+index f8659efcf..0e0b65548 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
- # profiles = xccdf_org.ssgproject.content_profile_stig
+ # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com
  
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/bash/shared.sh
@@ -27309,18 +15001,6 @@ index 7a9a2a5e9..25cf3fd35 100644
  
  cp="CRYPTO_POLICY='-oCiphers=aes256-ctr,aes128-ctr,aes256-cbc,aes128-cbc -oMACs=hmac-sha2-512,hmac-sha2-256 -oGSSAPIKeyExchange=no -oKexAlgorithms=ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha1 -oHostKeyAlgorithms=ssh-rsa,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256 -oPubkeyAcceptedKeyTypes=rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256'"
  file=/etc/crypto-policies/local.d/opensshserver-ospp.config
-diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml
-index 0c438c313..f5067892f 100644
---- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml
-+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
- 
- title: 'Harden SSHD Crypto Policy'
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct.pass.sh
 index d0541b7ab..e3f476840 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct.pass.sh
@@ -27430,18 +15110,10 @@ index 451da4db3..5d373e6b9 100644
  {{{ bash_instantiate_variables("sshd_approved_macs") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
-index 8736e39af..141aba5bd 100644
+index 902ef3559..d25a25aca 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Configure SSH Client to Use FIPS 140-2 Validated MACs: openssh.config'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      nist: AC-17(2)
      srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093
      stigid@ol8: OL08-00-010290
@@ -27451,38 +15123,38 @@ index 8736e39af..141aba5bd 100644
  ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
-index 6edae5092..404e30be1 100644
+index 49d18486f..68d29d5b9 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
+ # variables = sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
  
- sshd_approved_macs=hmac-sha2-512,hmac-sha2-256
+ sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
-index 0fec46a5c..a8e2c30de 100644
+index b068e2ea4..8ed8a05b8 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
+ # variables = sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
  
- sshd_approved_macs=hmac-sha2-512,hmac-sha2-256
+ sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
-index 95bf94331..12a1ab332 100644
+index f57f42270..f91ed8976 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
+ # variables = sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
  
- sshd_approved_macs=hmac-sha2-512,hmac-sha2-256
+ sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
 index 32d81d353..f2a71b8a4 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
@@ -27506,16 +15178,16 @@ index be78ed116..7fd821a4d 100644
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
-index 4af43d60e..9c83bffbe 100644
+index 999463e1c..a9fb3f572 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
+ # variables = sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
  
- sshd_approved_macs=hmac-sha2-512,hmac-sha2-256
+ sshd_approved_macs=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
 index 0114a63ab..0666082d0 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
@@ -27559,18 +15231,10 @@ index a06ffc2d7..6b4a4f76c 100644
  {{{ bash_instantiate_variables("sshd_approved_macs") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
-index f08f120f9..9d3ecc151 100644
+index d7c054c99..d2b719876 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Configure SSH Server to Use FIPS 140-2 Validated MACs: opensshserver.config'
- 
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      nist: AC-17(2)
      srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093
      stigid@ol8: OL08-00-010290
@@ -27633,19 +15297,6 @@ index beec02c93..878ed4ced 100644
  
  cat > /etc/profile.d/openssl-rand.sh <<- 'EOM'
  {{{ openssl_strong_entropy_config_file() }}}
-diff --git a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/rule.yml b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/rule.yml
-index ccd4752c1..1e51025ca 100644
---- a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/rule.yml
-+++ b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/rule.yml
-@@ -1,7 +1,7 @@
- documentation_complete: true
- 
- # TODO: The plan is not to need this for RHEL>=8.4
--prodtype: ol8,rhel8
-+prodtype: ol8,rhel8,almalinux8
- 
- title: 'OpenSSL uses strong entropy source'
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/correct.pass.sh
 index e7902ee46..a8026607d 100644
 --- a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/correct.pass.sh
@@ -27677,18 +15328,6 @@ index 298c79dc0..b84d9c805 100644
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  echo "wrong data" > /etc/profile.d/openssl-rand.sh
-diff --git a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml
-index 68dc260a8..87f5390dd 100644
---- a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml
-+++ b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,ol9,rhel8,rhel9
-+prodtype: ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: 'Install crypto-policies package'
- 
 diff --git a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
 index 0447bf2c4..43627ebd3 100644
 --- a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
@@ -27699,145 +15338,32 @@ index 0447bf2c4..43627ebd3 100644
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/install_antivirus/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/install_antivirus/rule.yml
-index 264d2f94e..14cc99d5d 100644
---- a/linux_os/guide/system/software/integrity/endpoint_security_software/install_antivirus/rule.yml
-+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/install_antivirus/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Install Virus Scanning Software'
- 
-diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
-index a1dbb727a..db0a66291 100644
---- a/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
-+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Install Intrusion Detection Software'
- 
-diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_antivirus/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_antivirus/rule.yml
-index 4a56c1623..75b8aaf18 100644
---- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_antivirus/rule.yml
-+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_antivirus/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Install McAfee Virus Scanning Software'
- 
-diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_cma_rt/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_cma_rt/rule.yml
-index 6e9f3bcb7..a89f32285 100644
---- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_cma_rt/rule.yml
-+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_cma_rt/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Install the McAfee Runtime Libraries and Linux Agent'
- 
-diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_antivirus_definitions_updated/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_antivirus_definitions_updated/rule.yml
-index dc856f8b9..a55614357 100644
---- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_antivirus_definitions_updated/rule.yml
-+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_antivirus_definitions_updated/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Virus Scanning Software Definitions Are Updated'
- 
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
-index c0e75cb0b..afd981e1c 100644
+index 3f8e47ab0..4d64f217a 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Ensure McAfee Endpoint Security for Linux (ENSL) is running'
- 
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      stigid@ol7: OL07-00-020019
      stigid@ol8: OL08-00-010001
      stigid@rhel7: RHEL-07-020019
 -    stigid@rhel8: RHEL-08-010001
 +    stigid@almalinux8: RHEL-08-010001
+     stigid@rhel9: RHEL-09-211025
  
  ocil_clause: 'virus scanning software is not running'
- 
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
-index ef172b86b..9a3b94eb2 100644
+index 97f7635dd..cdc2c119b 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
-@@ -6,7 +6,7 @@
- 
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
- 
- title: 'Install McAfee Endpoint Security for Linux (ENSL)'
- 
-@@ -35,7 +35,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      stigid@ol7: OL07-00-020019
      stigid@ol8: OL08-00-010001
      stigid@rhel7: RHEL-07-020019
 -    stigid@rhel8: RHEL-08-010001
 +    stigid@almalinux8: RHEL-08-010001
+     stigid@rhel9: RHEL-09-211025
      stigid@ubuntu2004: UBTU-20-010415
  
- ocil_clause: 'the package is not installed'
-diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_accm/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_accm/rule.yml
-index 9223793b4..2131c1d91 100644
---- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_accm/rule.yml
-+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_accm/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Install the Asset Configuration Compliance Module (ACCM)'
- 
-diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_pa/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_pa/rule.yml
-index 29469a9b0..16a7d4f23 100644
---- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_pa/rule.yml
-+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_pa/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Install the Policy Auditor (PA) Module'
- 
-diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/service_nails_enabled/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/service_nails_enabled/rule.yml
-index 83ef73b94..3ff9ea782 100644
---- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/service_nails_enabled/rule.yml
-+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/service_nails_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Enable nails Service'
- 
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
 index 9647791ef..9f70b30d4 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
@@ -27859,26 +15385,18 @@ index 5da0c99e6..57ac7592b 100644
  fips-mode-setup --enable
  FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
-index 62cfc0d6a..da13b857c 100644
+index 885a4044e..4aeb05b68 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4
- 
- title: "Enable Dracut FIPS Module"
- 
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      ospp: FCS_RBG_EXT.1
      srg: SRG-OS-000478-GPOS-00223
      stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
+     stigid@rhel9: RHEL-09-671010
  
  ocil_clause: 'the Dracut FIPS module is not enabled'
- 
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
 index 9c232fc94..f3d71ee21 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
@@ -27903,16 +15421,6 @@ index b92e82236..138d2c997 100644
  
  fips-mode-setup --enable
  FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
-diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/ansible/shared.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/ansible/shared.yml
-index 41d301caa..866741c11 100644
---- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/ansible/shared.yml
-+++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
- # reboot = true
- # strategy = restrict
- # complexity = medium
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
 index 3b50e0706..4e4d713e1 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
@@ -27936,82 +15444,46 @@ index 3b50e0706..4e4d713e1 100644
      check="all" check_existence="all_exist"
      comment="FIPS mode is selected in running kernel options">
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
-index c6e966202..1b0e4f32a 100644
+index 97898e301..554bb0e25 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4
- 
- title: Enable FIPS Mode
- 
-@@ -48,7 +48,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1,FCS_RBG_EXT.1
      srg: SRG-OS-000478-GPOS-00223,SRG-OS-000396-GPOS-00176
      stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
+     stigid@rhel9: RHEL-09-671010
  
  ocil_clause: 'FIPS mode is not enabled'
- 
-diff --git a/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml b/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml
-index 33841e4d3..dabfa8764 100644
---- a/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml
-+++ b/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: Ensure '/etc/system-fips' exists
- 
 diff --git a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
-index 2aafe35d7..cc7607cd2 100644
+index c498e1dad..fba92cdb5 100644
 --- a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4
- 
- title: "Set kernel parameter 'crypto.fips_enabled' to 1"
- 
-@@ -35,7 +35,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      nist: SC-12(2),SC-12(3),IA-7,SC-13,CM-6(a),SC-12
      srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000396-GPOS-00176,SRG-OS-000423-GPOS-00187,SRG-OS-000478-GPOS-00223
      stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
+     stigid@rhel9: RHEL-09-671010
  
  ocil_clause: 'crypto.fips_enabled is not 1'
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
-index 0cdb5d98d..a98b5566c 100644
+index 04e69228b..9072c4023 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
 @@ -1,4 +1,4 @@
 -# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
 +# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  
- {{{ bash_package_install("aide") }}}
  {{% if 'sle' in product %}}
+ zypper -q --no-remote ref
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
-index 43e5f16ef..927f1a9b5 100644
+index c95dc4a0d..1f1a00502 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Build and Test AIDE Database'
- 
-@@ -67,7 +67,7 @@ references:
+@@ -65,7 +65,7 @@ references:
      stigid@ol7: OL07-00-020029
      stigid@ol8: OL08-00-010359
      stigid@rhel7: RHEL-07-020029
@@ -28019,14 +15491,14 @@ index 43e5f16ef..927f1a9b5 100644
 +    stigid@almalinux8: RHEL-08-010359
      stigid@sle12: SLES-12-010499
      stigid@sle15: SLES-15-010419
- 
+     stigid@ubuntu2004: UBTU-20-010450
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
-index 883c40270..496e772c1 100644
+index 7a53caee5..ca8c351f7 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
  # reboot = false
  # strategy = restrict
  # complexity = low
@@ -28041,26 +15513,18 @@ index ea2a1113b..fbc6b9b8a 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
-index 4d786f01b..40a623419 100644
+index 14ee598be..e780b1bd0 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Configure AIDE to Verify the Audit Tools'
- 
-@@ -44,7 +44,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      nist: AU-9(3),AU-9(3).1
      srg: SRG-OS-000278-GPOS-00108
      stigid@ol8: OL08-00-030650
 -    stigid@rhel8: RHEL-08-030650
 +    stigid@almalinux8: RHEL-08-030650
+     stigid@rhel9: RHEL-09-651025
      stigid@sle12: SLES-12-010540
      stigid@sle15: SLES-15-030630
-     stigid@ubuntu2004: UBTU-20-010205
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
 index 5f751bee5..2684687ff 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
@@ -28115,40 +15579,19 @@ index dfa5c1b6c..60ac94141 100644
  
  {{{ bash_package_install("aide") }}}
  
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
-index 123e0ebf2..285ded938 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
-@@ -4,7 +4,7 @@
- 
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Configure Periodic Execution of AIDE'
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
-index 8ba2e2067..844d0ef13 100644
+index 8a24a9300..5bca2dc40 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Configure Notification of Post-AIDE Scan Details'
- 
-@@ -49,7 +49,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-020040
      stigid@ol8: OL08-00-010360
      stigid@rhel7: RHEL-07-020040
 -    stigid@rhel8: RHEL-08-010360
 +    stigid@almalinux8: RHEL-08-010360
+     stigid@rhel9: RHEL-09-651015
      stigid@sle12: SLES-12-010510
      stigid@sle15: SLES-15-010570
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
 index 34a114520..b22a658da 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
@@ -28159,18 +15602,6 @@ index 34a114520..b22a658da 100644
  
  {{{ bash_package_install("aide") }}}
  
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml
-index b6b7b17b2..ded14eaf5 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Configure AIDE to Use FIPS 140-2 for Validating Hashes'
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh
 index 9f9f96e4d..e654ec2ee 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh
@@ -28196,26 +15627,18 @@ index 3c2037208..8211c4ad0 100644
  
  cat >/etc/aide.conf <<EOL
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
-index acf599624..7ee67e743 100644
+index 32d104fc7..1ee861755 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Configure AIDE to Verify Access Control Lists (ACLs)'
- 
-@@ -43,7 +43,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-021600
      stigid@ol8: OL08-00-040310
      stigid@rhel7: RHEL-07-021600
 -    stigid@rhel8: RHEL-08-040310
 +    stigid@almalinux8: RHEL-08-040310
+     stigid@rhel9: RHEL-09-651030
      stigid@sle12: SLES-12-010520
      stigid@sle15: SLES-15-040040
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/tests/correct_value.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/tests/correct_value.pass.sh
 index 9f9f96e4d..e654ec2ee 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/tests/correct_value.pass.sh
@@ -28241,26 +15664,18 @@ index fd664d468..a00afa564 100644
  
  cat >/etc/aide.conf <<EOL
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
-index 161718276..ea254f935 100644
+index 5869e4ff8..74a27b14c 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Configure AIDE to Verify Extended Attributes'
- 
-@@ -43,7 +43,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-021610
      stigid@ol8: OL08-00-040300
      stigid@rhel7: RHEL-07-021610
 -    stigid@rhel8: RHEL-08-040300
 +    stigid@almalinux8: RHEL-08-040300
+     stigid@rhel9: RHEL-09-651035
      stigid@sle12: SLES-12-010530
      stigid@sle15: SLES-15-040050
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/tests/correct_value.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/tests/correct_value.pass.sh
 index 9f9f96e4d..e654ec2ee 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/tests/correct_value.pass.sh
@@ -28286,91 +15701,59 @@ index d02d969a2..a88b92ab3 100644
  
  cat >/etc/aide.conf <<EOL
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml
-index 7cb7eb36d..a4c121a08 100644
+index 5a4079e2d..c3c865563 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,ol8,ol9,rhel8,rhel9
-+prodtype: alinux3,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: Audit Tools Must Be Group-owned by Root
- 
-@@ -27,7 +27,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      nist: AU-9
      srg: SRG-OS-000256-GPOS-00097,SRG-OS-000257-GPOS-00098,SRG-OS-000258-GPOS-00099
      stigid@ol8: OL08-00-030640
 -    stigid@rhel8: RHEL-08-030640
 +    stigid@almalinux8: RHEL-08-030640
+     stigid@rhel9: RHEL-09-232225
  
  ocil_clause: 'any audit tools are not group-owned by root'
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml
-index 077a39e0e..0f78402cd 100644
+index 766e086b2..bc053fc0a 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,ol8,ol9,rhel8,rhel9
-+prodtype: alinux3,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: Audit Tools Must Be Owned by Root
- 
-@@ -27,7 +27,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      nist: AU-9
      srg: SRG-OS-000256-GPOS-00097,SRG-OS-000257-GPOS-00098,SRG-OS-000258-GPOS-00099
      stigid@ol8: OL08-00-030630
 -    stigid@rhel8: RHEL-08-030630
 +    stigid@almalinux8: RHEL-08-030630
+     stigid@rhel9: RHEL-09-232220
  
  ocil_clause: 'any audit tools are not owned by root'
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml
-index d31eb6e93..7bbcf5141 100644
+index 96c20bb32..6abaec41c 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,ol8,ol9,rhel8,rhel9
-+prodtype: alinux3,ol8,ol9,rhel8,almalinux8,rhel9
- 
- title: Audit Tools Must Have a Mode of 0755 or Less Permissive
- 
-@@ -27,7 +27,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      nist: AU-9
      srg: SRG-OS-000256-GPOS-00097,SRG-OS-000257-GPOS-00098,SRG-OS-000258-GPOS-00099
      stigid@ol8: OL08-00-030620
 -    stigid@rhel8: RHEL-08-030620
 +    stigid@almalinux8: RHEL-08-030620
+     stigid@rhel9: RHEL-09-232035
  
  ocil_clause: 'any of these files have more permissive permissions than 0755'
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
-index 6e9b2554a..d5229308a 100644
+index 7e62f7094..72cef2e4f 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Install AIDE'
- 
-@@ -45,7 +45,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-020029
      stigid@ol8: OL08-00-010359
      stigid@rhel7: RHEL-07-020029
 -    stigid@rhel8: RHEL-08-010359
 +    stigid@almalinux8: RHEL-08-010359
+     stigid@rhel9: RHEL-09-651010
      stigid@sle12: SLES-12-010499
      stigid@sle15: SLES-15-010419
-     stigid@ubuntu2004: UBTU-20-010450
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/ansible/shared.yml
-index 178a7711a..632e8ff8f 100644
+index 9e5172cc5..88a2fa5de 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/ansible/shared.yml
 @@ -1,5 +1,5 @@
@@ -28380,17 +15763,17 @@ index 178a7711a..632e8ff8f 100644
  # reboot = false
  # strategy = restrict
  # complexity = high
-@@ -12,7 +12,7 @@
- - name: "Set fact: Package manager reinstall command (yum)"
+@@ -7,7 +7,7 @@
+ - name: "Set fact: Package manager reinstall command"
    set_fact:
-     package_manager_reinstall_cmd: yum reinstall -y
--  when: (ansible_distribution == "RedHat" or ansible_distribution == "CentOS" or ansible_distribution == "OracleLinux")
-+  when: (ansible_distribution == "RedHat" or ansible_distribution == "CentOS" or ansible_distribution == "OracleLinux" or ansible_distribution == "AlmaLinux")
+     package_manager_reinstall_cmd: {{{ pkg_manager }}} reinstall -y
+-  when: ansible_distribution in [ "Fedora", "RedHat", "CentOS", "OracleLinux" ]
++  when: ansible_distribution in [ "Fedora", "RedHat", "CentOS", "OracleLinux", "AlmaLinux" ]
  
  - name: "Set fact: Package manager reinstall command (zypper)"
    set_fact:
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/bash/shared.sh
-index fe8f7abc1..2e36bd503 100644
+index a40f350d4..b1c682604 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -28399,18 +15782,6 @@ index fe8f7abc1..2e36bd503 100644
  
  # Find which files have incorrect hash (not in /etc, because of the system related config files) and then get files names
  files_with_incorrect_hash="$(rpm -Va --noconfig | grep -E '^..5' | awk '{print $NF}' )"
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
-index 1706d789a..b7185c614 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
-+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
- 
- title: 'Verify File Hashes with RPM'
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/ansible/shared.yml
 index 5c39628ff..9aa639575 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/ansible/shared.yml
@@ -28431,18 +15802,6 @@ index 329a00f56..d3cce1c0c 100644
  # reboot = false
  # strategy = restrict
  # complexity = high
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/rule.yml
-index b5b67ae1f..cce8ee2b7 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/rule.yml
-+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Verify and Correct Ownership with RPM'
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml
 index 0bd8e7e8a..25b5bd333 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml
@@ -28463,42 +15822,11 @@ index 0f791c95e..0efde1682 100644
  # reboot = false
  # strategy = restrict
  # complexity = high
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml
-index 5ba5ce1f0..b8e776981 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml
-+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
- 
- title: 'Verify and Correct File Permissions with RPM'
- 
-diff --git a/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml b/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml
-index 4652a0922..84ae78999 100644
---- a/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml
-+++ b/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Install sudo Package'
- 
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_env_reset/rule.yml b/linux_os/guide/system/software/sudo/sudo_add_env_reset/rule.yml
-index ccdf03beb..72f44eb80 100644
+index 12db58eb3..c02427f46 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_env_reset/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_add_env_reset/rule.yml
-@@ -1,13 +1,13 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
- 
- title: 'Ensure sudo Runs In A Minimal Environment - sudo env_reset'
- 
+@@ -6,7 +6,7 @@ title: 'Ensure sudo Runs In A Minimal Environment - sudo env_reset'
  description: |-
      The sudo <tt>env_reset</tt> tag, when specified, will run the command in a minimal environment,
      containing the TERM, PATH, HOME, MAIL, SHELL, LOGNAME, USER and SUDO_* variables.
@@ -28508,17 +15836,10 @@ index ccdf03beb..72f44eb80 100644
  {{%- endif %}}
      This should be enabled by making sure that the <tt>env_reset</tt> tag exists in
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_ignore_dot/rule.yml b/linux_os/guide/system/software/sudo/sudo_add_ignore_dot/rule.yml
-index 2e3903c93..6a86169ff 100644
+index 730dc5504..b625424cb 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_ignore_dot/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_add_ignore_dot/rule.yml
-@@ -1,13 +1,13 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
- 
- title: 'Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot'
- 
+@@ -6,7 +6,7 @@ title: 'Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot'
  description: |-
      The sudo <tt>ignore_dot</tt> tag, when specified, will ignore the current directory
      in the PATH environment variable.
@@ -28528,16 +15849,10 @@ index 2e3903c93..6a86169ff 100644
  {{%- endif %}}
      This should be enabled by making sure that the <tt>ignore_dot</tt> tag exists in
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_passwd_timeout/rule.yml b/linux_os/guide/system/software/sudo/sudo_add_passwd_timeout/rule.yml
-index 165fa2157..ff3bb53d0 100644
+index 1445c701a..b1ff0cd91 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_passwd_timeout/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_add_passwd_timeout/rule.yml
-@@ -1,12 +1,12 @@
- documentation_complete: true
- 
--prodtype: alinux3,ol7,ol8,rhel7,rhel8,sle12,sle15
-+prodtype: alinux3,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
- 
- title: 'Ensure sudo passwd_timeout is appropriate - sudo passwd_timeout'
+@@ -5,7 +5,7 @@ title: 'Ensure sudo passwd_timeout is appropriate - sudo passwd_timeout'
  
  description: |-
      The sudo <tt>passwd_timeout</tt> tag sets the amount of time sudo password prompt waits.
@@ -28547,17 +15862,10 @@ index 165fa2157..ff3bb53d0 100644
  {{% endif %}}
      The passwd_timeout should be configured by making sure that the
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/rule.yml b/linux_os/guide/system/software/sudo/sudo_add_umask/rule.yml
-index cb3da33f3..9d0dbded9 100644
+index ae86e7293..4674e6b97 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_umask/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_add_umask/rule.yml
-@@ -1,13 +1,13 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
- 
- title: 'Ensure sudo umask is appropriate - sudo umask'
- 
+@@ -6,7 +6,7 @@ title: 'Ensure sudo umask is appropriate - sudo umask'
  description: |-
      The sudo <tt>umask</tt> tag, when specified, will be added the to the user's umask in the
      command environment.
@@ -28621,18 +15929,6 @@ index 39ec72b52..a2849d3b4 100644
  # variables = var_sudo_umask=0027
  
  echo "Defaults use_pty,umask=0027,noexec" >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudo_dedicated_group/rule.yml b/linux_os/guide/system/software/sudo/sudo_dedicated_group/rule.yml
-index acb0d0a7f..fde0f6b0f 100644
---- a/linux_os/guide/system/software/sudo/sudo_dedicated_group/rule.yml
-+++ b/linux_os/guide/system/software/sudo/sudo_dedicated_group/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
- 
- title: 'Ensure a dedicated group owns sudo'
- 
 diff --git a/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.pass.sh b/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.pass.sh
 index 0e5aed5d0..c75edccd5 100644
 --- a/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.pass.sh
@@ -28644,7 +15940,7 @@ index 0e5aed5d0..c75edccd5 100644
  
  # Make sure sudo is owned by root group
 diff --git a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
-index 4408d610e..24f3016f4 100644
+index 553370c11..d5a9a7f5f 100644
 --- a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
 @@ -39,7 +39,7 @@ references:
@@ -28653,11 +15949,11 @@ index 4408d610e..24f3016f4 100644
      stigid@rhel7: RHEL-07-010350
 -    stigid@rhel8: RHEL-08-010381
 +    stigid@almalinux8: RHEL-08-010381
+     stigid@rhel9: RHEL-09-432025
      stigid@sle12: SLES-12-010110
      stigid@sle15: SLES-15-010450
- 
 diff --git a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
-index 32e8a1bef..f46e56299 100644
+index 1f1aba0f4..8fb3c5e56 100644
 --- a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
 @@ -39,7 +39,7 @@ references:
@@ -28666,77 +15962,40 @@ index 32e8a1bef..f46e56299 100644
      stigid@rhel7: RHEL-07-010340
 -    stigid@rhel8: RHEL-08-010380
 +    stigid@almalinux8: RHEL-08-010380
+     stigid@rhel9: RHEL-09-611085
      stigid@sle12: SLES-12-010110
      stigid@sle15: SLES-15-010450
- 
 diff --git a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
-index 78ee25868..a9f949662 100644
+index b6eeb72d5..f7339aa12 100644
 --- a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
- 
- title: 'Require Re-Authentication When Using the sudo Command'
- 
-@@ -41,7 +41,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-010343
      stigid@ol8: OL08-00-010384
      stigid@rhel7: RHEL-07-010343
 -    stigid@rhel8: RHEL-08-010384
 +    stigid@almalinux8: RHEL-08-010384
+     stigid@rhel9: RHEL-09-432015
      stigid@sle12: SLES-12-010113
      stigid@sle15: SLES-15-020102
- 
-diff --git a/linux_os/guide/system/software/sudo/sudo_restrict_others_executable_permission/rule.yml b/linux_os/guide/system/software/sudo/sudo_restrict_others_executable_permission/rule.yml
-index 174da919d..ee73e10e0 100644
---- a/linux_os/guide/system/software/sudo/sudo_restrict_others_executable_permission/rule.yml
-+++ b/linux_os/guide/system/software/sudo/sudo_restrict_others_executable_permission/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
- 
- title: 'Ensure only owner and members of group owner of /usr/bin/sudo can execute it'
- 
 diff --git a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
-index b90f566ab..b526dd99b 100644
+index ff37f2f17..7834ac1e4 100644
 --- a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
-@@ -2,7 +2,7 @@ documentation_complete: true
- 
- title: 'The operating system must restrict privilege elevation to authorized personnel'
- 
--prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- description: |-
-     The sudo command allows a user to execute programs with elevated
-@@ -34,7 +34,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      stigid@ol7: OL07-00-010341
      stigid@ol8: OL08-00-010382
      stigid@rhel7: RHEL-07-010341
 -    stigid@rhel8: RHEL-08-010382
 +    stigid@almalinux8: RHEL-08-010382
+     stigid@rhel9: RHEL-09-432030
      stigid@sle12: SLES-12-010111
      stigid@sle15: SLES-15-020101
- 
 diff --git a/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml b/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
-index 4d57b106b..7c013cf69 100644
+index 5b8379c35..efa3b3bb3 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Ensure sudo only includes the default configuration directory'
- 
-@@ -36,7 +36,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      stigid@ol7: OL07-00-010339
      stigid@ol8: OL08-00-010379
      stigid@rhel7: RHEL-07-010339
@@ -28746,27 +16005,18 @@ index 4d57b106b..7c013cf69 100644
      stigid@sle15: SLES-15-020099
  
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
-index bd9d93947..91f0cb08f 100644
+index bfb4e8fe1..48797fa16 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
-@@ -2,7 +2,7 @@ documentation_complete: true
- 
- title: 'Ensure invoking users password for privilege escalation when using sudo'
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
- 
- description: |-
-     The sudoers security policy requires that users authenticate themselves before they can use sudo.
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      stigid@ol7: OL07-00-010342
      stigid@ol8: OL08-00-010383
      stigid@rhel7: RHEL-07-010342
 -    stigid@rhel8: RHEL-08-010383
 +    stigid@almalinux8: RHEL-08-010383
+     stigid@rhel9: RHEL-09-432020
      stigid@sle12: SLES-12-010112
      stigid@sle15: SLES-15-020103
- 
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
 index a258d108a..904d4adb0 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
@@ -28868,18 +16118,10 @@ index a4c5bde62..42fb94bf8 100644
  
  touch /etc/sudoers.d/empty
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
-index cf04f6959..68cdc9c3b 100644
+index 3cfc412ab..1a3d3bd6b 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Uninstall abrt-addon-ccpp Package'
- 
-@@ -21,7 +21,7 @@ identifiers:
+@@ -20,7 +20,7 @@ identifiers:
  references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
@@ -28889,18 +16131,10 @@ index cf04f6959..68cdc9c3b 100644
  {{{ complete_ocil_entry_package(package="abrt-addon-ccpp") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
-index 22f47ee39..996366bf5 100644
+index a8692ed28..4085582de 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Uninstall abrt-addon-kerneloops Package'
- 
-@@ -21,7 +21,7 @@ identifiers:
+@@ -20,7 +20,7 @@ identifiers:
  references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
@@ -28910,10 +16144,10 @@ index 22f47ee39..996366bf5 100644
  {{{ complete_ocil_entry_package(package="abrt-addon-kerneloops") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
-index dc971dd6d..abba303c8 100644
+index 54a8d350b..6567b35cb 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
-@@ -19,7 +19,7 @@ identifiers:
+@@ -18,7 +18,7 @@ identifiers:
  references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
@@ -28923,18 +16157,10 @@ index dc971dd6d..abba303c8 100644
  {{{ complete_ocil_entry_package(package="abrt-addon-python") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
-index 2b461d64b..78a64eeef 100644
+index 61d482103..27bcc1fe7 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Uninstall abrt-cli Package'
- 
-@@ -21,7 +21,7 @@ identifiers:
+@@ -20,7 +20,7 @@ identifiers:
  references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
@@ -28943,43 +16169,11 @@ index 2b461d64b..78a64eeef 100644
  
  {{{ complete_ocil_entry_package(package="abrt-cli") }}}
  
-diff --git a/linux_os/guide/system/software/system-tools/package_abrt-plugin-logger_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-plugin-logger_removed/rule.yml
-index 0b59930c4..564528071 100644
---- a/linux_os/guide/system/software/system-tools/package_abrt-plugin-logger_removed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_abrt-plugin-logger_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Uninstall abrt-plugin-logger Package'
- 
-diff --git a/linux_os/guide/system/software/system-tools/package_abrt-plugin-rhtsupport_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-plugin-rhtsupport_removed/rule.yml
-index 043e0615a..78a36e9f2 100644
---- a/linux_os/guide/system/software/system-tools/package_abrt-plugin-rhtsupport_removed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_abrt-plugin-rhtsupport_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Uninstall abrt-plugin-rhtsupport Package'
- 
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
-index 9d690f4cb..3e86fab00 100644
+index 73dcdc0ab..c87af02dc 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Uninstall abrt-plugin-sosreport Package'
- 
-@@ -20,7 +20,7 @@ identifiers:
+@@ -19,7 +19,7 @@ identifiers:
  references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
@@ -28988,110 +16182,37 @@ index 9d690f4cb..3e86fab00 100644
  
  {{{ complete_ocil_entry_package(package="abrt-plugin-sosreport") }}}
  
-diff --git a/linux_os/guide/system/software/system-tools/package_binutils_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_binutils_installed/rule.yml
-index ec4f690a0..c432c0cb0 100644
---- a/linux_os/guide/system/software/system-tools/package_binutils_installed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_binutils_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Install binutils Package'
- 
-diff --git a/linux_os/guide/system/software/system-tools/package_dnf-plugin-subscription-manager_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_dnf-plugin-subscription-manager_installed/rule.yml
-index 8b6577226..42471018e 100644
---- a/linux_os/guide/system/software/system-tools/package_dnf-plugin-subscription-manager_installed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_dnf-plugin-subscription-manager_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel8
-+prodtype: rhel8,almalinux8
- 
- title: 'Install dnf-plugin-subscription-manager Package'
- 
-diff --git a/linux_os/guide/system/software/system-tools/package_geolite2-city_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_geolite2-city_removed/rule.yml
-index e9863fa86..dbe2a9120 100644
---- a/linux_os/guide/system/software/system-tools/package_geolite2-city_removed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_geolite2-city_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Uninstall geolite2-city Package'
- 
-diff --git a/linux_os/guide/system/software/system-tools/package_geolite2-country_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_geolite2-country_removed/rule.yml
-index 1210a1e8e..58d95cc6b 100644
---- a/linux_os/guide/system/software/system-tools/package_geolite2-country_removed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_geolite2-country_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Uninstall geolite2-country Package'
- 
 diff --git a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
-index 4a5481118..02deeb72d 100644
+index ba437727c..284b7c32f 100644
 --- a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Uninstall gssproxy Package'
- 
-@@ -21,7 +21,7 @@ references:
+@@ -20,7 +20,7 @@ references:
      disa: CCI-000381,CCI-000366
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040370
 -    stigid@rhel8: RHEL-08-040370
 +    stigid@almalinux8: RHEL-08-040370
+     stigid@rhel9: RHEL-09-215045
  
  {{{ complete_ocil_entry_package(package="gssproxy") }}}
- 
 diff --git a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
-index 8986513f2..d9d127316 100644
+index 4000e219f..e7b817370 100644
 --- a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Uninstall iprutils Package'
- 
-@@ -22,7 +22,7 @@ references:
+@@ -21,7 +21,7 @@ references:
      disa: CCI-000366
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040380
 -    stigid@rhel8: RHEL-08-040380
 +    stigid@almalinux8: RHEL-08-040380
+     stigid@rhel9: RHEL-09-215050
  
  {{{ complete_ocil_entry_package(package="iprutils") }}}
- 
 diff --git a/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
-index e18be68fe..856c864df 100644
+index cc3d2a62c..766658456 100644
 --- a/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
-@@ -2,7 +2,7 @@ documentation_complete: true
- 
- # new major OS versions will most likely not be applicable because of the
- # kerberos version higher than 1.17-18
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Uninstall krb5-workstation Package'
- 
-@@ -24,7 +24,7 @@ references:
+@@ -23,7 +23,7 @@ references:
      disa: CCI-000803
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010162
@@ -29100,31 +16221,11 @@ index e18be68fe..856c864df 100644
  
  platforms:
  {{%- if "rhel" in product %}}
-diff --git a/linux_os/guide/system/software/system-tools/package_libcap-ng-utils_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_libcap-ng-utils_installed/rule.yml
-index 6696d5891..a0122c7c0 100644
---- a/linux_os/guide/system/software/system-tools/package_libcap-ng-utils_installed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_libcap-ng-utils_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Install libcap-ng-utils Package'
- 
 diff --git a/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml
-index 94428d19d..65410152c 100644
+index f368ebbbe..dda7480b6 100644
 --- a/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Uninstall libreport-plugin-logger Package'
- 
-@@ -20,7 +20,7 @@ references:
+@@ -19,7 +19,7 @@ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040001
@@ -29134,18 +16235,10 @@ index 94428d19d..65410152c 100644
  {{{ complete_ocil_entry_package(package="libreport-plugin-logger") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml
-index da42b16a7..32f1088e3 100644
+index 55e11e45e..d940adb5e 100644
 --- a/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Uninstall libreport-plugin-rhtsupport Package'
- 
-@@ -19,7 +19,7 @@ identifiers:
+@@ -18,7 +18,7 @@ identifiers:
  references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
@@ -29154,43 +16247,11 @@ index da42b16a7..32f1088e3 100644
  
  {{{ complete_ocil_entry_package(package="libreport-plugin-rhtsupport") }}}
  
-diff --git a/linux_os/guide/system/software/system-tools/package_openscap-scanner_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_openscap-scanner_installed/rule.yml
-index 2c29f67f5..c968a55bc 100644
---- a/linux_os/guide/system/software/system-tools/package_openscap-scanner_installed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_openscap-scanner_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Install openscap-scanner Package'
- 
-diff --git a/linux_os/guide/system/software/system-tools/package_pigz_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_pigz_removed/rule.yml
-index 80a273bf4..74169dbe3 100644
---- a/linux_os/guide/system/software/system-tools/package_pigz_removed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_pigz_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol8,rhel8
-+prodtype: ol8,rhel8,almalinux8
- 
- title: 'Uninstall pigz Package'
- 
 diff --git a/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
-index 2b34390f7..b9e583edc 100644
+index 5a020f452..a3769b969 100644
 --- a/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel8
-+prodtype: fedora,rhel8,almalinux8
- 
- title: 'Uninstall python3-abrt-addon Package'
- 
-@@ -19,7 +19,7 @@ identifiers:
+@@ -18,7 +18,7 @@ identifiers:
  references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
@@ -29199,110 +16260,34 @@ index 2b34390f7..b9e583edc 100644
  
  {{{ complete_ocil_entry_package(package="python3-abrt-addon") }}}
  
-diff --git a/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml
-index 68043ea54..e2cb29db4 100644
---- a/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Install rear Package'
- 
 diff --git a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
-index 41a484f26..1ada0f999 100644
+index 53b65dca1..fae286e73 100644
 --- a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Install rng-tools Package'
- 
-@@ -22,7 +22,7 @@ references:
+@@ -21,7 +21,7 @@ references:
      disa: CCI-000366
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010472
 -    stigid@rhel8: RHEL-08-010472
 +    stigid@almalinux8: RHEL-08-010472
+     stigid@rhel9: RHEL-09-215090
  
  ocil_clause: 'the package is not installed'
- 
-diff --git a/linux_os/guide/system/software/system-tools/package_scap-security-guide_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_scap-security-guide_installed/rule.yml
-index 02ba74f0c..730270f5a 100644
---- a/linux_os/guide/system/software/system-tools/package_scap-security-guide_installed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_scap-security-guide_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Install scap-security-guide Package'
- 
-diff --git a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
-index f8b801181..6258ad954 100644
---- a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Install subscription-manager Package'
- 
-diff --git a/linux_os/guide/system/software/system-tools/package_tar_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_tar_installed/rule.yml
-index e5b9a4402..e3c2435fb 100644
---- a/linux_os/guide/system/software/system-tools/package_tar_installed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_tar_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Install tar Package'
- 
 diff --git a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
-index 48443defd..f26e82b66 100644
+index 76bd27a31..566a46135 100644
 --- a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Uninstall tuned Package'
- 
-@@ -24,7 +24,7 @@ references:
+@@ -23,7 +23,7 @@ references:
      disa: CCI-000366
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040390
 -    stigid@rhel8: RHEL-08-040390
 +    stigid@almalinux8: RHEL-08-040390
+     stigid@rhel9: RHEL-09-215055
  
  {{{ complete_ocil_entry_package(package="tuned") }}}
- 
-diff --git a/linux_os/guide/system/software/system-tools/package_vim_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_vim_installed/rule.yml
-index 0eb7a8ddd..34344f555 100644
---- a/linux_os/guide/system/software/system-tools/package_vim_installed/rule.yml
-+++ b/linux_os/guide/system/software/system-tools/package_vim_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
- 
- title: 'Install vim Package'
- 
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
-index 9b67b0e22..6891a1f28 100644
+index 71b66ebab..f51a5fa0a 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -29322,26 +16307,18 @@ index 34127fd17..e30b09600 100644
  {{% if 'sle' in product %}}
  {{{ bash_replace_or_append('/etc/zypp/zypp.conf', '^solver.upgradeRemoveDroppedPackages', 'true', '%s=%s') }}}
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
-index ee66181ab..20b825baf 100644
+index 79ecf5d46..37f25dbcd 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
 +++ b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
- 
- title: 'Ensure {{{ pkg_manager }}} Removes Previous Package Versions'
- 
-@@ -47,7 +47,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-020200
      stigid@ol8: OL08-00-010440
      stigid@rhel7: RHEL-07-020200
 -    stigid@rhel8: RHEL-08-010440
 +    stigid@almalinux8: RHEL-08-010440
+     stigid@rhel9: RHEL-09-214035
      stigid@sle12: SLES-12-010570
      stigid@sle15: SLES-15-010560
-     stigid@ubuntu2004: UBTU-20-010449
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
 index 4cba82b3c..1d8495018 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
@@ -29385,18 +16362,6 @@ index 55851cc05..62557d6e2 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/rule.yml b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/rule.yml
-index bbcd9e56d..f954c9570 100644
---- a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/rule.yml
-+++ b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Configure dnf-automatic to Install Available Updates Automatically'
- 
 diff --git a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
 index 9d6c3eba8..4c61c3c3c 100644
 --- a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
@@ -29407,18 +16372,6 @@ index 9d6c3eba8..4c61c3c3c 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml
-index f0f646748..b5e8b72b8 100644
---- a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml
-+++ b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Configure dnf-automatic to Install Only Security Updates'
- 
 diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
 new file mode 100644
 index 000000000..7912da04b
@@ -29620,49 +16573,33 @@ index 2bf91c8ca..b5f520737 100644
  
  {{{ bash_replace_or_append( pkg_manager_config_file , '^gpgcheck', '1') }}}
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
-index 91cd19e26..6033621f4 100644
+index c66f7a6bb..e9a9c1c17 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
- 
- title: 'Ensure gpgcheck Enabled In Main {{{ pkg_manager }}} Configuration'
- 
-@@ -64,7 +64,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      stigid@ol7: OL07-00-020050
      stigid@ol8: OL08-00-010370
      stigid@rhel7: RHEL-07-020050
 -    stigid@rhel8: RHEL-08-010370
 +    stigid@almalinux8: RHEL-08-010370
+     stigid@rhel9: RHEL-09-214015
      stigid@sle12: SLES-12-010550
      stigid@sle15: SLES-15-010430
- 
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
-index d02e8df1a..fdc0a717f 100644
+index 91bc53932..46b35ab1f 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure gpgcheck Enabled for Local Packages'
- 
-@@ -43,7 +43,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-020060
      stigid@ol8: OL08-00-010371
      stigid@rhel7: RHEL-07-020060
 -    stigid@rhel8: RHEL-08-010371
 +    stigid@almalinux8: RHEL-08-010371
+     stigid@rhel9: RHEL-09-214020
  
  ocil_clause: 'there is no process to validate certificates for local packages that is approved by the organization'
- 
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
-index 9fd7f4b5d..3b81d7866 100644
+index 967e23bbb..4160832f8 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -29682,26 +16619,18 @@ index 07e02fa47..ee1d023d9 100644
  sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/zypp/repos.d/*
  {{% else %}}
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
-index 64287817b..db9e5b949 100644
+index de8e8ef47..fe8f9d75a 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
- 
- title: 'Ensure gpgcheck Enabled for All {{{ pkg_manager }}} Package Repositories'
- 
-@@ -48,7 +48,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      pcidss4: "6.3.3"
      srg: SRG-OS-000366-GPOS-00153
      stigid@ol8: OL08-00-010370
 -    stigid@rhel8: RHEL-08-010370
 +    stigid@almalinux8: RHEL-08-010370
+     stigid@rhel9: RHEL-09-214025
  
  ocil_clause: 'GPG checking is disabled'
- 
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
 index 37e47e4d4..a852e856f 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
@@ -29722,43 +16651,19 @@ index 04ff6e577..b97d75469 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
  
  sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/yum.repos.d/*
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml
-index 740c2be53..53e9520a8 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
- 
- title: 'Ensure gpgcheck Enabled for Repository Metadata'
- 
 diff --git a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
-index 5ecaae27c..cf19bab18 100644
+index 9ba251904..bc7c8889c 100644
 --- a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
 @@ -59,7 +59,7 @@ references:
-     pcidss: Req-6.2
+     pcidss4: '6.3.3'
      srg: SRG-OS-000366-GPOS-00153
      stigid@rhel7: RHEL-07-010019
 -    stigid@rhel8: RHEL-08-010019
 +    stigid@almalinux8: RHEL-08-010019
+     stigid@rhel9: RHEL-09-214010
  
  ocil_clause: 'the Red Hat GPG Key is not installed'
- 
-diff --git a/linux_os/guide/system/software/updating/package_dnf-automatic_installed/rule.yml b/linux_os/guide/system/software/updating/package_dnf-automatic_installed/rule.yml
-index bdcc5e9be..2e150e42f 100644
---- a/linux_os/guide/system/software/updating/package_dnf-automatic_installed/rule.yml
-+++ b/linux_os/guide/system/software/updating/package_dnf-automatic_installed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Install dnf-automatic Package'
- 
 diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh b/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh
 index fd844d2a1..2932351f4 100644
 --- a/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh
@@ -29770,15 +16675,10 @@ index fd844d2a1..2932351f4 100644
  # strategy = patch
  # complexity = low
 diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
-index 99aa0518a..1da5c7be2 100644
+index dac777824..c4afe149f 100644
 --- a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
 +++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
-@@ -1,11 +1,11 @@
- documentation_complete: true
- 
--prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,uos20
-+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,uos20
- 
+@@ -4,7 +4,7 @@ documentation_complete: true
  title: 'Ensure Software Patches Installed'
  
  description: |-
@@ -29787,7 +16687,7 @@ index 99aa0518a..1da5c7be2 100644
      If the system is joined to the Red Hat Network, a Red Hat Satellite Server,
      or a yum server, run the following command to install updates:
      <pre>$ sudo yum update</pre>
-@@ -17,6 +17,11 @@ description: |-
+@@ -16,6 +16,11 @@ description: |-
      <pre>$ sudo yum update</pre>
      If the system is not configured to use one of these sources, updates (in the form of RPM packages)
      can be manually downloaded from the ULN and installed using <tt>rpm</tt>.
@@ -29799,33 +16699,21 @@ index 99aa0518a..1da5c7be2 100644
  {{% elif product in ["sle12", "sle15"] %}}
      If the system is configured for online updates, invoking the following command will list available
      security updates:
-@@ -68,7 +73,7 @@ references:
+@@ -66,7 +71,7 @@ references:
      stigid@ol7: OL07-00-020260
      stigid@ol8: OL08-00-010010
      stigid@rhel7: RHEL-07-020260
 -    stigid@rhel8: RHEL-08-010010
 +    stigid@almalinux8: RHEL-08-010010
+     stigid@rhel9: RHEL-09-211015
      stigid@sle12: SLES-12-010010
      stigid@sle15: SLES-15-010010
- 
-diff --git a/linux_os/guide/system/software/updating/timer_dnf-automatic_enabled/rule.yml b/linux_os/guide/system/software/updating/timer_dnf-automatic_enabled/rule.yml
-index 5ae61e5d6..e011e7d2b 100644
---- a/linux_os/guide/system/software/updating/timer_dnf-automatic_enabled/rule.yml
-+++ b/linux_os/guide/system/software/updating/timer_dnf-automatic_enabled/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15
- 
- title: 'Enable dnf-automatic Timer'
- 
 diff --git a/products/almalinux8/CMakeLists.txt b/products/almalinux8/CMakeLists.txt
 new file mode 100644
-index 000000000..e6cb143e7
+index 000000000..511fdc1c4
 --- /dev/null
 +++ b/products/almalinux8/CMakeLists.txt
-@@ -0,0 +1,28 @@
+@@ -0,0 +1,33 @@
 +# Sometimes our users will try to do: "cd almalinux8; cmake ." That needs to error in a nice way.
 +if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}")
 +    message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!")
@@ -29838,6 +16726,7 @@ index 000000000..e6cb143e7
 +ssg_build_html_ref_tables("${PRODUCT}" "table-${PRODUCT}-{ref_id}refs" "anssi;cis;cui;nist;pcidss")
 +
 +ssg_build_html_profile_table("table-${PRODUCT}-nistrefs-ospp" "${PRODUCT}" "ospp" "nist")
++ssg_build_html_profile_table("table-${PRODUCT}-nistrefs-standard" "${PRODUCT}" "standard" "nist")
 +ssg_build_html_profile_table("table-${PRODUCT}-nistrefs-stig" "${PRODUCT}" "stig" "nist")
 +
 +ssg_build_html_profile_table("table-${PRODUCT}-anssirefs-bp28_minimal" "${PRODUCT}" "anssi_bp28_minimal" "anssi")
@@ -29854,6 +16743,10 @@ index 000000000..e6cb143e7
 +ssg_build_html_stig_tables_per_profile(${PRODUCT} "stig_gui")
 +
 +#ssg_build_html_stig_tables(${PRODUCT} "ospp")
++
++if(SSG_CENTOS_DERIVATIVES_ENABLED)
++    ssg_build_derivative_product(${PRODUCT} "centos" "centos8")
++endif()
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_enhanced-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_enhanced-ks.cfg
 new file mode 100644
 index 000000000..ff05b3d8a
@@ -30464,11 +17357,11 @@ index 000000000..4659ce9f3
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis-ks.cfg
 new file mode 100644
-index 000000000..533f4ac2d
+index 000000000..4b702ec5a
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cis-ks.cfg
 @@ -0,0 +1,128 @@
-+# SCAP Security Guide CIS profile (Level 2 - Server) kickstart for AlmaLinux 8 Server
++# SCAP Security Guide CIS profile (Level 2 - Server) kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-12
 +#
@@ -30598,11 +17491,11 @@ index 000000000..533f4ac2d
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis_server_l1-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis_server_l1-ks.cfg
 new file mode 100644
-index 000000000..f16f35838
+index 000000000..16287a134
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cis_server_l1-ks.cfg
 @@ -0,0 +1,128 @@
-+# SCAP Security Guide CIS profile (Level 1 - Server) kickstart for AlmaLinux 8 Server
++# SCAP Security Guide CIS profile (Level 1 - Server) kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-12
 +#
@@ -30732,11 +17625,11 @@ index 000000000..f16f35838
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l1-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l1-ks.cfg
 new file mode 100644
-index 000000000..74473195d
+index 000000000..0ee9ca23a
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l1-ks.cfg
 @@ -0,0 +1,128 @@
-+# SCAP Security Guide CIS profile (Level 1 - Workstation) kickstart for AlmaLinux 8 Server
++# SCAP Security Guide CIS profile (Level 1 - Workstation) kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-12
 +#
@@ -30866,11 +17759,11 @@ index 000000000..74473195d
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l2-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l2-ks.cfg
 new file mode 100644
-index 000000000..d68b97c91
+index 000000000..d5286da91
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l2-ks.cfg
 @@ -0,0 +1,128 @@
-+# SCAP Security Guide CIS profile (Level 2 - Workstation) kickstart for AlmaLinux 8 Server
++# SCAP Security Guide CIS profile (Level 2 - Workstation) kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-12
 +#
@@ -31155,11 +18048,11 @@ index 000000000..e1237a0b2
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-e8-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-e8-ks.cfg
 new file mode 100644
-index 000000000..1211e5806
+index 000000000..644f4613b
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-e8-ks.cfg
 @@ -0,0 +1,107 @@
-+# SCAP Security Guide Essential Eight profile kickstart for AlmaLinux 8 Server
++# SCAP Security Guide Essential Eight profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2019-11-13
 +#
@@ -31268,11 +18161,11 @@ index 000000000..1211e5806
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-hipaa-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-hipaa-ks.cfg
 new file mode 100644
-index 000000000..18926aecc
+index 000000000..ff867ee54
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-hipaa-ks.cfg
 @@ -0,0 +1,107 @@
-+# SCAP Security Guide HIPAA profile kickstart for AlmaLinux 8 Server
++# SCAP Security Guide HIPAA profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2020-05-25
 +#
@@ -31381,11 +18274,11 @@ index 000000000..18926aecc
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-ism_o-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-ism_o-ks.cfg
 new file mode 100644
-index 000000000..78ae77699
+index 000000000..e3c8f1040
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-ism_o-ks.cfg
 @@ -0,0 +1,106 @@
-+# SCAP Security Guide ISM Official profile kickstart for AlmaLinux 8 Server
++# SCAP Security Guide ISM Official profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-16
 +#
@@ -32293,10 +19186,10 @@ index 000000000..08c87ea68
 +</Group>
 diff --git a/products/almalinux8/product.yml b/products/almalinux8/product.yml
 new file mode 100644
-index 000000000..7403f1526
+index 000000000..536dc8a7c
 --- /dev/null
 +++ b/products/almalinux8/product.yml
-@@ -0,0 +1,49 @@
+@@ -0,0 +1,52 @@
 +product: almalinux8
 +full_name: AlmaLinux 8
 +type: platform
@@ -32317,7 +19210,7 @@ index 000000000..7403f1526
 +
 +init_system: "systemd"
 +
-+# The fingerprints below are retrieved from https://access.redhat.com/security/team/key
++# The fingerprints below are retrieved from https://almalinux.org/security/
 +pkg_release: "5ffd890e"
 +pkg_version: "3abb34f8"
 +aux_pkg_release: "6525146f"
@@ -32344,18 +19237,22 @@ index 000000000..7403f1526
 +platform_package_overrides:
 +  login_defs: "shadow-utils"
 +
++
 +reference_uris:
 +  cis: 'https://www.cisecurity.org/benchmark/almalinuxos_linux/'
++
++journald_conf_dir_path: /etc/systemd/journald.conf.d
 diff --git a/products/almalinux8/profiles/anssi_bp28_enhanced.profile b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
 new file mode 100644
-index 000000000..62cbe1715
+index 000000000..b2a2419ee
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
-@@ -0,0 +1,19 @@
+@@ -0,0 +1,43 @@
 +documentation_complete: true
 +
 +metadata:
 +    SMEs:
++        - marcusburghardt
 +        - yuumasato
 +
 +title: 'ANSSI-BP-028 (enhanced)'
@@ -32369,18 +19266,42 @@ index 000000000..62cbe1715
 +    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
 +    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
 +
++    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
++    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
++
 +selections:
 +    - anssi:all:enhanced
++    - '!timer_logrotate_enabled'
++    # Following rules once had a prodtype incompatible with the rhel8 product
++    - '!cracklib_accounts_password_pam_minlen'
++    - '!sysctl_fs_protected_fifos'
++    - '!accounts_passwords_pam_tally2_deny_root'
++    - '!audit_rules_privileged_commands_rmmod'
++    - '!package_dracut-fips-aesni_installed'
++    - '!audit_rules_privileged_commands_modprobe'
++    - '!chronyd_configure_pool_and_server'
++    - '!accounts_passwords_pam_tally2'
++    - '!cracklib_accounts_password_pam_ucredit'
++    - '!cracklib_accounts_password_pam_dcredit'
++    - '!cracklib_accounts_password_pam_lcredit'
++    - '!sysctl_fs_protected_regular'
++    - '!grub2_mds_argument'
++    - '!cracklib_accounts_password_pam_ocredit'
++    - '!grub2_page_alloc_shuffle_argument'
++    - '!accounts_passwords_pam_tally2_unlock_time'
++    - '!audit_rules_privileged_commands_insmod'
++    - '!ensure_oracle_gpgkey_installed'
 diff --git a/products/almalinux8/profiles/anssi_bp28_high.profile b/products/almalinux8/profiles/anssi_bp28_high.profile
 new file mode 100644
-index 000000000..204e141b1
+index 000000000..12bd15638
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_high.profile
-@@ -0,0 +1,21 @@
+@@ -0,0 +1,50 @@
 +documentation_complete: true
 +
 +metadata:
 +    SMEs:
++        - marcusburghardt
 +        - yuumasato
 +
 +title: 'ANSSI-BP-028 (high)'
@@ -32394,20 +19315,49 @@ index 000000000..204e141b1
 +    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
 +    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
 +
++    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
++    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
++
 +selections:
 +    - anssi:all:high
 +    # the following rule renders UEFI systems unbootable
 +    - '!sebool_secure_mode_insmod'
++    - '!timer_logrotate_enabled'
++    # Following rules once had a prodtype incompatible with the rhel8 product
++    - '!kernel_config_gcc_plugin_structleak_byref_all'
++    - '!accounts_passwords_pam_tally2_deny_root'
++    - '!aide_periodic_checking_systemd_timer'
++    - '!audit_rules_privileged_commands_rmmod'
++    - '!grub2_mds_argument'
++    - '!audit_rules_privileged_commands_modprobe'
++    - '!package_dracut-fips-aesni_installed'
++    - '!cracklib_accounts_password_pam_lcredit'
++    - '!sysctl_fs_protected_regular'
++    - '!cracklib_accounts_password_pam_ocredit'
++    - '!kernel_config_gcc_plugin_stackleak'
++    - '!audit_rules_privileged_commands_insmod'
++    - '!chronyd_configure_pool_and_server'
++    - '!accounts_passwords_pam_tally2'
++    - '!cracklib_accounts_password_pam_ucredit'
++    - '!kernel_config_legacy_vsyscall_xonly'
++    - '!kernel_config_gcc_plugin_randstruct'
++    - '!accounts_passwords_pam_tally2_unlock_time'
++    - '!cracklib_accounts_password_pam_minlen'
++    - '!sysctl_fs_protected_fifos'
++    - '!cracklib_accounts_password_pam_dcredit'
++    - '!grub2_page_alloc_shuffle_argument'
++    - '!ensure_oracle_gpgkey_installed'
 diff --git a/products/almalinux8/profiles/anssi_bp28_intermediary.profile b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
 new file mode 100644
-index 000000000..81b684668
+index 000000000..f99e4622a
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
-@@ -0,0 +1,19 @@
+@@ -0,0 +1,37 @@
 +documentation_complete: true
 +
 +metadata:
 +    SMEs:
++        - marcusburghardt
 +        - yuumasato
 +
 +title: 'ANSSI-BP-028 (intermediary)'
@@ -32421,18 +19371,36 @@ index 000000000..81b684668
 +    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
 +    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
 +
++    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
++    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
++
 +selections:
 +  - anssi:all:intermediary
++  # Following rules once had a prodtype incompatible with the rhel8 product
++  - '!cracklib_accounts_password_pam_minlen'
++  - '!accounts_passwords_pam_tally2_deny_root'
++  - '!grub2_mds_argument'
++  - '!sysctl_fs_protected_fifos'
++  - '!accounts_passwords_pam_tally2'
++  - '!cracklib_accounts_password_pam_ucredit'
++  - '!cracklib_accounts_password_pam_dcredit'
++  - '!cracklib_accounts_password_pam_lcredit'
++  - '!sysctl_fs_protected_regular'
++  - '!cracklib_accounts_password_pam_ocredit'
++  - '!grub2_page_alloc_shuffle_argument'
++  - '!accounts_passwords_pam_tally2_unlock_time'
++  - '!ensure_oracle_gpgkey_installed'
 diff --git a/products/almalinux8/profiles/anssi_bp28_minimal.profile b/products/almalinux8/profiles/anssi_bp28_minimal.profile
 new file mode 100644
-index 000000000..79a63fd43
+index 000000000..aa606b38b
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_minimal.profile
-@@ -0,0 +1,20 @@
+@@ -0,0 +1,33 @@
 +documentation_complete: true
 +
 +metadata:
 +    SMEs:
++        - marcusburghardt
 +        - yuumasato
 +
 +title: 'ANSSI-BP-028 (minimal)'
@@ -32446,19 +19414,31 @@ index 000000000..79a63fd43
 +    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
 +    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
 +
++    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
++    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
++
 +selections:
 +  - anssi:all:minimal
-+
++  # Following rules once had a prodtype incompatible with the rhel8 product
++  - '!cracklib_accounts_password_pam_minlen'
++  - '!accounts_passwords_pam_tally2_deny_root'
++  - '!accounts_passwords_pam_tally2'
++  - '!cracklib_accounts_password_pam_ucredit'
++  - '!cracklib_accounts_password_pam_dcredit'
++  - '!cracklib_accounts_password_pam_lcredit'
++  - '!cracklib_accounts_password_pam_ocredit'
++  - '!accounts_passwords_pam_tally2_unlock_time'
++  - '!ensure_oracle_gpgkey_installed'
 diff --git a/products/almalinux8/profiles/cis.profile b/products/almalinux8/profiles/cis.profile
 new file mode 100644
-index 000000000..5b176ac6a
+index 000000000..c52f6b4c4
 --- /dev/null
 +++ b/products/almalinux8/profiles/cis.profile
-@@ -0,0 +1,23 @@
+@@ -0,0 +1,26 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: 2.0.0
++    version: 3.0.0
 +    SMEs:
 +        - marcusburghardt
 +        - vojtapolasek
@@ -32470,7 +19450,7 @@ index 000000000..5b176ac6a
 +
 +description: |-
 +    This profile defines a baseline that aligns to the "Level 2 - Server"
-+    configuration from the Center for Internet Security®
++    configuration from the Center for Internet Security® 
 +    AlmaLinux OS 8 Benchmark™, v2.0.0, released 05-31-2022.
 +
 +    This profile includes Center for Internet Security®
@@ -32478,16 +19458,19 @@ index 000000000..5b176ac6a
 +
 +selections:
 +    - cis_rhel8:all:l2_server
++    # Following rules once had a prodtype incompatible with the rhel8 product
++    - '!file_owner_at_allow'
++    - '!package_dnsmasq_removed'
 diff --git a/products/almalinux8/profiles/cis_server_l1.profile b/products/almalinux8/profiles/cis_server_l1.profile
 new file mode 100644
-index 000000000..a067db30c
+index 000000000..19b6dfc97
 --- /dev/null
 +++ b/products/almalinux8/profiles/cis_server_l1.profile
-@@ -0,0 +1,23 @@
+@@ -0,0 +1,26 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: 2.0.0
++    version: 3.0.0
 +    SMEs:
 +        - marcusburghardt
 +        - vojtapolasek
@@ -32499,7 +19482,7 @@ index 000000000..a067db30c
 +
 +description: |-
 +    This profile defines a baseline that aligns to the "Level 1 - Server"
-+    configuration from the Center for Internet Security®
++    configuration from the Center for Internet Security® 
 +    AlmaLinux OS 8 Benchmark™, v2.0.0, released 05-31-2022.
 +
 +    This profile includes Center for Internet Security®
@@ -32507,16 +19490,19 @@ index 000000000..a067db30c
 +
 +selections:
 +    - cis_rhel8:all:l1_server
++    # Following rules once had a prodtype incompatible with the rhel8 product
++    - '!file_owner_at_allow'
++    - '!package_dnsmasq_removed'
 diff --git a/products/almalinux8/profiles/cis_workstation_l1.profile b/products/almalinux8/profiles/cis_workstation_l1.profile
 new file mode 100644
-index 000000000..247e968d2
+index 000000000..a36fed734
 --- /dev/null
 +++ b/products/almalinux8/profiles/cis_workstation_l1.profile
-@@ -0,0 +1,23 @@
+@@ -0,0 +1,26 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: 2.0.0
++    version: 3.0.0
 +    SMEs:
 +        - marcusburghardt
 +        - vojtapolasek
@@ -32528,7 +19514,7 @@ index 000000000..247e968d2
 +
 +description: |-
 +    This profile defines a baseline that aligns to the "Level 1 - Workstation"
-+    configuration from the Center for Internet Security®
++    configuration from the Center for Internet Security® 
 +    AlmaLinux OS 8 Benchmark™, v2.0.0, released 05-31-2022.
 +
 +    This profile includes Center for Internet Security®
@@ -32536,16 +19522,19 @@ index 000000000..247e968d2
 +
 +selections:
 +    - cis_rhel8:all:l1_workstation
++    # Following rules once had a prodtype incompatible with the rhel8 product
++    - '!file_owner_at_allow'
++    - '!package_dnsmasq_removed'
 diff --git a/products/almalinux8/profiles/cis_workstation_l2.profile b/products/almalinux8/profiles/cis_workstation_l2.profile
 new file mode 100644
-index 000000000..bfe8bea3d
+index 000000000..f5e158ff0
 --- /dev/null
 +++ b/products/almalinux8/profiles/cis_workstation_l2.profile
-@@ -0,0 +1,23 @@
+@@ -0,0 +1,26 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: 2.0.0
++    version: 3.0.0
 +    SMEs:
 +        - marcusburghardt
 +        - vojtapolasek
@@ -32557,7 +19546,7 @@ index 000000000..bfe8bea3d
 +
 +description: |-
 +    This profile defines a baseline that aligns to the "Level 2 - Workstation"
-+    configuration from the Center for Internet Security®
++    configuration from the Center for Internet Security® 
 +    AlmaLinux OS 8 Benchmark™, v2.0.0, released 05-31-2022.
 +
 +    This profile includes Center for Internet Security®
@@ -32565,13 +19554,18 @@ index 000000000..bfe8bea3d
 +
 +selections:
 +    - cis_rhel8:all:l2_workstation
++    # Following rules once had a prodtype incompatible with the rhel8 product
++    - '!file_owner_at_allow'
++    - '!package_dnsmasq_removed'
 diff --git a/products/almalinux8/profiles/cjis.profile b/products/almalinux8/profiles/cjis.profile
 new file mode 100644
-index 000000000..21ecf67a8
+index 000000000..e4202eccc
 --- /dev/null
 +++ b/products/almalinux8/profiles/cjis.profile
-@@ -0,0 +1,143 @@
-+documentation_complete: false
+@@ -0,0 +1,145 @@
++documentation_complete: true
++
++hidden: true
 +
 +metadata:
 +    version: 5.4
@@ -32752,6 +19746,723 @@ index 000000000..216999b09
 +
 +selections:
 +    - inactivity_timeout_value=10_minutes
+diff --git a/products/almalinux8/profiles/default.profile b/products/almalinux8/profiles/default.profile
+new file mode 100644
+index 000000000..127bef3cc
+--- /dev/null
++++ b/products/almalinux8/profiles/default.profile
+@@ -0,0 +1,711 @@
++documentation_complete: true
++
++hidden: true
++
++title: Default Profile for Red Hat Enterprise Linux 8
++
++description: |-
++    This profile contains all the rules that once belonged to the
++    rhel8 product via 'prodtype'. This profile won't
++    be rendered into an XCCDF Profile entity, nor it will select any
++    of these rules by default. The only purpose of this profile
++    is to keep a rule in the product's XCCDF Benchmark.
++
++selections:
++    - sebool_nfsd_anon_write
++    - sebool_squid_connect_any
++    - sebool_polipo_connect_all_unreserved
++    - audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write
++    - mount_option_var_tmp_bind
++    - sebool_selinuxuser_use_ssh_chroot
++    - sebool_condor_tcp_network_connect
++    - aide_use_fips_hashes
++    - sebool_xserver_object_manager
++    - mount_option_home_grpquota
++    - sebool_mpd_enable_homedirs
++    - auditd_data_retention_max_log_file_action_stig
++    - sebool_logadm_exec_content
++    - install_mcafee_antivirus
++    - httpd_configure_documentroot
++    - auditd_audispd_encrypt_sent_records
++    - audit_rules_unsuccessful_file_modification_openat_rule_order
++    - sebool_logwatch_can_network_connect_mail
++    - sebool_mpd_use_nfs
++    - sebool_virt_use_sanlock
++    - disable_anacron
++    - kernel_module_vfat_disabled
++    - sebool_xguest_use_bluetooth
++    - sebool_puppetagent_manage_all_files
++    - sebool_staff_use_svirt
++    - audit_rules_successful_file_modification_lsetxattr
++    - sebool_daemons_enable_cluster_mode
++    - package_samba-common_installed
++    - sebool_httpd_enable_cgi
++    - harden_openssl_crypto_policy
++    - dir_perms_world_writable_system_owned
++    - xwindows_remove_packages
++    - package_iptables-services_removed
++    - sebool_httpd_can_network_memcache
++    - sebool_git_system_use_nfs
++    - sudoers_no_root_target
++    - enable_ldap_client
++    - sebool_httpd_can_connect_zabbix
++    - sebool_samba_portmapper
++    - audit_rules_etc_shadow_open
++    - sebool_httpd_graceful_shutdown
++    - httpd_limit_java_files
++    - sebool_ftpd_use_fusefs
++    - service_cups_disabled
++    - sebool_selinuxuser_ping
++    - package_pigz_removed
++    - sebool_unconfined_chrome_sandbox_transition
++    - avahi_prevent_port_sharing
++    - package_ntpdate_removed
++    - sebool_gitosis_can_sendmail
++    - set_loopback_traffic
++    - ntpd_specify_multiple_servers
++    - firewalld_sshd_disabled
++    - audit_rules_unsuccessful_file_modification_renameat
++    - sebool_pcp_read_generic_logs
++    - package_abrt-plugin-rhtsupport_removed
++    - sebool_httpd_run_ipa
++    - sebool_selinuxuser_share_music
++    - file_groupowner_var_log_syslog
++    - httpd_configure_perl_taint
++    - service_netfs_disabled
++    - sebool_dbadm_manage_user_files
++    - sebool_smbd_anon_write
++    - auditd_audispd_configure_remote_server
++    - service_ypserv_disabled
++    - sebool_nagios_run_sudo
++    - sebool_dbadm_exec_content
++    - package_ntp_installed
++    - package_cron_installed
++    - sebool_abrt_anon_write
++    - dconf_gnome_screensaver_idle_activation_locked
++    - audit_rules_successful_file_modification_unlinkat
++    - httpd_entrust_passwords
++    - httpd_proxy_support
++    - package_audit-audispd-plugins_installed
++    - sebool_xserver_clients_write_xshm
++    - service_rpcidmapd_disabled
++    - sebool_xdm_exec_bootloader
++    - sebool_httpd_serve_cobbler_files
++    - httpd_configure_log_format
++    - sebool_use_ecryptfs_home_dirs
++    - sebool_container_connect_any
++    - sebool_sge_domain_can_network_connect
++    - sebool_staff_exec_content
++    - file_permissions_home_dirs
++    - audit_rules_privileged_commands_newgidmap
++    - sebool_ssh_chroot_rw_homedirs
++    - sebool_virt_use_xserver
++    - no_netrc_files
++    - sebool_mozilla_plugin_use_spice
++    - package_libcap-ng-utils_installed
++    - sebool_abrt_handle_event
++    - sebool_tmpreaper_use_nfs
++    - sebool_httpd_can_connect_ldap
++    - ftp_restrict_to_anon
++    - sebool_mmap_low_allowed
++    - sebool_glance_use_fusefs
++    - sebool_httpd_dontaudit_search_dirs
++    - sebool_named_tcp_bind_http_port
++    - auditd_audispd_network_failure_action
++    - sebool_wine_mmap_zero_ignore
++    - sebool_cluster_use_execmem
++    - audit_rules_privileged_commands_usernetctl
++    - dconf_gnome_disable_user_admin
++    - sebool_ftpd_use_nfs
++    - sebool_httpd_use_fusefs
++    - service_iptables_enabled
++    - sebool_tor_bind_all_unreserved_ports
++    - httpd_configure_banner_page
++    - httpd_install_mod_ssl
++    - sebool_httpd_use_openstack
++    - sebool_icecast_use_any_tcp_ports
++    - sebool_virt_sandbox_use_all_caps
++    - audit_rules_unsuccessful_file_modification_rename
++    - package_binutils_installed
++    - sebool_openshift_use_nfs
++    - sebool_mailman_use_fusefs
++    - sebool_nfs_export_all_rw
++    - service_sysstat_disabled
++    - sebool_httpd_dbus_avahi
++    - dir_perms_etc_httpd_conf
++    - logwatch_configured_splithosts
++    - mount_option_smb_client_signing
++    - grub2_no_removeable_media
++    - audit_rules_successful_file_modification_open_o_trunc_write
++    - httpd_no_compilers_in_prod
++    - sebool_mplayer_execstack
++    - sebool_virt_sandbox_use_mknod
++    - audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order
++    - sebool_fcron_crond
++    - sebool_httpd_read_user_content
++    - sebool_samba_domain_controller
++    - service_sshd_disabled
++    - sebool_cobbler_anon_write
++    - audit_rules_successful_file_modification_openat_o_trunc_write
++    - audit_rules_successful_file_modification_removexattr
++    - sebool_xdm_write_home
++    - sebool_httpd_mod_auth_pam
++    - audit_rules_successful_file_modification_fchownat
++    - service_httpd_disabled
++    - sebool_pppd_for_user
++    - sebool_rsync_export_all_ro
++    - audit_rules_successful_file_modification_open_o_creat
++    - install_hids
++    - sebool_authlogin_radius
++    - httpd_configure_remote_session_encryption
++    - sebool_swift_can_network
++    - dhcp_server_disable_ddns
++    - sudo_restrict_others_executable_permission
++    - sshd_disable_pubkey_auth
++    - sebool_tor_can_network_relay
++    - postfix_server_banner
++    - sebool_virt_use_samba
++    - nfs_fixed_statd_port
++    - audit_privileged_commands_reboot
++    - sysctl_kernel_core_uses_pid
++    - install_mcafee_hbss_pa
++    - sebool_spamassassin_can_network
++    - package_syslogng_installed
++    - sebool_selinuxuser_postgresql_connect_enabled
++    - sebool_virt_sandbox_use_sys_admin
++    - httpd_ldap_support
++    - network_disable_zeroconf
++    - sebool_irssi_use_full_network
++    - sebool_sysadm_exec_content
++    - sebool_polipo_use_cifs
++    - sebool_samba_load_libgfapi
++    - package_rpcbind_removed
++    - sebool_samba_run_unconfined
++    - sebool_webadm_manage_user_files
++    - cups_disable_browsing
++    - service_certmonger_disabled
++    - sebool_zoneminder_run_sudo
++    - sebool_ftpd_anon_write
++    - sebool_rsync_anon_write
++    - install_mcafee_hbss_accm
++    - mount_option_proc_hidepid
++    - sebool_nfs_export_all_ro
++    - audit_rules_unsuccessful_file_modification_chown
++    - sebool_selinuxuser_udp_server
++    - sebool_cups_execmem
++    - httpd_enable_loglevel
++    - network_ipv6_disable_rpc
++    - sebool_httpd_execmem
++    - sebool_httpd_sys_script_anon_write
++    - audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write
++    - sebool_ftpd_use_cifs
++    - audit_rules_etc_shadow_open_by_handle_at
++    - sebool_mysql_connect_any
++    - audit_rules_privileged_commands_pt_chown
++    - sebool_httpd_can_sendmail
++    - sebool_prosody_bind_http_port
++    - sebool_httpd_use_sasl
++    - sssd_memcache_timeout
++    - configure_opensc_card_drivers
++    - sebool_tftp_home_dir
++    - sebool_gssd_read_tmp
++    - sebool_squid_use_tproxy
++    - sebool_httpd_ssi_exec
++    - sebool_use_lpd_server
++    - httpd_restrict_root_directory
++    - audit_rules_successful_file_modification_open_by_handle_at_o_creat
++    - grub2_nousb_argument
++    - sebool_unconfined_login
++    - account_use_centralized_automated_auth
++    - httpd_configure_valid_server_cert
++    - sebool_xdm_bind_vnc_tcp_port
++    - sebool_deny_ptrace
++    - sebool_postgresql_selinux_transmit_client_label
++    - sysctl_net_ipv6_conf_all_disable_ipv6
++    - sebool_smartmon_3ware
++    - dconf_gnome_login_retries
++    - dhcp_server_configure_logging
++    - audit_rules_unsuccessful_file_modification_setxattr
++    - sudo_vdsm_nopasswd
++    - sebool_global_ssp
++    - package_iptables-services_installed
++    - service_smb_disabled
++    - sebool_virt_rw_qemu_ga_data
++    - sebool_selinuxuser_tcp_server
++    - package_inetutils-telnetd_removed
++    - audit_rules_successful_file_modification_openat
++    - audit_rules_unsuccessful_file_modification_fchmod
++    - service_ntpd_enabled
++    - file_permissions_httpd_server_conf_files
++    - sebool_httpd_use_gpg
++    - sysconfig_networking_bootproto_ifcfg
++    - sebool_spamd_enable_home_dirs
++    - package_openldap-servers_removed
++    - avahi_disable_publishing
++    - audit_rules_successful_file_modification_fchmod
++    - dns_server_disable_dynamic_updates
++    - sebool_fenced_can_network_connect
++    - sebool_virt_use_nfs
++    - sebool_lsmd_plugin_connect_any
++    - account_passwords_pam_faillock_dir
++    - package_iptables_installed
++    - httpd_configure_script_permissions
++    - sebool_authlogin_yubikey
++    - sebool_authlogin_nsswitch_use_ldap
++    - dconf_gnome_disable_geolocation
++    - sebool_httpd_run_preupgrade
++    - sebool_httpd_use_cifs
++    - sebool_telepathy_tcp_connect_generic_network_ports
++    - httpd_cache_support
++    - dir_perms_var_log_httpd
++    - nfs_fixed_lockd_udp_port
++    - sebool_entropyd_use_audio
++    - accounts_users_home_files_ownership
++    - sebool_httpd_enable_ftp_server
++    - sebool_postgresql_selinux_users_ddl
++    - http_configure_log_file_ownership
++    - xwindows_runlevel_target
++    - package_talk-server_removed
++    - kernel_module_ipv6_option_disabled
++    - sebool_cobbler_use_nfs
++    - sebool_mozilla_plugin_can_network_connect
++    - httpd_restrict_web_directory
++    - sebool_ftpd_full_access
++    - sebool_mcelog_foreground
++    - sebool_xguest_exec_content
++    - sebool_daemons_dump_core
++    - audit_rules_successful_file_modification_renameat
++    - uefi_no_removeable_media
++    - kernel_module_cfg80211_disabled
++    - sebool_git_cgi_use_cifs
++    - sebool_virt_sandbox_use_netlink
++    - enable_dconf_user_profile
++    - service_dhcpd_disabled
++    - smb_server_disable_root
++    - service_nfslock_disabled
++    - auditd_data_retention_admin_space_left_percentage
++    - sebool_openvpn_run_unconfined
++    - package_sssd_installed
++    - sebool_gluster_anon_write
++    - audit_rules_successful_file_modification_open
++    - sebool_secure_mode_insmod
++    - sebool_nscd_use_shm
++    - sebool_ksmtuned_use_cifs
++    - sebool_nagios_run_pnp4nagios
++    - sebool_selinuxuser_direct_dri_enabled
++    - sebool_haproxy_connect_any
++    - audit_rules_etc_shadow_openat
++    - dns_server_authenticate_zone_transfers
++    - sebool_pppd_can_insmod
++    - sebool_glance_api_can_network
++    - httpd_serversignature_off
++    - accounts_passwords_pam_faillock_enforce_local
++    - sebool_mozilla_plugin_use_bluejeans
++    - sebool_mozilla_read_content
++    - restrict_nfs_clients_to_privileged_ports
++    - sebool_virt_use_usb
++    - sebool_virt_use_execmem
++    - install_antivirus
++    - sebool_virt_read_qemu_ga_data
++    - service_vsftpd_disabled
++    - sebool_user_exec_content
++    - sebool_gluster_export_all_ro
++    - sebool_mcelog_server
++    - package_nss-tools_installed
++    - sebool_mount_anyfile
++    - sebool_sge_use_nfs
++    - service_saslauthd_disabled
++    - sebool_daemons_use_tty
++    - sebool_mcelog_client
++    - sebool_rsync_client
++    - sebool_privoxy_connect_any
++    - postfix_client_configure_relayhost
++    - audit_privileged_commands_init
++    - sebool_httpd_builtin_scripting
++    - iptables_sshd_disabled
++    - grub2_ipv6_disable_argument
++    - etc_system_fips_exists
++    - dconf_gnome_disable_thumbnailers
++    - sebool_varnishd_connect_any
++    - ensure_gpgcheck_repo_metadata
++    - audit_rules_for_ospp
++    - package_rsh_removed
++    - network_ipv6_privacy_extensions
++    - dconf_gnome_enable_smartcard_auth
++    - httpd_servertokens_prod
++    - service_postfix_enabled
++    - package_openssh-server_removed
++    - timer_logrotate_enabled
++    - httpd_limit_available_methods
++    - sebool_httpd_can_connect_mythtv
++    - audit_rules_successful_file_modification_lchown
++    - sebool_tftp_anon_write
++    - dhcp_server_deny_decline
++    - sebool_cobbler_can_network_connect
++    - sebool_samba_export_all_ro
++    - service_cron_enabled
++    - httpd_webdav
++    - service_rhnsd_disabled
++    - httpd_configure_max_keepalive_requests
++    - audit_rules_successful_file_modification_unlink
++    - wireless_disable_in_bios
++    - no_all_squash_exports
++    - sebool_use_samba_home_dirs
++    - audit_rules_etc_gshadow_openat
++    - service_ufw_enabled
++    - package_psacct_installed
++    - network_disable_ddns_interfaces
++    - nfs_no_anonymous
++    - dir_permissions_binary_dirs
++    - sebool_xend_run_blktap
++    - dconf_gnome_disable_wifi_notification
++    - package_nis_removed
++    - httpd_server_side_includes
++    - audit_rules_etc_passwd_open
++    - dhcp_client_restrict_options
++    - sebool_openvpn_can_network_connect
++    - httpd_server_configuration_display
++    - account_emergency_expire_date
++    - sebool_unconfined_mozilla_plugin_transition
++    - audit_rules_unsuccessful_file_modification_lremovexattr
++    - file_permissions_var_log_syslog
++    - sebool_git_cgi_enable_homedirs
++    - dovecot_configure_ssl_cert
++    - audit_rules_etc_passwd_open_by_handle_at
++    - audit_rules_privileged_commands_at
++    - sebool_virt_use_fusefs
++    - avahi_ip_only
++    - kernel_module_iwlmvm_disabled
++    - service_ntp_enabled
++    - file_owner_var_log_syslog
++    - service_ip6tables_enabled
++    - sebool_logging_syslogd_run_nagios_plugins
++    - sebool_mozilla_plugin_use_gps
++    - service_slapd_disabled
++    - partition_for_web_content
++    - audit_rules_unsuccessful_file_modification_open_o_trunc_write
++    - package_tar_installed
++    - httpd_private_server_on_separate_subnet
++    - use_root_squashing_all_exports
++    - sebool_ftpd_connect_all_unreserved
++    - configure_user_data_backups
++    - dir_ownership_binary_dirs
++    - nfs_fixed_lockd_tcp_port
++    - sebool_mcelog_exec_scripts
++    - httpd_configure_tls
++    - sysctl_net_ipv4_tcp_invalid_ratelimit
++    - sebool_xserver_execmem
++    - snmpd_not_default_password
++    - service_nftables_enabled
++    - sysctl_net_ipv6_conf_default_disable_ipv6
++    - sebool_cron_userdomain_transition
++    - sebool_collectd_tcp_network_connect
++    - sebool_httpd_enable_homedirs
++    - sebool_httpd_unified
++    - service_ypbind_disabled
++    - selinux_all_devicefiles_labeled
++    - audit_rules_privileged_commands_newuidmap
++    - ldap_client_tls_cacertpath
++    - sebool_zabbix_can_network
++    - audit_rules_unsuccessful_file_modification_chmod
++    - sebool_gpg_web_anon_write
++    - fapolicyd_prevent_home_folder_access
++    - no_legacy_plus_entries_etc_passwd
++    - sebool_sanlock_use_nfs
++    - httpd_restrict_critical_directories
++    - ldap_client_start_tls
++    - sebool_racoon_read_shadow
++    - audit_rules_successful_file_modification_fsetxattr
++    - sssd_enable_pam_services
++    - service_sssd_enabled
++    - service_psacct_enabled
++    - audit_rules_successful_file_modification_fremovexattr
++    - httpd_remove_backups
++    - service_netconsole_disabled
++    - file_permissions_httpd_server_conf_d_files
++    - audit_rules_successful_file_modification_rename
++    - sebool_guest_exec_content
++    - sebool_selinuxuser_mysql_connect_enabled
++    - sebool_antivirus_use_jit
++    - sebool_ksmtuned_use_nfs
++    - audit_rules_successful_file_modification_setxattr
++    - sssd_ldap_configure_tls_ca
++    - grub2_systemd_debug-shell_argument_absent
++    - sebool_polipo_session_bind_all_unreserved_ports
++    - sebool_secure_mode_policyload
++    - sebool_webadm_read_user_files
++    - auditd_data_disk_full_action_stig
++    - audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat
++    - audit_rules_unsuccessful_file_modification_fsetxattr
++    - avahi_restrict_published_information
++    - sebool_git_session_users
++    - sebool_exim_manage_user_files
++    - sshd_enable_gssapi_auth
++    - httpd_digest_authentication
++    - sebool_minidlna_read_generic_user_content
++    - audit_rules_etc_group_openat
++    - umask_for_daemons
++    - sebool_httpd_can_network_connect_cobbler
++    - service_mdmonitor_disabled
++    - audit_rules_unsuccessful_file_modification_fchownat
++    - sebool_openvpn_enable_homedirs
++    - zipl_enable_selinux
++    - bios_disable_usb_boot
++    - file_permissions_systemmap
++    - audit_rules_unsuccessful_file_modification_open_o_creat
++    - kernel_config_ipv6
++    - service_rpcgssd_disabled
++    - audit_rules_successful_file_modification_chown
++    - audit_rules_successful_file_modification_fchmodat
++    - sebool_dhcpc_exec_iptables
++    - httpd_public_resources_not_shared
++    - audit_rules_unsuccessful_file_modification_removexattr
++    - sebool_telepathy_connect_all_ports
++    - httpd_enable_error_logging
++    - httpd_disable_mime_types
++    - sebool_postgresql_can_rsync
++    - audit_rules_unsuccessful_file_modification_openat_o_trunc_write
++    - httpd_install_mod_security
++    - package_telnetd_removed
++    - sebool_httpd_setrlimit
++    - service_dovecot_disabled
++    - service_cockpit_disabled
++    - no_legacy_plus_entries_etc_group
++    - mount_option_boot_noauto
++    - nfs_fixed_mountd_port
++    - sebool_git_cgi_use_nfs
++    - httpd_remove_robots_file
++    - sebool_git_system_use_cifs
++    - sebool_httpd_use_nfs
++    - sshd_enable_pubkey_auth
++    - audit_rules_unsuccessful_file_modification_lchown
++    - dconf_gnome_disable_wifi_create
++    - audit_rules_successful_file_modification_fchown
++    - sssd_ldap_configure_tls_ca_dir
++    - sebool_git_system_enable_homedirs
++    - sebool_httpd_can_check_spam
++    - package_pcsc-lite_installed
++    - sebool_mpd_use_cifs
++    - sebool_xen_use_nfs
++    - zipl_systemd_debug-shell_argument_absent
++    - sebool_samba_enable_home_dirs
++    - service_named_disabled
++    - service_syslogng_enabled
++    - sebool_sanlock_use_fusefs
++    - account_passwords_pam_faillock_audit
++    - sebool_ssh_keysign
++    - httpd_require_client_certs
++    - sebool_zebra_write_config
++    - sebool_kerberos_enabled
++    - httpd_disable_content_symlinks
++    - package_sssd-ipa_installed
++    - sebool_irc_use_any_tcp_ports
++    - audit_rules_etc_gshadow_open_by_handle_at
++    - sebool_samba_export_all_rw
++    - httpd_anonymous_content_sharing
++    - audit_rules_successful_file_modification_truncate
++    - dhcp_server_minimize_served_info
++    - file_permissions_httpd_server_modules_files
++    - httpd_mime_magic
++    - audit_rules_successful_file_modification_open_by_handle_at
++    - sebool_tmpreaper_use_samba
++    - sebool_xdm_sysadm_login
++    - sebool_samba_create_home_dirs
++    - sebool_login_console_enabled
++    - sebool_secadm_exec_content
++    - httpd_configure_firewall
++    - sssd_ldap_configure_tls_reqcert
++    - audit_rules_successful_file_modification_chmod
++    - sebool_nis_enabled
++    - ftp_log_transactions
++    - sebool_cvs_read_shadow
++    - audit_rules_unsuccessful_file_modification_lsetxattr
++    - sebool_xend_run_qemu
++    - auditd_data_disk_error_action_stig
++    - sebool_virt_use_comm
++    - installed_OS_is_FIPS_certified
++    - mcafee_antivirus_definitions_updated
++    - network_ipv6_default_gateway
++    - sebool_httpd_can_network_connect
++    - sebool_virt_sandbox_use_audit
++    - sshd_disable_root_password_login
++    - set_firewalld_appropriate_zone
++    - harden_sshd_crypto_policy
++    - package_telnetd-ssl_removed
++    - network_ipv6_disable_interfaces
++    - package_vsftpd_installed
++    - sebool_puppetmaster_use_db
++    - audit_rules_successful_file_modification_ftruncate
++    - logwatch_configured_hostlimit
++    - dns_server_disable_zone_transfers
++    - no_insecure_locks_exports
++    - dconf_gnome_disable_power_settings
++    - package_abrt-plugin-logger_removed
++    - sebool_mozilla_plugin_bind_unreserved_ports
++    - package_MFEhiplsm_installed
++    - sebool_fenced_can_ssh
++    - sebool_glance_use_execmem
++    - audit_rules_etc_passwd_openat
++    - sebool_rsync_full_access
++    - httpd_server_activity_status
++    - snmpd_no_rwusers
++    - httpd_ignore_htaccess_files
++    - service_pcscd_enabled
++    - mount_option_home_usrquota
++    - sebool_logging_syslogd_can_sendmail
++    - service_quota_nld_disabled
++    - sebool_ftpd_use_passive_mode
++    - sebool_cluster_can_network_connect
++    - sebool_cdrecord_read_content
++    - sebool_antivirus_can_scan_system
++    - rsyslog_logging_configured
++    - sebool_httpd_manage_ipa
++    - audit_rules_dac_modification_umount
++    - sebool_samba_share_nfs
++    - sebool_domain_kernel_load_modules
++    - package_389-ds-base_removed
++    - mount_option_krb_sec_remote_filesystems
++    - sebool_logging_syslogd_use_tty
++    - audit_rules_etc_group_open
++    - ftp_disable_uploads
++    - sebool_secure_mode
++    - set_iptables_default_rule_forward
++    - httpd_enable_log_config
++    - service_rsh_disabled
++    - zipl_vsyscall_argument
++    - audit_rules_unsuccessful_file_modification_openat_o_creat
++    - dovecot_enable_ssl
++    - sebool_awstats_purge_apache_log_files
++    - ftp_home_partition
++    - httpd_url_correction
++    - sebool_httpd_tmp_exec
++    - sebool_sanlock_use_samba
++    - audit_privileged_commands_poweroff
++    - force_opensc_card_drivers
++    - audit_rules_successful_file_modification_creat
++    - sebool_domain_fd_use
++    - package_avahi-autoipd_removed
++    - sebool_httpd_can_connect_ftp
++    - sebool_httpd_anon_write
++    - root_path_default
++    - sebool_dhcpd_use_ldap
++    - httpd_antivirus_scan_uploads
++    - coreos_enable_selinux_kernel_argument
++    - sebool_postgresql_selinux_unconfined_dbadm
++    - kernel_disable_entropy_contribution_for_solid_state_drives
++    - sebool_use_fusefs_home_dirs
++    - sebool_abrt_upload_watch_anon_write
++    - dconf_gnome_disable_restart_shutdown
++    - audit_rules_successful_file_modification_lremovexattr
++    - sebool_virt_transition_userdomain
++    - sshd_use_priv_separation
++    - sudo_add_passwd_timeout
++    - package_freeradius_removed
++    - avahi_check_ttl
++    - audit_privileged_commands_shutdown
++    - service_tftp_disabled
++    - sebool_httpd_tty_comm
++    - sebool_dbadm_read_user_files
++    - service_rpcsvcgssd_disabled
++    - audit_rules_unsuccessful_file_modification_unlink
++    - auditd_audispd_disk_full_action
++    - httpd_enable_system_logging
++    - httpd_encrypt_file_uploads
++    - sssd_ssh_known_hosts_timeout
++    - sebool_exim_read_user_files
++    - ftp_limit_users
++    - sebool_zarafa_setrlimit
++    - kernel_module_mac80211_disabled
++    - sebool_kdumpgui_run_bootloader
++    - service_portreserve_disabled
++    - chronyd_or_ntpd_specify_remote_server
++    - rsyslog_accept_remote_messages_tcp
++    - sebool_httpd_verify_dns
++    - ip6tables_rules_for_open_ports
++    - set_nftables_table
++    - accounts_password_pam_enforce_local
++    - usbguard_allow_hub
++    - sebool_polipo_use_nfs
++    - sebool_exim_can_connect_db
++    - package_libreport-plugin-rhtsupport_removed
++    - sebool_unprivuser_use_svirt
++    - sssd_run_as_sssd_user
++    - sebool_httpd_run_stickshift
++    - httpd_nipr_accredited_dmz
++    - set_ipv6_loopback_traffic
++    - package_systemd-journal-remote_installed
++    - ftp_configure_firewall
++    - sssd_ldap_start_tls
++    - sebool_cron_can_relabel
++    - httpd_mod_rewrite
++    - network_ipv6_static_address
++    - package_libreswan_installed
++    - audit_rules_unsuccessful_file_modification_fremovexattr
++    - sebool_httpd_dbus_sssd
++    - sebool_xguest_connect_network
++    - package_geolite2-country_removed
++    - audit_rules_etc_group_open_by_handle_at
++    - sebool_daemons_use_tcp_wrapper
++    - httpd_disable_anonymous_ftp_access
++    - sebool_use_nfs_home_dirs
++    - dhcp_server_deny_bootp
++    - sebool_conman_can_network
++    - sebool_logrotate_use_nfs
++    - audit_rules_unsuccessful_file_modification_fchown
++    - sebool_httpd_can_network_connect_db
++    - sebool_gluster_export_all_rw
++    - package_vim_installed
++    - sebool_named_write_master_zones
++    - sebool_postfix_local_write_mail_spool
++    - httpd_cgi_support
++    - sebool_xguest_mount_media
++    - bios_assign_password
++    - service_cpupower_disabled
++    - sebool_selinuxuser_rw_noexattrfile
++    - sebool_cron_system_cronjob_use_shares
++    - sebool_virt_use_rawip
++    - sebool_pcp_bind_all_unreserved_ports
++    - install_mcafee_cma_rt
++    - no_root_webbrowsing
++    - audit_rules_etc_gshadow_open
++    - sebool_saslauthd_read_shadow
++    - service_rhsmcertd_disabled
++    - sebool_mock_enable_homedirs
++    - ntpd_specify_remote_server
++    - audit_rules_successful_file_modification_openat_o_creat
++    - kernel_module_iwlwifi_disabled
++    - sebool_zoneminder_anon_write
++    - sshd_enable_x11_forwarding
++    - dconf_gnome_screensaver_user_info
++    - require_smb_client_signing
++    - sshd_disable_rhosts_rsa
++    - sebool_neutron_can_network
++    - dovecot_disable_plaintext_auth
++    - sebool_ftpd_connect_db
++    - sebool_httpd_mod_auth_ntlm_winbind
++    - sebool_samba_share_fusefs
++    - harden_ssh_client_crypto_policy
++    - sebool_cobbler_use_cifs
++    - sebool_httpd_can_network_relay
++    - package_geolite2-city_removed
++    - set_iptables_default_rule
++    - sebool_piranha_lvs_can_network_connect
++    - cups_disable_printserver
++    - usbguard_allow_hid
++    - package_talk_removed
++    - no_legacy_plus_entries_etc_shadow
++    - sebool_git_session_bind_all_unreserved_ports
++    - service_acpid_disabled
++    - rsyslog_accept_remote_messages_udp
++    - sebool_boinc_execmem
++    - service_nails_enabled
++    - audit_rules_unsuccessful_file_modification_unlinkat
++    - disable_logwatch_for_logserver
++    - sebool_fips_mode
++    - audit_rules_unsuccessful_file_modification_open_rule_order
++    - ftp_present_banner
++    - audit_rules_unsuccessful_file_modification_fchmodat
++    - sebool_polipo_session_users
++    - sebool_cluster_manage_all_files
++    - iptables_rules_for_open_ports
++    - dovecot_configure_ssl_key
 diff --git a/products/almalinux8/profiles/e8.profile b/products/almalinux8/profiles/e8.profile
 new file mode 100644
 index 000000000..491958fdd
@@ -33229,7 +20940,7 @@ index 000000000..aac055ee1
 +  - file_permissions_sshd_private_key
 diff --git a/products/almalinux8/profiles/ospp.profile b/products/almalinux8/profiles/ospp.profile
 new file mode 100644
-index 000000000..30b40b6d0
+index 000000000..3255908d7
 --- /dev/null
 +++ b/products/almalinux8/profiles/ospp.profile
 @@ -0,0 +1,437 @@
@@ -33238,10 +20949,10 @@ index 000000000..30b40b6d0
 +metadata:
 +    version: 4.2.1
 +    SMEs:
-+        - comps
-+        - stevegrubb
++        - ggbecker
++        - matusmarhefka
 +
-+reference: https://www.niap-ccevs.org/Profile/PP.cfm
++reference: https://www.niap-ccevs.org/Profile/Info.cfm?PPID=442&id=442
 +
 +title: 'Protection Profile for General Purpose Operating Systems'
 +
@@ -33672,169 +21383,78 @@ index 000000000..30b40b6d0
 +    - zipl_page_poison_argument
 diff --git a/products/almalinux8/profiles/pci-dss.profile b/products/almalinux8/profiles/pci-dss.profile
 new file mode 100644
-index 000000000..da1de8359
+index 000000000..a27fdbd6f
 --- /dev/null
 +++ b/products/almalinux8/profiles/pci-dss.profile
-@@ -0,0 +1,152 @@
+@@ -0,0 +1,59 @@
 +documentation_complete: true
 +
 +metadata:
++    version: '4.0'
 +    SMEs:
-+        - yuumasato
++        - marcusburghardt
++        - mab879
++        - vojtapolasek
 +
-+reference: https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf
++reference: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf
 +
-+title: 'PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 8'
++title: 'PCI-DSS v4.0 Control Baseline for Red Hat Enterprise Linux 8'
 +
 +description: |-
-+    Ensures PCI-DSS v3.2.1 security configuration settings are applied.
++    Payment Card Industry - Data Security Standard (PCI-DSS) is a set of
++    security standards designed to ensure the secure handling of payment card
++    data, with the goal of preventing data breaches and protecting sensitive
++    financial information.
++
++    This profile ensures Red Hat Enterprise Linux 8 is configured in alignment
++    with PCI-DSS v4.0 requirements.
 +
 +selections:
-+    - var_password_pam_unix_remember=4
-+    - var_account_disable_post_pw_expiration=90
-+    - var_accounts_passwords_pam_faillock_deny=6
-+    - var_accounts_passwords_pam_faillock_unlock_time=1800
-+    - sshd_idle_timeout_value=15_minutes
-+    - var_password_pam_minlen=7
-+    - var_password_pam_minclass=2
-+    - var_accounts_maximum_age_login_defs=90
-+    - var_auditd_num_logs=5
-+    - service_auditd_enabled
-+    - grub2_audit_argument
-+    - auditd_data_retention_num_logs
-+    - auditd_data_retention_max_log_file
-+    - auditd_data_retention_max_log_file_action
-+    - auditd_data_retention_space_left_action
-+    - auditd_data_retention_admin_space_left_action
-+    - auditd_data_retention_action_mail_acct
-+    - package_audispd-plugins_installed
-+    - auditd_audispd_syslog_plugin_activated
-+    - audit_rules_time_adjtimex
-+    - audit_rules_time_settimeofday
-+    - audit_rules_time_stime
-+    - audit_rules_time_clock_settime
-+    - audit_rules_time_watch_localtime
-+    - audit_rules_usergroup_modification_group
-+    - audit_rules_usergroup_modification_gshadow
-+    - audit_rules_usergroup_modification_opasswd
-+    - audit_rules_usergroup_modification_passwd
-+    - audit_rules_usergroup_modification_shadow
-+    - audit_rules_networkconfig_modification
-+    - file_permissions_var_log_audit
-+    - file_ownership_var_log_audit
-+    - audit_rules_mac_modification
-+    - audit_rules_dac_modification_chmod
-+    - audit_rules_dac_modification_chown
-+    - audit_rules_dac_modification_fchmod
-+    - audit_rules_dac_modification_fchmodat
-+    - audit_rules_dac_modification_fchown
-+    - audit_rules_dac_modification_fchownat
-+    - audit_rules_dac_modification_fremovexattr
-+    - audit_rules_dac_modification_fsetxattr
-+    - audit_rules_dac_modification_lchown
-+    - audit_rules_dac_modification_lremovexattr
-+    - audit_rules_dac_modification_lsetxattr
-+    - audit_rules_dac_modification_removexattr
-+    - audit_rules_dac_modification_setxattr
-+    - audit_rules_login_events
-+    - audit_rules_session_events
-+    - audit_rules_unsuccessful_file_modification_creat
-+    - audit_rules_unsuccessful_file_modification_ftruncate
-+    - audit_rules_unsuccessful_file_modification_open
-+    - audit_rules_unsuccessful_file_modification_open_by_handle_at
-+    - audit_rules_unsuccessful_file_modification_openat
-+    - audit_rules_unsuccessful_file_modification_truncate
-+    - audit_rules_privileged_commands
-+    - audit_rules_media_export
-+    - audit_rules_file_deletion_events_rename
-+    - audit_rules_file_deletion_events_renameat
-+    - audit_rules_file_deletion_events_rmdir
-+    - audit_rules_file_deletion_events_unlink
-+    - audit_rules_file_deletion_events_unlinkat
-+    - audit_rules_sysadmin_actions
-+    - audit_rules_kernel_module_loading_delete
-+    - audit_rules_kernel_module_loading_finit
-+    - audit_rules_kernel_module_loading_init
-+    - audit_rules_immutable
-+    - var_multiple_time_servers=rhel
-+    - service_chronyd_or_ntpd_enabled
-+    - chronyd_or_ntpd_specify_remote_server
-+    - chronyd_or_ntpd_specify_multiple_servers
-+    - rpm_verify_permissions
-+    - rpm_verify_hashes
-+    - install_hids
-+    - rsyslog_files_permissions
-+    - rsyslog_files_ownership
-+    - rsyslog_files_groupownership
-+    - ensure_logrotate_activated
-+    - package_aide_installed
-+    - aide_build_database
-+    - aide_periodic_cron_checking
-+    - account_unique_name
-+    - gid_passwd_group_same
-+    - accounts_password_all_shadowed
-+    - no_empty_passwords
-+    - display_login_attempts
-+    - account_disable_post_pw_expiration
-+    - var_authselect_profile=sssd
-+    - enable_authselect
-+    - accounts_passwords_pam_faillock_deny
-+    - accounts_passwords_pam_faillock_unlock_time
-+    - dconf_db_up_to_date
-+    - dconf_gnome_screensaver_idle_delay
-+    - dconf_gnome_session_idle_user_locks
-+    - dconf_gnome_screensaver_idle_activation_enabled
-+    - dconf_gnome_screensaver_lock_enabled
-+    - dconf_gnome_screensaver_mode_blank
-+    - sshd_set_idle_timeout
-+    - var_sshd_set_keepalive=0
-+    - sshd_set_keepalive_0
-+    - accounts_password_pam_minlen
-+    - accounts_password_pam_dcredit
-+    - accounts_password_pam_ucredit
-+    - accounts_password_pam_lcredit
-+    - accounts_password_pam_unix_remember
-+    - accounts_maximum_age_login_defs
-+    - ensure_almalinux_gpgkey_installed
-+    - ensure_gpgcheck_globally_activated
-+    - ensure_gpgcheck_never_disabled
-+    - security_patches_up_to_date
-+    - package_opensc_installed
-+    - var_smartcard_drivers=cac
-+    - configure_opensc_card_drivers
-+    - force_opensc_card_drivers
-+    - package_pcsc-lite_installed
-+    - service_pcscd_enabled
-+    - sssd_enable_smartcards
-+    - set_password_hashing_algorithm_systemauth
-+    - set_password_hashing_algorithm_passwordauth
-+    - set_password_hashing_algorithm_logindefs
-+    - set_password_hashing_algorithm_libuserconf
-+    - file_owner_etc_shadow
-+    - file_groupowner_etc_shadow
-+    - file_permissions_etc_shadow
-+    - file_owner_etc_group
-+    - file_groupowner_etc_group
-+    - file_permissions_etc_group
-+    - file_owner_etc_passwd
-+    - file_groupowner_etc_passwd
-+    - file_permissions_etc_passwd
-+    - file_owner_grub2_cfg
-+    - file_groupowner_grub2_cfg
-+    - package_libreswan_installed
-+    - configure_crypto_policy
-+    - configure_bind_crypto_policy
-+    - configure_openssl_crypto_policy
-+    - configure_libreswan_crypto_policy
-+    - configure_ssh_crypto_policy
-+    - configure_kerberos_crypto_policy
++    - pcidss_4:all
++    # More tests are needed to identify which rule is conflicting with rpm_verify_permissions.
++    # https://github.com/ComplianceAsCode/content/issues/11285
++    - '!rpm_verify_permissions'
++    # these rules do not apply to RHEL but they have to keep the prodtype for historical reasons
++    - '!package_audit-audispd-plugins_installed'
++    - '!service_ntp_enabled'
++    - '!ntpd_specify_remote_server'
++    - '!ntpd_specify_multiple_servers'
++    - '!set_ipv6_loopback_traffic'
++    - '!set_loopback_traffic'
++    - '!service_ntpd_enabled'
++    - '!timer_logrotate_enabled'
++    - '!package_talk_removed'
++    - '!package_talk-server_removed'
++    - '!package_rsh_removed'
++    - '!package_rsh-server_removed'
++    # Following rules once had a prodtype incompatible with the rhel8 product
++    - '!cracklib_accounts_password_pam_minlen'
++    - '!nftables_ensure_default_deny_policy'
++    - '!permissions_local_var_log'
++    - '!set_password_hashing_algorithm_commonauth'
++    - '!accounts_passwords_pam_tally2'
++    - '!cracklib_accounts_password_pam_dcredit'
++    - '!cracklib_accounts_password_pam_lcredit'
++    - '!service_timesyncd_enabled'
++    - '!ensure_suse_gpgkey_installed'
++    - '!ensure_shadow_group_empty'
++    - '!mask_nonessential_services'
++    - '!gnome_gdm_disable_unattended_automatic_login'
++    - '!file_owner_at_allow'
++    - '!accounts_passwords_pam_tally2_unlock_time'
++    - '!ensure_firewall_rules_for_open_ports'
++    - '!cracklib_accounts_password_pam_retry'
++    - '!aide_periodic_checking_systemd_timer'
++    - '!package_cryptsetup-luks_installed'
 diff --git a/products/almalinux8/profiles/rht-ccp.profile b/products/almalinux8/profiles/rht-ccp.profile
 new file mode 100644
-index 000000000..7e13ea552
+index 000000000..67dad56fd
 --- /dev/null
 +++ b/products/almalinux8/profiles/rht-ccp.profile
-@@ -0,0 +1,100 @@
-+documentation_complete: false
+@@ -0,0 +1,102 @@
++documentation_complete: true
++
++hidden: true
 +
 +title: 'Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)'
 +
@@ -33936,17 +21556,19 @@ index 000000000..7e13ea552
 +    - configure_ssh_crypto_policy
 diff --git a/products/almalinux8/profiles/standard.profile b/products/almalinux8/profiles/standard.profile
 new file mode 100644
-index 000000000..7904d13c4
+index 000000000..30e6a3d30
 --- /dev/null
 +++ b/products/almalinux8/profiles/standard.profile
-@@ -0,0 +1,67 @@
-+documentation_complete: false
+@@ -0,0 +1,91 @@
++documentation_complete: true
 +
-+title: 'Standard System Security Profile for AlmaLinux 8'
++hidden: true
++
++title: 'Standard System Security Profile for Red Hat Enterprise Linux 8'
 +
 +description: |-
 +    This profile contains rules to ensure standard security baseline
-+    of a AlmaLinux 8 system. Regardless of your system's workload
++    of a Red Hat Enterprise Linux 8 system. Regardless of your system's workload
 +    all of these checks should pass.
 +
 +selections:
@@ -33956,6 +21578,14 @@ index 000000000..7904d13c4
 +    - rpm_verify_hashes
 +    - security_patches_up_to_date
 +    - no_empty_passwords
++    - file_groupowner_etc_group
++    - file_owner_etc_group
++    - file_permissions_etc_group
++    - file_groupowner_etc_passwd
++    - file_owner_etc_passwd
++    - file_permissions_etc_passwd
++    - file_groupowner_etc_shadow
++    - file_owner_etc_shadow
 +    - file_permissions_unauthorized_sgid
 +    - file_permissions_unauthorized_suid
 +    - file_permissions_unauthorized_world_writable
@@ -34007,16 +21637,30 @@ index 000000000..7904d13c4
 +    - configure_libreswan_crypto_policy
 +    - configure_ssh_crypto_policy
 +    - configure_kerberos_crypto_policy
++    - service_auditd_enabled
++    - gid_passwd_group_same
++    - file_groupowner_efi_grub2_cfg
++    - file_groupowner_grub2_cfg
++    - file_owner_efi_grub2_cfg
++    - file_owner_grub2_cfg
++    - file_permissions_efi_grub2_cfg
++    - file_permissions_grub2_cfg
++    - file_groupowner_efi_user_cfg
++    - file_groupowner_user_cfg
++    - file_owner_efi_user_cfg
++    - file_owner_user_cfg
++    - file_permissions_efi_user_cfg
++    - file_permissions_user_cfg
 diff --git a/products/almalinux8/profiles/stig.profile b/products/almalinux8/profiles/stig.profile
 new file mode 100644
-index 000000000..0ce172c28
+index 000000000..a82d15f64
 --- /dev/null
 +++ b/products/almalinux8/profiles/stig.profile
-@@ -0,0 +1,1226 @@
+@@ -0,0 +1,1251 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: V1R11
++    version: V1R13
 +    SMEs:
 +        - mab879
 +        - ggbecker
@@ -34027,7 +21671,17 @@ index 000000000..0ce172c28
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG for Red Hat Enterprise Linux 8 V1R11.
++    DISA STIG for Red Hat Enterprise Linux 8 V1R13.
++
++    In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this
++    configuration baseline as applicable to the operating system tier of
++    Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as:
++
++    - Red Hat Enterprise Linux Server
++    - Red Hat Enterprise Linux Workstation and Desktop
++    - Red Hat Enterprise Linux for HPC
++    - Red Hat Storage
++    - Red Hat Containers with a Red Hat Enterprise Linux 8 image
 +
 +selections:
 +    ### Variables
@@ -34056,7 +21710,7 @@ index 000000000..0ce172c28
 +    - var_password_pam_minlen=15
 +    - var_sshd_set_keepalive=1
 +    - sshd_approved_macs=stig_extended
-+    - sshd_approved_ciphers=stig
++    - sshd_approved_ciphers=stig_extended
 +    - sshd_idle_timeout_value=10_minutes
 +    - var_accounts_authorized_local_users_regex=rhel8
 +    - var_accounts_passwords_pam_faillock_deny=3
@@ -34503,7 +22157,7 @@ index 000000000..0ce172c28
 +    # RHEL-08-020000
 +    - account_temp_expire_date
 +
-+    # RHEL-08-020010, RHEL-08-020011, RHEL-08-020025, RHEL-08-020026
++    # RHEL-08-020010, RHEL-08-020011
 +    - accounts_passwords_pam_faillock_deny
 +
 +    # RHEL-08-020012, RHEL-08-020013
@@ -34527,6 +22181,12 @@ index 000000000..0ce172c28
 +    # RHEL-08-020024
 +    - accounts_max_concurrent_login_sessions
 +
++    # RHEL-08-020025
++    - account_password_pam_faillock_system_auth
++
++    # RHEL-08-020026
++    - account_password_pam_faillock_password_auth
++
 +    # RHEL-08-020027, RHEL-08-020028
 +    - account_password_selinux_faillock_dir
 +
@@ -34542,6 +22202,7 @@ index 000000000..0ce172c28
 +
 +    # RHEL-08-020035
 +    - logind_session_timeout
++    - var_logind_session_timeout=15_minutes
 +
 +    # RHEL-08-020039
 +    - package_tmux_installed
@@ -34571,6 +22232,9 @@ index 000000000..0ce172c28
 +    # RHEL-08-020081
 +    - dconf_gnome_session_idle_user_locks
 +
++    # RHEL-08-020082
++    - dconf_gnome_screensaver_lock_locked
++
 +    # RHEL-08-020090
 +    - sssd_enable_certmap
 +
@@ -34712,6 +22376,7 @@ index 000000000..0ce172c28
 +
 +    # RHEL-08-030062
 +    - auditd_name_format
++    - var_auditd_name_format=stig
 +
 +    # RHEL-08-030063
 +    - auditd_log_format
@@ -34992,6 +22657,7 @@ index 000000000..0ce172c28
 +    - package_rsh-server_removed
 +
 +    # RHEL-08-040020
++    - kernel_module_uvcvideo_disabled
 +
 +    # RHEL-08-040021
 +    - kernel_module_atm_disabled
@@ -35024,6 +22690,8 @@ index 000000000..0ce172c28
 +    - kernel_module_usb-storage_disabled
 +
 +    # RHEL-08-040090
++    - configured_firewalld_default_deny
++    - set_firewalld_default_zone
 +
 +    # RHEL-08-040100
 +    - package_firewalld_installed
@@ -35101,6 +22769,7 @@ index 000000000..0ce172c28
 +    - service_usbguard_enabled
 +
 +    # RHEL-08-040150
++    - firewalld-backend
 +
 +    # RHEL-08-040159
 +    - package_openssh-server_installed
@@ -35241,14 +22910,14 @@ index 000000000..0ce172c28
 +    - package_krb5-server_removed
 diff --git a/products/almalinux8/profiles/stig_gui.profile b/products/almalinux8/profiles/stig_gui.profile
 new file mode 100644
-index 000000000..17e7d2bd9
+index 000000000..7bc5761ae
 --- /dev/null
 +++ b/products/almalinux8/profiles/stig_gui.profile
-@@ -0,0 +1,33 @@
+@@ -0,0 +1,43 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: V1R11
++    version: V1R13
 +    SMEs:
 +        - mab879
 +        - ggbecker
@@ -35259,7 +22928,17 @@ index 000000000..17e7d2bd9
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG with GUI for Red Hat Enterprise Linux 8 V1R11.
++    DISA STIG with GUI for Red Hat Enterprise Linux 8 V1R13.
++
++    In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this
++    configuration baseline as applicable to the operating system tier of
++    Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as:
++
++    - Red Hat Enterprise Linux Server
++    - Red Hat Enterprise Linux Workstation and Desktop
++    - Red Hat Enterprise Linux for HPC
++    - Red Hat Storage
++    - Red Hat Containers with a Red Hat Enterprise Linux 8 image
 +
 +    Warning: The installation and use of a Graphical User Interface (GUI)
 +    increases your attack vector and decreases your overall security posture. If
@@ -35352,18 +23031,6 @@ index 000000000..30419e92b
 +<xsl:include href="table-style.xslt"/>
 +
 +</xsl:stylesheet>
-diff --git a/shared/checks/oval/install_mcafee_hbss.xml b/shared/checks/oval/install_mcafee_hbss.xml
-index ae2203571..ebc165296 100644
---- a/shared/checks/oval/install_mcafee_hbss.xml
-+++ b/shared/checks/oval/install_mcafee_hbss.xml
-@@ -10,6 +10,7 @@
- 	<platform>multi_platform_ol</platform>
- 	<platform>multi_platform_rhcos</platform>
- 	<platform>multi_platform_rhel</platform>
-+<platform>multi_platform_almalinux</platform>
- 	<platform>multi_platform_rhv</platform>
- 	<platform>multi_platform_sle</platform>
- 	<platform>multi_platform_ubuntu</platform>
 diff --git a/shared/checks/oval/installed_OS_is_almalinux8.xml b/shared/checks/oval/installed_OS_is_almalinux8.xml
 new file mode 100644
 index 000000000..91af880dd
@@ -35407,10 +23074,10 @@ index 000000000..91af880dd
 +
 +</def-group>
 diff --git a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-index affb9770c..7273e6d7d 100644
+index e5cf1ffba..29e76b97e 100644
 --- a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
 +++ b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-@@ -12,6 +12,7 @@
+@@ -14,6 +14,7 @@
  	<platform>multi_platform_ol</platform>
  	<platform>multi_platform_rhcos</platform>
  	<platform>multi_platform_rhel</platform>
@@ -35418,27 +23085,27 @@ index affb9770c..7273e6d7d 100644
  	<platform>multi_platform_rhv</platform>
  	<platform>multi_platform_sle</platform>
      <platform>multi_platform_ubuntu</platform>
-diff --git a/shared/references/disa-stig-almalinux8-v1r10-xccdf-scap.xml b/shared/references/disa-stig-almalinux8-v1r10-xccdf-scap.xml
+diff --git a/shared/references/disa-stig-almalinux8-v1r12-xccdf-scap.xml b/shared/references/disa-stig-almalinux8-v1r12-xccdf-scap.xml
 new file mode 120000
-index 000000000..a0292d655
+index 000000000..8b175b211
 --- /dev/null
-+++ b/shared/references/disa-stig-almalinux8-v1r10-xccdf-scap.xml
++++ b/shared/references/disa-stig-almalinux8-v1r12-xccdf-scap.xml
 @@ -0,0 +1 @@
-+disa-stig-rhel8-v1r10-xccdf-scap.xml
++disa-stig-rhel8-v1r12-xccdf-scap.xml
 \ No newline at end of file
-diff --git a/shared/references/disa-stig-almalinux8-v1r11-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v1r11-xccdf-manual.xml
+diff --git a/shared/references/disa-stig-almalinux8-v1r13-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v1r13-xccdf-manual.xml
 new file mode 120000
-index 000000000..52c4ef757
+index 000000000..7e3fb4c84
 --- /dev/null
-+++ b/shared/references/disa-stig-almalinux8-v1r11-xccdf-manual.xml
++++ b/shared/references/disa-stig-almalinux8-v1r13-xccdf-manual.xml
 @@ -0,0 +1 @@
-+disa-stig-rhel8-v1r11-xccdf-manual.xml
++disa-stig-rhel8-v1r13-xccdf-manual.xml
 \ No newline at end of file
-diff --git a/shared/references/disa-stig-ol7-v2r11-xccdf-manual.xml b/shared/references/disa-stig-ol7-v2r11-xccdf-manual.xml
-index 7d240fe02..b311997bb 100644
---- a/shared/references/disa-stig-ol7-v2r11-xccdf-manual.xml
-+++ b/shared/references/disa-stig-ol7-v2r11-xccdf-manual.xml
-@@ -929,7 +929,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
+diff --git a/shared/references/disa-stig-ol7-v2r14-xccdf-manual.xml b/shared/references/disa-stig-ol7-v2r14-xccdf-manual.xml
+index 1d087be21..306818938 100644
+--- a/shared/references/disa-stig-ol7-v2r14-xccdf-manual.xml
++++ b/shared/references/disa-stig-ol7-v2r14-xccdf-manual.xml
+@@ -934,7 +934,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
  $ sudo grep -iw grub2_password /boot/grub2/user.cfg
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
@@ -35447,7 +23114,7 @@ index 7d240fe02..b311997bb 100644
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -941,7 +941,7 @@ For systems that are running a version of Oracle Linux prior to 7.2, this is Not
+@@ -946,7 +946,7 @@ For systems that are running a version of Oracle Linux prior to 7.2, this is Not
  
  Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
  
@@ -35456,7 +23123,7 @@ index 7d240fe02..b311997bb 100644
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
  If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.</check-content></check></Rule></Group><Group id="V-221703"><title>SRG-OS-000104-GPOS-00051</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-221703r818811_rule" weight="10.0" severity="medium"><version>OL07-00-010500</version><title>The Oracle Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.</title><description>&lt;VulnDiscussion&gt;To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
-@@ -1836,7 +1836,7 @@ On BIOS-based machines, use the following command:
+@@ -1838,7 +1838,7 @@ On BIOS-based machines, use the following command:
  
  On UEFI-based machines, use the following command:
  
@@ -35465,7 +23132,7 @@ index 7d240fe02..b311997bb 100644
  
  If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=&lt;partition of /boot or /boot/efi&gt; must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
  
-@@ -1867,7 +1867,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
+@@ -1869,7 +1869,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
  
  If a "dracut-fips" package is installed, check to see if the kernel command line is configured to use FIPS mode with the following command:
  
@@ -35474,24 +23141,36 @@ index 7d240fe02..b311997bb 100644
  
  # grep fips /boot/grub2/grub.cfg
  /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0 rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us rd.lvm.lv=rhel/root rhgb fips=1 quiet
-@@ -1939,14 +1939,14 @@ An example rule that includes the "sha512" rule follows:
+@@ -1941,23 +1941,23 @@ An example rule that includes the "sha512" rule follows:
  
- If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.</check-content></check></Rule></Group><Group id="V-221762"><title>SRG-OS-000364-GPOS-00151</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-221762r860864_rule" weight="10.0" severity="medium"><version>OL07-00-021700</version><title>The Oracle Linux operating system must not allow removable media to be used as the boot loader unless approved.</title><description>&lt;VulnDiscussion&gt;Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the Information System Security Officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 7</dc:subject><dc:identifier>4089</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-108367</ident><ident system="http://cyber.mil/legacy">V-99263</ident><ident system="http://cyber.mil/cci">CCI-001813</ident><fixtext fixref="F-23466r419359_fix">Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.</fixtext><fix id="F-23466r419359_fix" /><check system="C-23477r858455_chk"><check-content-ref href="Oracle_Linux_7_STIG.xml" name="M" /><check-content>Verify the system is not configured to use a boot loader on removable media.
+ If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.</check-content></check></Rule></Group><Group id="V-221762"><title>SRG-OS-000364-GPOS-00151</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-221762r928542_rule" weight="10.0" severity="medium"><version>OL07-00-021700</version><title>The Oracle Linux operating system must not allow removable media to be used as the boot loader unless approved.</title><description>&lt;VulnDiscussion&gt;Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the information system security officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 7</dc:subject><dc:identifier>4089</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-108367</ident><ident system="http://cyber.mil/legacy">V-99263</ident><ident system="http://cyber.mil/cci">CCI-001813</ident><fixtext fixref="F-23466r419359_fix">Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.</fixtext><fix id="F-23466r419359_fix" /><check system="C-23477r928541_chk"><check-content-ref href="Oracle_Linux_7_STIG.xml" name="M" /><check-content>Verify the system is not configured to use a boot loader on removable media.
  
 -Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
 +Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
  
  Check for the existence of alternate boot loader configuration files with the following command:
  
- # find / -name grub.cfg
- /boot/grub2/grub.cfg
+      # find / -name grub.cfg
+-     /boot/efi/EFI/redhat/grub.cfg
++     /boot/efi/EFI/almalinux/grub.cfg
  
--If a "grub.cfg" is found in any subdirectories other than "/boot/grub2" and "/boot/efi/EFI/redhat", ask the System Administrator if there is documentation signed by the ISSO to approve the use of removable media as a boot loader. 
-+If a "grub.cfg" is found in any subdirectories other than "/boot/grub2" and "/boot/efi/EFI/almalinux", ask the System Administrator if there is documentation signed by the ISSO to approve the use of removable media as a boot loader. 
+-If a "grub.cfg" is found in any subdirectories other than "/boot/grub2/" and "/boot/efi/EFI/redhat/", ask the system administrator (SA) if there is documentation signed by the information system security officer (ISSO) to approve the use of removable media as a boot loader. 
++If a "grub.cfg" is found in any subdirectories other than "/boot/grub2/" and "/boot/efi/EFI/almalinux/", ask the system administrator (SA) if there is documentation signed by the information system security officer (ISSO) to approve the use of removable media as a boot loader. 
  
- Check that the grub configuration file has the set root command in each menu entry with the following commands:
+ List the number of menu entries defined in the grub configuration file with the following command (the number will vary between systems):
  
-@@ -4479,12 +4479,12 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
+-     # grep -cw menuentry /boot/efi/EFI/redhat/grub.cfg
++     # grep -cw menuentry /boot/efi/EFI/almalinux/grub.cfg
+      4
+ 
+ Check that the grub configuration file has the "set root" command for each menu entry with the following command ("set root" defines the disk and partition or directory where the kernel and GRUB 2 modules are stored):
+ 
+-     # grep 'set root' /boot/efi/EFI/redhat/grub.cfg
++     # grep 'set root' /boot/efi/EFI/almalinux/grub.cfg
+      set root='hd0,gpt2'
+      set root='hd0,gpt2'
+      set root='hd0,gpt2'
+@@ -4481,12 +4481,12 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
  
  Generate a new grub.cfg file with the following command:
  
@@ -35506,11 +23185,11 @@ index 7d240fe02..b311997bb 100644
  set superusers="[someuniquestringhere]"
  export superusers
  
-diff --git a/shared/references/disa-stig-ol8-v1r6-xccdf-manual.xml b/shared/references/disa-stig-ol8-v1r6-xccdf-manual.xml
-index 8181b3b09..364c07f42 100644
---- a/shared/references/disa-stig-ol8-v1r6-xccdf-manual.xml
-+++ b/shared/references/disa-stig-ol8-v1r6-xccdf-manual.xml
-@@ -439,7 +439,7 @@ SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-51923r818600_fix" /><check system=
+diff --git a/shared/references/disa-stig-ol8-v1r9-xccdf-manual.xml b/shared/references/disa-stig-ol8-v1r9-xccdf-manual.xml
+index 750f80b02..934912a5e 100644
+--- a/shared/references/disa-stig-ol8-v1r9-xccdf-manual.xml
++++ b/shared/references/disa-stig-ol8-v1r9-xccdf-manual.xml
+@@ -434,7 +434,7 @@ SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-51923r818600_fix" /><check system=
  
  If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "5000", this is a finding.
  
@@ -35519,7 +23198,7 @@ index 8181b3b09..364c07f42 100644
   
  Generate an encrypted grub2 password for the grub superusers account with the following command: 
   
-@@ -449,7 +449,7 @@ Confirm password:</fixtext><fix id="F-51925r779176_fix" /><check system="C-51971
+@@ -444,7 +444,7 @@ Confirm password:</fixtext><fix id="F-51925r779176_fix" /><check system="C-51971
   
  Determine if an encrypted password is set for the grub superusers account. On systems that use UEFI, use the following command: 
   
@@ -35528,7 +23207,7 @@ index 8181b3b09..364c07f42 100644
   
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash] 
   
-@@ -464,11 +464,11 @@ password_pbkdf2 [someuniqueUserNamehere] ${GRUB2_PASSWORD}
+@@ -459,11 +459,11 @@ password_pbkdf2 [someuniqueUserNamehere] ${GRUB2_PASSWORD}
  
  Generate a new grub.cfg file with the following command:
  
@@ -35542,11 +23221,11 @@ index 8181b3b09..364c07f42 100644
  set superusers="[someuniqueUserNamehere]"
  export superusers
  
-diff --git a/shared/references/disa-stig-rhel7-v3r12-xccdf-manual.xml b/shared/references/disa-stig-rhel7-v3r12-xccdf-manual.xml
-index 23f4d10ba..1deead50b 100644
---- a/shared/references/disa-stig-rhel7-v3r12-xccdf-manual.xml
-+++ b/shared/references/disa-stig-rhel7-v3r12-xccdf-manual.xml
-@@ -906,7 +906,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
+diff --git a/shared/references/disa-stig-rhel7-v3r14-xccdf-manual.xml b/shared/references/disa-stig-rhel7-v3r14-xccdf-manual.xml
+index 77da6ecf9..ba6bdc8d9 100644
+--- a/shared/references/disa-stig-rhel7-v3r14-xccdf-manual.xml
++++ b/shared/references/disa-stig-rhel7-v3r14-xccdf-manual.xml
+@@ -907,7 +907,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
  $ sudo grep -iw grub2_password /boot/grub2/user.cfg
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
@@ -35555,7 +23234,7 @@ index 23f4d10ba..1deead50b 100644
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -918,7 +918,7 @@ For systems that are running a version of RHEL prior to 7.2, this is Not Applica
+@@ -919,7 +919,7 @@ For systems that are running a version of RHEL prior to 7.2, this is Not Applica
  
  Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
  
@@ -35564,7 +23243,7 @@ index 23f4d10ba..1deead50b 100644
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
  If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.</check-content></check></Rule></Group><Group id="V-204441"><title>SRG-OS-000104-GPOS-00051</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-204441r818813_rule" weight="10.0" severity="medium"><version>RHEL-07-010500</version><title>The Red Hat Enterprise Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.</title><description>&lt;VulnDiscussion&gt;To assure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
-@@ -1864,7 +1864,7 @@ On BIOS-based machines, use the following command:
+@@ -1847,7 +1847,7 @@ On BIOS-based machines, use the following command:
  
  On UEFI-based machines, use the following command:
  
@@ -35573,7 +23252,7 @@ index 23f4d10ba..1deead50b 100644
  
  If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=&lt;partition of /boot or /boot/efi&gt; must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
  
-@@ -1895,7 +1895,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
+@@ -1878,7 +1878,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
  
  If a "dracut-fips" package is installed, check to see if the kernel command line is configured to use FIPS mode with the following command:
  
@@ -35582,24 +23261,36 @@ index 23f4d10ba..1deead50b 100644
  
  # grep fips /boot/grub2/grub.cfg
  /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0 rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us rd.lvm.lv=rhel/root rhgb fips=1 quiet
-@@ -1968,14 +1968,14 @@ An example rule that includes the "sha512" rule follows:
+@@ -1951,23 +1951,23 @@ An example rule that includes the "sha512" rule follows:
  
- If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.</check-content></check></Rule></Group><Group id="V-204501"><title>SRG-OS-000364-GPOS-00151</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-204501r861008_rule" weight="10.0" severity="medium"><version>RHEL-07-021700</version><title>The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved.</title><description>&lt;VulnDiscussion&gt;Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the Information System Security Officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86699</ident><ident system="http://cyber.mil/legacy">V-72075</ident><ident system="http://cyber.mil/cci">CCI-000318</ident><ident system="http://cyber.mil/cci">CCI-000368</ident><ident system="http://cyber.mil/cci">CCI-001812</ident><ident system="http://cyber.mil/cci">CCI-001813</ident><ident system="http://cyber.mil/cci">CCI-001814</ident><fixtext fixref="F-4625r88696_fix">Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.</fixtext><fix id="F-4625r88696_fix" /><check system="C-4625r858481_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the system is not configured to use a boot loader on removable media.
+ If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.</check-content></check></Rule></Group><Group id="V-204501"><title>SRG-OS-000364-GPOS-00151</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-204501r928576_rule" weight="10.0" severity="medium"><version>RHEL-07-021700</version><title>The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved.</title><description>&lt;VulnDiscussion&gt;Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the information system security officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86699</ident><ident system="http://cyber.mil/legacy">V-72075</ident><ident system="http://cyber.mil/cci">CCI-000318</ident><ident system="http://cyber.mil/cci">CCI-000368</ident><ident system="http://cyber.mil/cci">CCI-001812</ident><ident system="http://cyber.mil/cci">CCI-001813</ident><ident system="http://cyber.mil/cci">CCI-001814</ident><fixtext fixref="F-4625r88696_fix">Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.</fixtext><fix id="F-4625r88696_fix" /><check system="C-4625r928575_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the system is not configured to use a boot loader on removable media.
  
 -Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
 +Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
  
  Check for the existence of alternate boot loader configuration files with the following command:
  
- # find / -name grub.cfg
- /boot/grub2/grub.cfg
+      # find / -name grub.cfg
+-     /boot/efi/EFI/redhat/grub.cfg
++     /boot/efi/EFI/almalinux/grub.cfg
  
--If a "grub.cfg" is found in any subdirectories other than "/boot/grub2" and "/boot/efi/EFI/redhat", ask the System Administrator if there is documentation signed by the ISSO to approve the use of removable media as a boot loader. 
-+If a "grub.cfg" is found in any subdirectories other than "/boot/grub2" and "/boot/efi/EFI/almalinux", ask the System Administrator if there is documentation signed by the ISSO to approve the use of removable media as a boot loader. 
+-If a "grub.cfg" is found in any subdirectories other than "/boot/grub2/" and "/boot/efi/EFI/redhat/", ask the system administrator (SA) if there is documentation signed by the ISSO to approve the use of removable media as a boot loader. 
++If a "grub.cfg" is found in any subdirectories other than "/boot/grub2/" and "/boot/efi/EFI/almalinux/", ask the system administrator (SA) if there is documentation signed by the ISSO to approve the use of removable media as a boot loader. 
  
- Check that the grub configuration file has the set root command in each menu entry with the following commands:
+ List the number of menu entries defined in the grub configuration file with the following command (the number will vary between systems):
  
-@@ -4475,13 +4475,13 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
+-     # grep -cw menuentry /boot/efi/EFI/redhat/grub.cfg
++     # grep -cw menuentry /boot/efi/EFI/almalinux/grub.cfg
+      4
+ 
+ Check that the grub configuration file has the "set root" command for each menu entry with the following command ("set root" defines the disk and partition or directory where the kernel and GRUB 2 modules are stored):
+ 
+-     # grep 'set root' /boot/efi/EFI/redhat/grub.cfg
++     # grep 'set root' /boot/efi/EFI/almalinux/grub.cfg
+      set root='hd0,gpt2'
+      set root='hd0,gpt2'
+      set root='hd0,gpt2'
+@@ -4457,13 +4457,13 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
  
  Generate a new grub.cfg file with the following command:
  
@@ -35615,11 +23306,11 @@ index 23f4d10ba..1deead50b 100644
      set superusers="[someuniquestringhere]"
      export superusers
  
-diff --git a/shared/references/disa-stig-rhel7-v3r12-xccdf-scap.xml b/shared/references/disa-stig-rhel7-v3r12-xccdf-scap.xml
-index 6d3098742..fe60061cd 100644
---- a/shared/references/disa-stig-rhel7-v3r12-xccdf-scap.xml
-+++ b/shared/references/disa-stig-rhel7-v3r12-xccdf-scap.xml
-@@ -3228,7 +3228,7 @@ Confirm password:</xccdf:fixtext>
+diff --git a/shared/references/disa-stig-rhel7-v3r14-xccdf-scap.xml b/shared/references/disa-stig-rhel7-v3r14-xccdf-scap.xml
+index 2417b5813..cad9967ce 100644
+--- a/shared/references/disa-stig-rhel7-v3r14-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel7-v3r14-xccdf-scap.xml
+@@ -3133,7 +3133,7 @@ Confirm password:</xccdf:fixtext>
            <xccdf:ident system="http://cyber.mil/legacy">SV-95719</xccdf:ident>
            <xccdf:ident system="http://cyber.mil/legacy">V-81007</xccdf:ident>
            <xccdf:ident system="http://cyber.mil/cci">CCI-000213</xccdf:ident>
@@ -35628,7 +23319,7 @@ index 6d3098742..fe60061cd 100644
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -4005,7 +4005,7 @@ On BIOS-based machines, use the following command:
+@@ -3942,7 +3942,7 @@ On BIOS-based machines, use the following command:
  
  On UEFI-based machines, use the following command:
  
@@ -35637,17 +23328,7 @@ index 6d3098742..fe60061cd 100644
  
  If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=&lt;partition of /boot or /boot/efi&gt; must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
  
-@@ -7537,7 +7537,8 @@ Remove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/
-             <title>Disable Prelinking</title>
-             <affected family="unix">
-               <platform>multi_platform_fedora</platform>
--              <platform>multi_platform_rhel</platform>
-+              <platform>multi_platform_rhel</platform>
-+<platform>multi_platform_almalinux</platform>
-               <platform>multi_platform_rhel-osp</platform>
-             </affected>
-             <description>The prelinking feature can interfere with the operation of
-@@ -7568,7 +7569,8 @@ Remove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/
+@@ -7619,7 +7619,8 @@ Remove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/
            <metadata>
              <title>Package openssh-server Removed</title>
              <affected family="unix">
@@ -35657,7 +23338,7 @@ index 6d3098742..fe60061cd 100644
                <platform>multi_platform_fedora</platform>
                <platform>multi_platform_sle</platform>
              </affected>
-@@ -8339,7 +8341,8 @@ Password complexity is one factor of several that determines how long it takes t
+@@ -8231,7 +8232,8 @@ Operating systems need to track periods of inactivity and disable application id
            <metadata>
              <title>Limit Password Reuse</title>
              <affected family="unix">
@@ -35667,7 +23348,7 @@ index 6d3098742..fe60061cd 100644
                <platform>multi_platform_fedora</platform>
              </affected>
              <description>The passwords to remember should be set correctly.</description>
-@@ -8355,7 +8358,8 @@ Password complexity is one factor of several that determines how long it takes t
+@@ -8247,7 +8249,8 @@ Operating systems need to track periods of inactivity and disable application id
            <metadata>
              <title>RHEL-07-040160 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements.</title>
              <affected family="unix">
@@ -35677,7 +23358,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <description>Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free up resources committed by the managed network element. 
  
-@@ -8412,7 +8416,8 @@ Terminating network connections associated with communications sessions includes
+@@ -8304,7 +8307,8 @@ Terminating network connections associated with communications sessions includes
            <metadata>
              <title>RHEL-07-030410 - The Red Hat Enterprise Linux operating system must audit all uses of the chmod, fchmod and fchmodat syscalls.</title>
              <affected family="unix">
@@ -35687,7 +23368,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -8468,7 +8473,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -8360,7 +8364,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>RHEL-07-030370 - The Red Hat Enterprise Linux operating system must audit all uses of the chown, fchown, fchownat and lchown syscalls.</title>
              <affected family="unix">
@@ -35697,7 +23378,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27364-9" />
              <reference ref_id="audit_rules_dac_modification_chown" source="ssg" />
-@@ -8514,7 +8520,8 @@ When a user logs on, the auid is set to the uid of the account that is being aut
+@@ -8406,7 +8411,8 @@ When a user logs on, the auid is set to the uid of the account that is being aut
            <metadata>
              <title>RHEL-07-030440 - The Red Hat Enterprise Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr and lremovexattr syscalls.</title>
              <affected family="unix">
@@ -35707,7 +23388,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27213-8" />
              <reference ref_id="audit_rules_dac_modification_setxattr" source="ssg" />
-@@ -9611,7 +9618,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9503,7 +9509,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>Disable Host-Based Authentication</title>
              <affected family="unix">
@@ -35717,17 +23398,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <description>SSH host-based authentication should be disabled.</description>
              <reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27413-4" />
-@@ -9626,7 +9634,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
-           <metadata>
-             <title>Package prelink Removed</title>
-             <affected family="unix">
--              <platform>multi_platform_rhel</platform>
-+              <platform>multi_platform_rhel</platform>
-+<platform>multi_platform_almalinux</platform>
-             </affected>
-             <description>The RPM package prelink should be removed.</description>
-             <reference ref_id="package_prelink_removed" source="ssg" />
-@@ -9769,7 +9778,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9614,7 +9621,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>Mount Remote Filesystems with nosuid</title>
              <affected family="unix">
@@ -35737,7 +23408,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-80240-5" />
              <reference ref_id="mount_option_nosuid_remote_filesystems" source="ssg" />
-@@ -9799,7 +9809,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9644,7 +9652,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>Package net-snmp Removed</title>
              <affected family="unix">
@@ -35747,7 +23418,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <description>The RPM package net-snmp should be removed.</description>
              <reference ref_id="package_net-snmp_removed" source="ssg" />
-@@ -9826,7 +9837,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9671,7 +9680,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>Package telnet-server Removed</title>
              <affected family="unix">
@@ -35757,7 +23428,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <description>The RPM package telnet-server should be removed.</description>
              <reference ref_id="package_telnet-server_removed" source="ssg" />
-@@ -9854,7 +9866,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9699,7 +9709,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>Package vsftpd Removed</title>
              <affected family="unix">
@@ -35767,7 +23438,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <description>The RPM package vsftpd should be removed.</description>
              <reference ref_id="package_vsftpd_removed" source="ssg" />
-@@ -9867,7 +9880,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9712,7 +9723,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>Package xorg-x11-server-common Removed</title>
              <affected family="unix">
@@ -35777,7 +23448,7 @@ index 6d3098742..fe60061cd 100644
                <platform>multi_platform_fedora</platform>
              </affected>
              <reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27218-7" />
-@@ -9896,7 +9910,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9741,7 +9753,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>Ensure /home Located On Separate Partition</title>
              <affected family="unix">
@@ -35787,7 +23458,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <description>If user home directories will be stored locally, create a
        separate partition for /home. If /home will be mounted from another
-@@ -9914,7 +9929,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9759,7 +9772,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>Ensure /var Located On Separate Partition</title>
              <affected family="unix">
@@ -35797,7 +23468,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-26404-4" />
              <reference ref_id="partition_for_var" source="ssg" />
-@@ -9932,7 +9948,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9777,7 +9791,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>Ensure /var/log/audit Located On Separate Partition</title>
              <affected family="unix">
@@ -35807,7 +23478,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-26971-2" />
              <reference ref_id="partition_for_var_log_audit" source="ssg" />
-@@ -9951,7 +9968,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9796,7 +9811,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
              <title>Verify File Hashes with RPM</title>
              <affected family="unix">
                <platform>multi_platform_fedora</platform>
@@ -35817,7 +23488,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <description>Verify the RPM digests of system binaries using the RPM database.</description>
              <reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27157-7" />
-@@ -10025,7 +10043,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9853,7 +9869,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>Ensure Only Protocol 2 Connections Allowed</title>
              <affected family="unix">
@@ -35827,7 +23498,7 @@ index 6d3098742..fe60061cd 100644
                <platform>multi_platform_debian</platform>
                <platform>multi_platform_ubuntu</platform>
              </affected>
-@@ -10061,7 +10080,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9889,7 +9906,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>Disable .rhosts Files</title>
              <affected family="unix">
@@ -35837,7 +23508,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27377-1" />
              <reference ref_id="sshd_disable_rhosts" source="ssg" />
-@@ -10126,7 +10146,8 @@ This should be disabled.</description>
+@@ -9954,7 +9972,8 @@ This should be disabled.</description>
            <metadata>
              <title>Do Not Allow Users to Set Environment Options</title>
              <affected family="unix">
@@ -35847,7 +23518,7 @@ index 6d3098742..fe60061cd 100644
              </affected>
              <description>PermitUserEnvironment should be disabled</description>
              <reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27363-1" />
-@@ -10475,7 +10496,8 @@ By specifying a cipher list with the order of ciphers being in a "strongest to w
+@@ -10286,7 +10305,8 @@ By specifying a cipher list with the order of ciphers being in a "strongest to w
            <metadata>
              <title>Package openssh-server is version 7.4 or higher</title>
              <affected family="unix">
@@ -35857,7 +23528,7 @@ index 6d3098742..fe60061cd 100644
                <platform>multi_platform_fedora</platform>
                <platform>multi_platform_sle</platform>
              </affected>
-@@ -10712,12 +10734,12 @@ The ability to enable/disable a session lock is given to the user by default. Di
+@@ -10510,12 +10530,12 @@ The ability to enable/disable a session lock is given to the user by default. Di
              <description>The UEFI grub2 boot loader should have password protection enabled.</description>
              <reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-80354-4" />
            </metadata>
@@ -35874,7 +23545,7 @@ index 6d3098742..fe60061cd 100644
              </criteria>
            </criteria>
          </definition>
-@@ -11662,7 +11684,7 @@ This requirement addresses concurrent sessions for information system accounts a
+@@ -11729,7 +11749,7 @@ This requirement addresses concurrent sessions for information system accounts a
          <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" check="all" check_existence="none_exist" comment="/boot/grub2/grub.cfg does not exist" id="oval:mil.disa.stig.rhel7:tst:909" version="1">
            <object object_ref="oval:mil.disa.stig.rhel7:obj:2710" />
          </file_test>
@@ -35883,7 +23554,7 @@ index 6d3098742..fe60061cd 100644
            <object object_ref="oval:mil.disa.stig.rhel7:obj:2713" />
          </file_test>
          <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="GUI banner is enabled" id="oval:mil.disa.stig.rhel7:tst:925" version="1">
-@@ -12191,10 +12213,10 @@ This requirement addresses concurrent sessions for information system accounts a
+@@ -12184,10 +12204,10 @@ This requirement addresses concurrent sessions for information system accounts a
          <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="superuser is defined in /boot/grub2/grub.cfg files." id="oval:mil.disa.stig.rhel7:tst:9571701" version="2">
            <object object_ref="oval:mil.disa.stig.rhel7:obj:9571701" />
          </textfilecontent54_test>
@@ -35896,7 +23567,7 @@ index 6d3098742..fe60061cd 100644
            <object object_ref="oval:mil.disa.stig.rhel7:obj:9571901" />
          </textfilecontent54_test>
          <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="at_least_one_exists" comment="/etc/audisp/plugins.d/au-remote.conf active = yes" id="oval:mil.disa.stig.rhel7:tst:9572700" version="2">
-@@ -13639,7 +13661,7 @@ This requirement addresses concurrent sessions for information system accounts a
+@@ -13837,7 +13857,7 @@ This requirement addresses concurrent sessions for information system accounts a
            <filepath>/boot/grub2/grub.cfg</filepath>
          </file_object>
          <file_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.rhel7:obj:2713" version="2">
@@ -35905,7 +23576,7 @@ index 6d3098742..fe60061cd 100644
          </file_object>
          <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel7:obj:2720" version="6">
            <behaviors multiline="true" max_depth="1" recurse_direction="down" />
-@@ -14441,12 +14463,12 @@ This requirement addresses concurrent sessions for information system accounts a
+@@ -14554,12 +14574,12 @@ This requirement addresses concurrent sessions for information system accounts a
            <instance datatype="int" operation="greater than or equal">1</instance>
          </textfilecontent54_object>
          <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel7:obj:9571900" version="2">
@@ -35920,7 +23591,16 @@ index 6d3098742..fe60061cd 100644
            <pattern operation="pattern match">^[\s]*set[\s]+superusers=\"\S+\"$</pattern>
            <instance datatype="int" operation="greater than or equal">1</instance>
          </textfilecontent54_object>
-@@ -15022,7 +15044,7 @@ This requirement addresses concurrent sessions for information system accounts a
+@@ -15096,7 +15116,7 @@ This requirement addresses concurrent sessions for information system accounts a
+       <variables>
+         <constant_variable datatype="string" id="oval:mil.disa.stig.defs:var:20449700" comment="grub.cfg locations" version="2">
+           <value>/boot/grub2/grub.cfg</value>
+-          <value>/boot/efi/EFI/redhat/grub.cfg</value>
++          <value>/boot/efi/EFI/almalinux/grub.cfg</value>
+         </constant_variable>
+         <local_variable id="oval:mil.disa.stig.defs:var:23036700" version="1" datatype="string" comment="Pattern to match lines starting with usernames of system users">
+           <concat>
+@@ -15129,7 +15149,7 @@ This requirement addresses concurrent sessions for information system accounts a
          <external_variable comment="Value of var_accounts_user_umask (the required umask) as string" datatype="string" id="oval:mil.disa.stig.rhel7:var:4211" version="1" />
          <constant_variable datatype="string" id="oval:mil.disa.stig.rhel7:var:12600" comment="grub.cfg locations" version="2">
            <value>/boot/grub2/grub.cfg</value>
@@ -35929,11 +23609,11 @@ index 6d3098742..fe60061cd 100644
          </constant_variable>
          <constant_variable datatype="string" comment="other sysctl configuration file locations" id="oval:mil.disa.stig.rhel7:var:14400" version="1">
            <value>/etc/sysctl.d</value>
-diff --git a/shared/references/disa-stig-rhel8-v1r10-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v1r10-xccdf-scap.xml
-index a6e6e2c0b..67788580d 100644
---- a/shared/references/disa-stig-rhel8-v1r10-xccdf-scap.xml
-+++ b/shared/references/disa-stig-rhel8-v1r10-xccdf-scap.xml
-@@ -2549,7 +2549,7 @@ SHA_CRYPT_MIN_ROUNDS 5000</xccdf:fixtext>
+diff --git a/shared/references/disa-stig-rhel8-v1r12-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v1r12-xccdf-scap.xml
+index cf7ead7c0..860287958 100644
+--- a/shared/references/disa-stig-rhel8-v1r12-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel8-v1r12-xccdf-scap.xml
+@@ -2579,7 +2579,7 @@ SHA_CRYPT_MIN_ROUNDS 5000</xccdf:fixtext>
              <dc:identifier>2921</dc:identifier>
            </xccdf:reference>
            <xccdf:ident system="http://cyber.mil/cci">CCI-000213</xccdf:ident>
@@ -35942,7 +23622,7 @@ index a6e6e2c0b..67788580d 100644
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -9907,7 +9907,8 @@ Add the following line to the "/etc/pam.d/system-auth" file (or modify the line
+@@ -10257,7 +10257,8 @@ Note: To preserve running user programs such as tmux, uncomment and/or edit "Kil
            <metadata>
              <title>The system is RHEL 8.3 or lower</title>
              <affected family="unix">
@@ -35952,7 +23632,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description />
            </metadata>
-@@ -9919,7 +9920,8 @@ Add the following line to the "/etc/pam.d/system-auth" file (or modify the line
+@@ -10269,7 +10270,8 @@ Note: To preserve running user programs such as tmux, uncomment and/or edit "Kil
            <metadata>
              <title>The RHEL 8 version is RHEL 8.2 or newer.</title>
              <affected family="unix">
@@ -35962,7 +23642,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>External definition used to determine if the RHEL 8 version is RHEL 8.2 or newer for version applicability based requirements.</description>
            </metadata>
-@@ -9932,7 +9934,8 @@ Add the following line to the "/etc/pam.d/system-auth" file (or modify the line
+@@ -10282,7 +10284,8 @@ Note: To preserve running user programs such as tmux, uncomment and/or edit "Kil
            <metadata>
              <title>IPv6 is disabled in the kernel.</title>
              <affected family="unix">
@@ -35972,7 +23652,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>IPv6 is disabled in the kernel, either via a kernel cmdline option or sysctl.</description>
            </metadata>
-@@ -9948,7 +9951,8 @@ Add the following line to the "/etc/pam.d/system-auth" file (or modify the line
+@@ -10298,7 +10301,8 @@ Note: To preserve running user programs such as tmux, uncomment and/or edit "Kil
            <metadata>
              <title>OpenSSH is installed.</title>
              <affected family="unix">
@@ -35982,17 +23662,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>OpenSSH is installed</description>
            </metadata>
-@@ -9960,7 +9964,8 @@ Add the following line to the "/etc/pam.d/system-auth" file (or modify the line
-           <metadata>
-             <title>RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the Federal Government since this provides assurance they have been tested and validated.
- 
-@@ -9977,7 +9982,8 @@ The fips=1 kernel option needs to be added to the kernel command line during sys
+@@ -10310,7 +10314,8 @@ Note: To preserve running user programs such as tmux, uncomment and/or edit "Kil
            <metadata>
              <title>RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.</title>
              <affected family="unix">
@@ -36002,7 +23672,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.
  
-@@ -9993,7 +9999,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -10326,7 +10331,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            <metadata>
              <title>RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.</title>
              <affected family="unix">
@@ -36012,7 +23682,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The system must use a strong hashing algorithm to store the password.
  
-@@ -10007,7 +10014,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -10340,7 +10346,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            <metadata>
              <title>RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.</title>
              <affected family="unix">
@@ -36022,7 +23692,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The system must use a strong hashing algorithm to store the password. The system must use a sufficient number of hashing rounds to ensure the required level of entropy.
  
-@@ -10022,15 +10030,16 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -10355,15 +10362,16 @@ Passwords need to be protected at all times, and encryption is the standard meth
            <metadata>
              <title>RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance.</title>
              <affected family="unix">
@@ -36044,7 +23714,7 @@ index a6e6e2c0b..67788580d 100644
              </criteria>
            </criteria>
          </definition>
-@@ -10038,7 +10047,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -10371,7 +10379,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            <metadata>
              <title>RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.</title>
              <affected family="unix">
@@ -36054,7 +23724,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</description>
            </metadata>
-@@ -10054,7 +10064,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -10387,7 +10396,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            <metadata>
              <title>RHEL-08-010160 - RHEL 8 operating systems must require authentication upon booting into rescue mode.</title>
              <affected family="unix">
@@ -36064,17 +23734,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If the system does not require valid root authentication before it boots into rescue mode, anyone who invokes rescue mode is granted privileged access to all files on the system.</description>
            </metadata>
-@@ -10066,7 +10077,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
-           <metadata>
-             <title>RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
- 
-@@ -10082,7 +10094,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -10399,7 +10409,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            <metadata>
              <title>RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication.</title>
              <affected family="unix">
@@ -36084,7 +23744,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -10102,7 +10115,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -10419,7 +10430,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            <metadata>
              <title>RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.</title>
              <affected family="unix">
@@ -36094,7 +23754,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -10122,7 +10136,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -10439,7 +10451,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            <metadata>
              <title>RHEL-08-010171 - RHEL 8 must have the policycoreutils package installed.</title>
              <affected family="unix">
@@ -36104,7 +23764,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
  
-@@ -10136,7 +10151,8 @@ Policycoreutils contains the policy core utilities that are required for basic o
+@@ -10453,7 +10466,8 @@ Policycoreutils contains the policy core utilities that are required for basic o
            <metadata>
              <title>RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive.</title>
              <affected family="unix">
@@ -36114,7 +23774,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -10150,7 +10166,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10467,7 +10481,8 @@ The structure and content of error messages must be carefully considered by the
            <metadata>
              <title>RHEL-08-010220 - The RHEL 8 /var/log/messages file must be owned by root.</title>
              <affected family="unix">
@@ -36124,7 +23784,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -10164,7 +10181,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10481,7 +10496,8 @@ The structure and content of error messages must be carefully considered by the
            <metadata>
              <title>RHEL-08-010230 - The RHEL 8 /var/log/messages file must be group-owned by root.</title>
              <affected family="unix">
@@ -36134,7 +23794,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -10178,7 +10196,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10495,7 +10511,8 @@ The structure and content of error messages must be carefully considered by the
            <metadata>
              <title>RHEL-08-010240 - The RHEL 8 /var/log directory must have mode 0755 or less permissive.</title>
              <affected family="unix">
@@ -36144,7 +23804,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -10192,7 +10211,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10509,7 +10526,8 @@ The structure and content of error messages must be carefully considered by the
            <metadata>
              <title>RHEL-08-010250 - The RHEL 8 /var/log directory must be owned by root.</title>
              <affected family="unix">
@@ -36154,7 +23814,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -10206,7 +10226,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10523,7 +10541,8 @@ The structure and content of error messages must be carefully considered by the
            <metadata>
              <title>RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root.</title>
              <affected family="unix">
@@ -36164,7 +23824,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -10220,7 +10241,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10537,7 +10556,8 @@ The structure and content of error messages must be carefully considered by the
            <metadata>
              <title>RHEL-08-010292 - RHEL 8 must ensure the SSH server uses strong entropy.</title>
              <affected family="unix">
@@ -36174,7 +23834,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.
  
-@@ -10236,7 +10258,8 @@ The SSH implementation in RHEL8 uses the OPENSSL library, which does not use hig
+@@ -10553,7 +10573,8 @@ The SSH implementation in RHEL8 uses the OPENSSL library, which does not use hig
            <metadata>
              <title>RHEL-08-010294 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the OpenSSL package.</title>
              <affected family="unix">
@@ -36184,7 +23844,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
  
-@@ -10264,7 +10287,8 @@ RHEL 8 incorporates system-wide crypto policies by default.  The employed algori
+@@ -10581,7 +10602,8 @@ RHEL 8 incorporates system-wide crypto policies by default.  The employed algori
            <metadata>
              <title>RHEL-08-010310 - RHEL 8 system commands must be owned by root.</title>
              <affected family="unix">
@@ -36194,7 +23854,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
  
-@@ -10278,7 +10302,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+@@ -10595,7 +10617,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
            <metadata>
              <title>RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account.</title>
              <affected family="unix">
@@ -36204,7 +23864,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
  
-@@ -10292,7 +10317,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+@@ -10609,7 +10632,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
            <metadata>
              <title>RHEL-08-010370 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.</title>
              <affected family="unix">
@@ -36214,7 +23874,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
  
-@@ -10309,7 +10335,8 @@ Verifying the authenticity of the software prior to installation validates the i
+@@ -10626,7 +10650,8 @@ Verifying the authenticity of the software prior to installation validates the i
            <metadata>
              <title>RHEL-08-010372 - RHEL 8 must prevent the loading of a new kernel for later execution.</title>
              <affected family="unix">
@@ -36224,7 +23884,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
  
-@@ -10332,7 +10359,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10649,7 +10674,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010373 - RHEL 8 must enable kernel parameters to enforce discretionary access control on symlinks.</title>
              <affected family="unix">
@@ -36234,7 +23894,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write).  Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment.  DAC allows the owner to determine who will have access to objects they control.  An example of DAC includes user-controlled file permissions.  
  
-@@ -10356,7 +10384,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10673,7 +10699,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010374 - RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.</title>
              <affected family="unix">
@@ -36244,7 +23904,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
  
-@@ -10381,7 +10410,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10698,7 +10725,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010375 - RHEL 8 must restrict access to the kernel message buffer.</title>
              <affected family="unix">
@@ -36254,7 +23914,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
  
-@@ -10407,7 +10437,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10724,7 +10752,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010376 - RHEL 8 must prevent kernel profiling by unprivileged users.</title>
              <affected family="unix">
@@ -36264,7 +23924,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
  
-@@ -10434,7 +10465,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10751,7 +10780,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010380 - RHEL 8 must require users to provide a password for privilege escalation.</title>
              <affected family="unix">
@@ -36274,7 +23934,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
  
-@@ -10449,7 +10481,8 @@ When operating systems provide the capability to escalate a functional capabilit
+@@ -10766,7 +10796,8 @@ When operating systems provide the capability to escalate a functional capabilit
            <metadata>
              <title>RHEL-08-010381 - RHEL 8 must require users to reauthenticate for privilege escalation.</title>
              <affected family="unix">
@@ -36284,7 +23944,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
  
-@@ -10464,7 +10497,8 @@ When operating systems provide the capability to escalate a functional capabilit
+@@ -10781,7 +10812,8 @@ When operating systems provide the capability to escalate a functional capabilit
            <metadata>
              <title>RHEL-08-010390 - RHEL 8 must have the packages required for multifactor authentication installed.</title>
              <affected family="unix">
@@ -36294,7 +23954,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Using an authentication device, such as a DoD Common Access Card (CAC) or token that is separate from the information system, ensures that even if the information system is compromised, credentials stored on the authentication device will not be affected.
  
-@@ -10484,7 +10518,8 @@ This requirement only applies to components where this is specific to the functi
+@@ -10801,7 +10833,8 @@ This requirement only applies to components where this is specific to the functi
            <metadata>
              <title>RHEL-08-010430 - RHEL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.</title>
              <affected family="unix">
@@ -36304,7 +23964,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
  
-@@ -10507,7 +10542,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10824,7 +10857,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8.</title>
              <affected family="unix">
@@ -36314,17 +23974,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.</description>
            </metadata>
-@@ -10519,7 +10555,8 @@ The sysctl --system command will load settings from all system configuration fil
-           <metadata>
-             <title>RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
- 
-@@ -10533,7 +10570,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10836,7 +10870,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010460 - There must be no shosts.equiv files on the RHEL 8 operating system.</title>
              <affected family="unix">
@@ -36334,7 +23984,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The "shosts.equiv" files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.</description>
            </metadata>
-@@ -10545,7 +10583,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10848,7 +10883,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010470 - There must be no .shosts files on the RHEL 8 operating system.</title>
              <affected family="unix">
@@ -36344,7 +23994,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The ".shosts" files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.</description>
            </metadata>
-@@ -10557,7 +10596,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10860,7 +10896,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010480 - The RHEL 8 SSH public host key files must have mode 0644 or less permissive.</title>
              <affected family="unix">
@@ -36354,7 +24004,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If a public host key file is modified by an unauthorized user, the SSH service may be compromised.</description>
            </metadata>
-@@ -10570,7 +10610,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10873,7 +10910,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010490 - The RHEL 8 SSH private host key files must have mode 0640 or less permissive.</title>
              <affected family="unix">
@@ -36364,7 +24014,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If an unauthorized user obtains the private SSH host key file, the host could be impersonated.</description>
            </metadata>
-@@ -10583,7 +10624,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10886,7 +10924,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010500 - The RHEL 8 SSH daemon must perform strict mode checking of home directory configuration files.</title>
              <affected family="unix">
@@ -36374,7 +24024,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If other users have access to modify user-specific SSH configuration files, they may be able to log on to the system as another user.</description>
            </metadata>
-@@ -10596,7 +10638,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10899,7 +10938,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010520 - The RHEL 8 SSH daemon must not allow authentication using known hosts authentication.</title>
              <affected family="unix">
@@ -36384,7 +24034,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.</description>
            </metadata>
-@@ -10609,7 +10652,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10912,7 +10952,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010521 - The RHEL 8 SSH daemon must not allow Kerberos authentication, except to fulfill documented and validated mission requirements.</title>
              <affected family="unix">
@@ -36394,7 +24044,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Configuring these settings for the SSH daemon provides additional assurance that remote logon via SSH will not use Kerberos authentication, even in the event of misconfiguration elsewhere.</description>
            </metadata>
-@@ -10622,7 +10666,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10925,7 +10966,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010542 - RHEL 8 must use a separate file system for the system audit data path.</title>
              <affected family="unix">
@@ -36404,7 +24054,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.</description>
            </metadata>
-@@ -10635,7 +10680,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10938,7 +10980,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010543 - A separate RHEL 8 filesystem must be used for the /tmp directory.</title>
              <affected family="unix">
@@ -36414,7 +24064,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.</description>
            </metadata>
-@@ -10648,7 +10694,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10951,7 +10994,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010550 - RHEL 8 must not permit direct logons to the root account using remote access via SSH.</title>
              <affected family="unix">
@@ -36424,7 +24074,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Even though the communications channel may be encrypted, an additional layer of security is gained by extending the policy of not logging on directly as root. In addition, logging on with a user-specific account provides individual accountability of actions performed on the system.</description>
            </metadata>
-@@ -10661,7 +10708,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10964,7 +11008,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010560 - The auditd service must be running in RHEL 8.</title>
              <affected family="unix">
@@ -36434,7 +24084,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
  
-@@ -10676,7 +10724,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10979,7 +11024,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            <metadata>
              <title>RHEL-08-010561 - The rsyslog service must be running in RHEL 8.</title>
              <affected family="unix">
@@ -36444,7 +24094,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
  
-@@ -10691,12 +10740,13 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10994,12 +11040,13 @@ Configuration settings are the set of parameters that can be changed in hardware
            <metadata>
              <title>RHEL-08-010571 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.</title>
              <affected family="unix">
@@ -36460,7 +24110,7 @@ index a6e6e2c0b..67788580d 100644
              <criteria>
                <criterion test_ref="oval:mil.disa.stig.rhel8:tst:16200" comment="/boot is mounted an configured with the nosuid option." />
                <criterion test_ref="oval:mil.disa.stig.rhel8:tst:16201" comment="If /boot is configured in /etc/fstab it is with the nosuid option." />
-@@ -10707,7 +10757,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11010,7 +11057,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            <metadata>
              <title>RHEL-08-010580 - RHEL 8 must prevent special devices on non-root local partitions.</title>
              <affected family="unix">
@@ -36470,7 +24120,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.  The only legitimate location for device files is the /dev directory located on the root partition.</description>
            </metadata>
-@@ -10720,7 +10771,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11023,7 +11071,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            <metadata>
              <title>RHEL-08-010630 - RHEL 8 must prevent code from being executed on file systems that are imported via Network File System (NFS).</title>
              <affected family="unix">
@@ -36480,7 +24130,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The "noexec" mount option causes the system not to execute binary files. This option must be used for mounting any file system not containing approved binary as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.</description>
            </metadata>
-@@ -10733,7 +10785,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11036,7 +11085,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            <metadata>
              <title>RHEL-08-010640 - RHEL 8 must prevent special devices on file systems that are imported via Network File System (NFS).</title>
              <affected family="unix">
@@ -36490,7 +24140,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.</description>
            </metadata>
-@@ -10746,7 +10799,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11049,7 +11099,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            <metadata>
              <title>RHEL-08-010650 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS).</title>
              <affected family="unix">
@@ -36500,7 +24150,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.</description>
            </metadata>
-@@ -10759,7 +10813,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11062,7 +11113,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            <metadata>
              <title>RHEL-08-010671 - RHEL 8 must disable the kernel.core_pattern.</title>
              <affected family="unix">
@@ -36510,7 +24160,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -10780,7 +10835,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -11083,7 +11135,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010673 - RHEL 8 must disable core dumps for all users.</title>
              <affected family="unix">
@@ -36520,7 +24170,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -10795,7 +10851,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -11098,7 +11151,8 @@ A core dump includes a memory image taken at the time the operating system termi
            <metadata>
              <title>RHEL-08-010674 - RHEL 8 must disable storing core dumps.</title>
              <affected family="unix">
@@ -36530,7 +24180,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -10809,7 +10866,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -11112,7 +11166,8 @@ A core dump includes a memory image taken at the time the operating system termi
            <metadata>
              <title>RHEL-08-010675 - RHEL 8 must disable core dump backtraces.</title>
              <affected family="unix">
@@ -36540,7 +24190,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -10823,7 +10881,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -11126,7 +11181,8 @@ A core dump includes a memory image taken at the time the operating system termi
            <metadata>
              <title>RHEL-08-010760 - All RHEL 8 local interactive user accounts must be assigned a home directory upon creation</title>
              <affected family="unix">
@@ -36550,7 +24200,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.</description>
            </metadata>
-@@ -10835,7 +10894,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -11138,7 +11194,8 @@ A core dump includes a memory image taken at the time the operating system termi
            <metadata>
              <title>RHEL-08-010830 - RHEL 8 must not allow users to override SSH environment variables.</title>
              <affected family="unix">
@@ -36560,7 +24210,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>SSH environment options potentially allow users to bypass access restriction in some configurations.</description>
            </metadata>
-@@ -10848,7 +10908,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -11151,7 +11208,8 @@ A core dump includes a memory image taken at the time the operating system termi
            <metadata>
              <title>RHEL-08-020010 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.</title>
              <affected family="unix">
@@ -36570,7 +24220,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10872,7 +10933,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -11175,7 +11233,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            <metadata>
              <title>RHEL-08-020011 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.</title>
              <affected family="unix">
@@ -36580,7 +24230,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>In RHEL 8.2 the "/etc/security/faillock.conf" file was incorporated to centralize the configuration of the pam_faillock.so module.  Also introduced is a "local_users_only" option that will only track failed user authentication attempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP, etc.) users to allow the centralized platform to solely manage user lockout.
  
-@@ -10887,7 +10949,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -11190,7 +11249,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            <metadata>
              <title>RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.</title>
              <affected family="unix">
@@ -36590,7 +24240,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10907,7 +10970,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -11210,7 +11270,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            <metadata>
              <title>RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.</title>
              <affected family="unix">
@@ -36600,7 +24250,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10924,7 +10988,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -11227,7 +11288,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            <metadata>
              <title>RHEL-08-020014 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.</title>
              <affected family="unix">
@@ -36610,7 +24260,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10946,7 +11011,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -11249,7 +11311,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            <metadata>
              <title>RHEL-08-020015 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.</title>
              <affected family="unix">
@@ -36620,7 +24270,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10963,7 +11029,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -11266,7 +11329,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            <metadata>
              <title>RHEL-08-020018 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.</title>
              <affected family="unix">
@@ -36630,7 +24280,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10983,7 +11050,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -11286,7 +11350,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            <metadata>
              <title>RHEL-08-020019 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.</title>
              <affected family="unix">
@@ -36640,7 +24290,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11000,7 +11068,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -11303,7 +11368,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            <metadata>
              <title>RHEL-08-020020 - RHEL 8 must log user name information when unsuccessful logon attempts occur.</title>
              <affected family="unix">
@@ -36650,7 +24300,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11020,7 +11089,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -11323,7 +11389,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            <metadata>
              <title>RHEL-08-020021 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.</title>
              <affected family="unix">
@@ -36660,7 +24310,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11037,7 +11107,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -11340,7 +11407,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            <metadata>
              <title>RHEL-08-020022 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.</title>
              <affected family="unix">
@@ -36670,7 +24320,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11057,7 +11128,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -11360,7 +11428,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            <metadata>
              <title>RHEL-08-020023 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.</title>
              <affected family="unix">
@@ -36680,17 +24330,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11074,7 +11146,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
-           <metadata>
-             <title>RHEL-08-020041 - RHEL 8 must ensure session control is automatically started at shell initialization.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
- 
-@@ -11091,7 +11164,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
+@@ -11377,7 +11446,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            <metadata>
              <title>RHEL-08-020042 - RHEL 8 must prevent users from disabling session control mechanisms.</title>
              <affected family="unix">
@@ -36700,77 +24340,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
  
-@@ -11107,7 +11181,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
-           <metadata>
-             <title>RHEL-08-020110 - RHEL 8 must enforce password complexity by requiring that at least one uppercase character be used.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -11123,7 +11198,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
-           <metadata>
-             <title>RHEL-08-020120 - RHEL 8 must enforce password complexity by requiring that at least one lower-case character be used.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -11139,7 +11215,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
-           <metadata>
-             <title>RHEL-08-020130 - RHEL 8 must enforce password complexity by requiring that at least one numeric character be used.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -11155,7 +11232,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
-           <metadata>
-             <title>RHEL-08-020140 - RHEL 8 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -11171,7 +11249,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           <metadata>
-             <title>RHEL-08-020150 - RHEL 8 must require the maximum number of repeating characters be limited to three when passwords are changed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -11187,7 +11266,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           <metadata>
-             <title>RHEL-08-020160 - RHEL 8 must require the change of at least four character classes when passwords are changed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -11203,7 +11283,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           <metadata>
-             <title>RHEL-08-020170 - RHEL 8 must require the change of at least 8 characters when passwords are changed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -11219,7 +11300,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -11393,7 +11463,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
            <metadata>
              <title>RHEL-08-020180 - RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime restriction in /etc/shadow.</title>
              <affected family="unix">
@@ -36780,7 +24350,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.</description>
            </metadata>
-@@ -11232,7 +11314,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -11406,7 +11477,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
            <metadata>
              <title>RHEL-08-020190 - RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/logins.def.</title>
              <affected family="unix">
@@ -36790,7 +24360,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.</description>
            </metadata>
-@@ -11244,7 +11327,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -11418,7 +11490,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
            <metadata>
              <title>RHEL-08-020200 - RHEL 8 user account passwords must have a 60-day maximum password lifetime restriction.</title>
              <affected family="unix">
@@ -36800,27 +24370,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.</description>
            </metadata>
-@@ -11256,7 +11340,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           <metadata>
-             <title>RHEL-08-020210 - RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.</description>
-           </metadata>
-@@ -11271,7 +11356,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           <metadata>
-             <title>RHEL-08-020230 - RHEL 8 passwords must have a minimum of 15 characters.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
- 
-@@ -11291,7 +11377,8 @@ The DoD minimum password requirement is 15 characters.</description>
+@@ -11430,7 +11503,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
            <metadata>
              <title>RHEL-08-020231 - RHEL 8 passwords for new users must have a minimum of 15 characters.</title>
              <affected family="unix">
@@ -36830,7 +24380,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
  
-@@ -11307,7 +11394,8 @@ The DoD minimum password requirement is 15 characters.</description>
+@@ -11446,7 +11520,8 @@ The DoD minimum password requirement is 15 characters.</description>
            <metadata>
              <title>RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.</title>
              <affected family="unix">
@@ -36840,17 +24390,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
  
-@@ -11321,7 +11409,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
-           <metadata>
-             <title>RHEL-08-020280 - All RHEL 8 passwords must contain at least one special character.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -11337,7 +11426,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+@@ -11460,7 +11535,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
            <metadata>
              <title>RHEL-08-021400 - RHEL 8 must prevent the use of dictionary words for passwords.</title>
              <affected family="unix">
@@ -36860,7 +24400,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If RHEL 8 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses, and brute-force attacks.</description>
            </metadata>
-@@ -11349,7 +11439,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+@@ -11472,7 +11548,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
            <metadata>
              <title>RHEL-08-020310 - RHEL 8 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.</title>
              <affected family="unix">
@@ -36870,7 +24410,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Configuring the operating system to implement organization-wide security implementation guides and security checklists verifies compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
  
-@@ -11363,7 +11454,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11486,7 +11563,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            <metadata>
              <title>RHEL-08-020330 - RHEL 8 must not have accounts configured with blank or null passwords.</title>
              <affected family="unix">
@@ -36880,7 +24420,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</description>
            </metadata>
-@@ -11375,7 +11467,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11498,7 +11576,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            <metadata>
              <title>RHEL-08-020350 - RHEL 8 must display the date and time of the last successful account logon upon an SSH logon.</title>
              <affected family="unix">
@@ -36890,7 +24430,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Providing users with feedback on when account accesses via SSH last occurred facilitates user recognition and reporting of unauthorized account use.</description>
            </metadata>
-@@ -11388,7 +11481,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11511,7 +11590,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            <metadata>
              <title>RHEL-08-020351 - RHEL 8 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.</title>
              <affected family="unix">
@@ -36900,7 +24440,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Setting the most restrictive default permissions ensures that when new accounts are created, they do not have unnecessary access.</description>
            </metadata>
-@@ -11400,7 +11494,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11523,7 +11603,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            <metadata>
              <title>RHEL-08-030000 - The RHEL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.</title>
              <affected family="unix">
@@ -36910,7 +24450,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider threats and the advanced persistent threat.</description>
            </metadata>
-@@ -11416,7 +11511,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11539,7 +11620,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            <metadata>
              <title>RHEL-08-030020 - The RHEL 8 System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.</title>
              <affected family="unix">
@@ -36920,7 +24460,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
  
-@@ -11432,7 +11528,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+@@ -11555,7 +11637,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
            <metadata>
              <title>RHEL-08-030040 - The RHEL 8 System must take appropriate action when an audit processing failure occurs.</title>
              <affected family="unix">
@@ -36930,7 +24470,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
  
-@@ -11448,7 +11545,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+@@ -11571,7 +11654,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
            <metadata>
              <title>RHEL-08-030060 - The RHEL 8 audit system must take appropriate action when the audit storage volume is full.</title>
              <affected family="unix">
@@ -36940,7 +24480,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is critical that when RHEL 8 is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.
  
-@@ -11466,7 +11564,8 @@ When availability is an overriding concern, other approved actions in response t
+@@ -11589,7 +11673,8 @@ When availability is an overriding concern, other approved actions in response t
            <metadata>
              <title>RHEL-08-030061 - The RHEL 8 audit system must audit local events.</title>
              <affected family="unix">
@@ -36950,7 +24490,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
  
-@@ -11480,7 +11579,8 @@ Audit record content that may be necessary to satisfy this requirement includes,
+@@ -11603,7 +11688,8 @@ Audit record content that may be necessary to satisfy this requirement includes,
            <metadata>
              <title>RHEL-08-030062 - RHEL 8 must label all off-loaded audit logs before sending them to the central log server.</title>
              <affected family="unix">
@@ -36960,7 +24500,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
  
-@@ -11498,7 +11598,8 @@ When audit logs are not labeled before they are sent to a central log server, th
+@@ -11621,7 +11707,8 @@ When audit logs are not labeled before they are sent to a central log server, th
            <metadata>
              <title>RHEL-08-030063 - RHEL 8 must resolve audit information before writing to disk.</title>
              <affected family="unix">
@@ -36970,7 +24510,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
  
-@@ -11514,7 +11615,8 @@ Enriched logging aids in making sense of who, what, and when events occur on a s
+@@ -11637,7 +11724,8 @@ Enriched logging aids in making sense of who, what, and when events occur on a s
            <metadata>
              <title>RHEL-08-030080 - RHEL 8 audit logs must be owned by root to prevent unauthorized read access.</title>
              <affected family="unix">
@@ -36980,7 +24520,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -11528,7 +11630,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -11651,7 +11739,8 @@ The structure and content of error messages must be carefully considered by the
            <metadata>
              <title>RHEL-08-030090 - RHEL 8 audit logs must be group-owned by root to prevent unauthorized read access.</title>
              <affected family="unix">
@@ -36990,7 +24530,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11542,7 +11645,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+@@ -11665,7 +11754,8 @@ Audit information includes all information (e.g., audit records, audit settings,
            <metadata>
              <title>RHEL-08-030100 - RHEL 8 audit log directory must be owned by root to prevent unauthorized read access.</title>
              <affected family="unix">
@@ -37000,7 +24540,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11556,7 +11660,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+@@ -11679,7 +11769,8 @@ Audit information includes all information (e.g., audit records, audit settings,
            <metadata>
              <title>RHEL-08-030110 - RHEL 8 audit log directory must be group-owned by root to prevent unauthorized read access.</title>
              <affected family="unix">
@@ -37010,7 +24550,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11570,7 +11675,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+@@ -11693,7 +11784,8 @@ Audit information includes all information (e.g., audit records, audit settings,
            <metadata>
              <title>RHEL-08-030120 - RHEL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access.</title>
              <affected family="unix">
@@ -37020,7 +24560,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11584,7 +11690,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+@@ -11707,7 +11799,8 @@ Audit information includes all information (e.g., audit records, audit settings,
            <metadata>
              <title>RHEL-08-030121 - RHEL 8 audit system must protect auditing rules from unauthorized change.</title>
              <affected family="unix">
@@ -37030,7 +24570,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11600,7 +11707,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
+@@ -11723,7 +11816,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
            <metadata>
              <title>RHEL-08-030122 - RHEL 8 audit system must protect logon UIDs from unauthorized change.</title>
              <affected family="unix">
@@ -37040,7 +24580,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11616,7 +11724,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
+@@ -11739,7 +11833,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
            <metadata>
              <title>RHEL-08-030130 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.</title>
              <affected family="unix">
@@ -37050,7 +24590,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11631,7 +11740,8 @@ Audit records can be generated from various components within the information sy
+@@ -11754,7 +11849,8 @@ Audit records can be generated from various components within the information sy
            <metadata>
              <title>RHEL-08-030140 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd.</title>
              <affected family="unix">
@@ -37060,7 +24600,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11646,7 +11756,8 @@ Audit records can be generated from various components within the information sy
+@@ -11769,7 +11865,8 @@ Audit records can be generated from various components within the information sy
            <metadata>
              <title>RHEL-08-030150 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.</title>
              <affected family="unix">
@@ -37070,7 +24610,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11661,7 +11772,8 @@ Audit records can be generated from various components within the information sy
+@@ -11784,7 +11881,8 @@ Audit records can be generated from various components within the information sy
            <metadata>
              <title>RHEL-08-030160 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.</title>
              <affected family="unix">
@@ -37080,7 +24620,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11676,7 +11788,8 @@ Audit records can be generated from various components within the information sy
+@@ -11799,7 +11897,8 @@ Audit records can be generated from various components within the information sy
            <metadata>
              <title>RHEL-08-030170 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.</title>
              <affected family="unix">
@@ -37090,7 +24630,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11691,7 +11804,8 @@ Audit records can be generated from various components within the information sy
+@@ -11814,7 +11913,8 @@ Audit records can be generated from various components within the information sy
            <metadata>
              <title>RHEL-08-030171 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.</title>
              <affected family="unix">
@@ -37100,7 +24640,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11706,7 +11820,8 @@ Audit records can be generated from various components within the information sy
+@@ -11829,7 +11929,8 @@ Audit records can be generated from various components within the information sy
            <metadata>
              <title>RHEL-08-030172 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/.</title>
              <affected family="unix">
@@ -37110,7 +24650,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11721,7 +11836,8 @@ Audit records can be generated from various components within the information sy
+@@ -11844,7 +11945,8 @@ Audit records can be generated from various components within the information sy
            <metadata>
              <title>RHEL-08-030180 - The RHEL 8 audit package must be installed.</title>
              <affected family="unix">
@@ -37120,7 +24660,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
  
-@@ -11737,7 +11853,8 @@ Associating event types with detected events in RHEL 8 audit logs provides a mea
+@@ -11860,7 +11962,8 @@ Associating event types with detected events in RHEL 8 audit logs provides a mea
            <metadata>
              <title>RHEL-08-030190 - Successful/unsuccessful uses of the su command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37130,7 +24670,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11754,7 +11871,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11877,7 +11980,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030200 - The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr and lremovexattr system calls.</title>
              <affected family="unix">
@@ -37140,7 +24680,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11801,7 +11919,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -11924,7 +12028,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>RHEL-08-030250 - Successful/unsuccessful uses of the chage command in RHEL 8 must generate an audit record</title>
              <affected family="unix">
@@ -37150,7 +24690,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11820,7 +11939,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+@@ -11943,7 +12048,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
            <metadata>
              <title>RHEL-08-030260 - Successful/unsuccessful uses of the chcon command in RHEL 8 must generate an audit record</title>
              <affected family="unix">
@@ -37160,7 +24700,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11839,7 +11959,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+@@ -11962,7 +12068,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
            <metadata>
              <title>RHEL-08-030280 - Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37170,7 +24710,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11856,7 +11977,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11979,7 +12086,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030290 - Successful/unsuccessful uses of the passwd command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37180,7 +24720,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11873,7 +11995,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11996,7 +12104,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030300 - Successful/unsuccessful uses of the mount command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37190,7 +24730,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11890,7 +12013,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12013,7 +12122,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030301 - Successful/unsuccessful uses of the umount command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37200,7 +24740,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11907,7 +12031,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12030,7 +12140,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030302 - Successful/unsuccessful uses of the mount syscall in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37210,7 +24750,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11925,7 +12050,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12048,7 +12159,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030310 - Successful/unsuccessful uses of the unix_update in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37220,7 +24760,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -11942,7 +12068,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12065,7 +12177,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030311 - Successful/unsuccessful uses of postdrop in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37230,7 +24770,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -11959,7 +12086,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12082,7 +12195,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030312 - Successful/unsuccessful uses of postqueue in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37240,7 +24780,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -11976,7 +12104,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12099,7 +12213,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37250,7 +24790,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -11993,7 +12122,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12116,7 +12231,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030314 - Successful/unsuccessful uses of setfiles in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37260,7 +24800,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -12010,7 +12140,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12133,7 +12249,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030315 - Successful/unsuccessful uses of userhelper in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37270,7 +24810,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -12027,7 +12158,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12150,7 +12267,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030316 - Successful/unsuccessful uses of setsebool in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37280,7 +24820,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -12044,7 +12176,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12167,7 +12285,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030317 - Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37290,7 +24830,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -12061,7 +12194,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12184,7 +12303,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030320 - Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37300,7 +24840,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12078,7 +12212,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12201,7 +12321,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030330 - Successful/unsuccessful uses of the setfacl command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37310,7 +24850,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12095,7 +12230,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12218,7 +12339,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37320,7 +24860,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12112,7 +12248,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12235,7 +12357,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030350 - Successful/unsuccessful uses of the newgrp command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37330,7 +24870,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12129,7 +12266,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12252,7 +12375,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030360 - Successful/unsuccessful uses of the init_module and finit_module command system calls in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37340,7 +24880,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12151,7 +12289,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12274,7 +12398,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>RHEL-08-030361 - Successful/unsuccessful uses of the rename, unlink, rmdir, renameat and unlinkat commandsystem calls in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37350,7 +24890,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12182,7 +12321,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12305,7 +12430,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>RHEL-08-030370 - Successful/unsuccessful uses of the gpasswd command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37360,7 +24900,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12199,7 +12339,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12322,7 +12448,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030390 - Successful/unsuccessful uses of the delete_module command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37370,7 +24910,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12217,7 +12358,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12340,7 +12467,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030400 - Successful/unsuccessful uses of the crontab command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37380,7 +24920,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12234,7 +12376,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12357,7 +12485,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030410 - Successful/unsuccessful uses of the chsh command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37390,7 +24930,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12251,7 +12394,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12374,7 +12503,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030420 - Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37400,7 +24940,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12296,7 +12440,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12419,7 +12549,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>RHEL-08-030480 - Successful/unsuccessful uses of the chown, fchown, fchownat and lchown system calls in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37410,7 +24950,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12325,7 +12470,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12448,7 +12579,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>RHEL-08-030490 - Successful/unsuccessful uses of the chmod, fchmod and fchmodat system calls in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37420,7 +24960,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12350,7 +12496,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12473,7 +12605,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            <metadata>
              <title>RHEL-08-030550 - Successful/unsuccessful uses of the sudo command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37430,7 +24970,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12367,7 +12514,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12490,7 +12623,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030560 - Successful/unsuccessful uses of the usermod command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37440,7 +24980,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12384,7 +12532,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12507,7 +12641,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030570 - Successful/unsuccessful uses of the chacl command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37450,7 +24990,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12401,7 +12550,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12524,7 +12659,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            <metadata>
              <title>RHEL-08-030580 - Successful/unsuccessful uses of the kmod command in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37460,7 +25000,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12428,7 +12578,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
+@@ -12551,7 +12687,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
            <metadata>
              <title>RHEL-08-030600 - Successful/unsuccessful modifications to the lastlog file in RHEL 8 must generate an audit record.</title>
              <affected family="unix">
@@ -37470,7 +25010,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12455,7 +12606,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
+@@ -12578,7 +12715,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
            <metadata>
              <title>RHEL-08-030610 - RHEL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.</title>
              <affected family="unix">
@@ -37480,7 +25020,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.</description>
            </metadata>
-@@ -12468,7 +12620,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
+@@ -12591,7 +12729,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
            <metadata>
              <title>RHEL-08-030620 - RHEL 8 audit tools must have a mode of 0755 or less permissive.</title>
              <affected family="unix">
@@ -37490,7 +25030,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
  
-@@ -12484,7 +12637,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+@@ -12607,7 +12746,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
            <metadata>
              <title>RHEL-08-030630 - RHEL 8 audit tools must be owned by root.</title>
              <affected family="unix">
@@ -37500,7 +25040,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
  
-@@ -12500,7 +12654,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+@@ -12623,7 +12763,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
            <metadata>
              <title>RHEL-08-030640 - RHEL 8 audit tools must be group-owned by root.</title>
              <affected family="unix">
@@ -37510,7 +25050,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
  
-@@ -12516,7 +12671,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+@@ -12639,7 +12780,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
            <metadata>
              <title>RHEL-08-030680 - RHEL 8 must have the packages required for encrypting offloaded audit logs installed.</title>
              <affected family="unix">
@@ -37520,7 +25060,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
  
-@@ -12539,7 +12695,8 @@ Note that a port number was given as there is no standard port for RELP.</descri
+@@ -12662,7 +12804,8 @@ Note that a port number was given as there is no standard port for RELP.</descri
            <metadata>
              <title>RHEL-08-030700 - RHEL 8 must take appropriate action when the internal event queue is full.</title>
              <affected family="unix">
@@ -37530,7 +25070,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
  
-@@ -12555,7 +12712,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
+@@ -12678,7 +12821,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
            <metadata>
              <title>RHEL-08-030730 - RHEL 8 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.</title>
              <affected family="unix">
@@ -37540,7 +25080,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.</description>
            </metadata>
-@@ -12567,7 +12725,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
+@@ -12690,7 +12834,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
            <metadata>
              <title>RHEL-08-030741 - RHEL 8 must disable the chrony daemon from acting as a server.</title>
              <affected family="unix">
@@ -37550,7 +25090,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
  
-@@ -12585,7 +12744,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
+@@ -12708,7 +12853,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
            <metadata>
              <title>RHEL-08-030742 - RHEL 8 must disable network management of the chrony daemon.</title>
              <affected family="unix">
@@ -37560,7 +25100,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
  
-@@ -12603,7 +12763,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
+@@ -12726,7 +12872,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
            <metadata>
              <title>RHEL-08-040000 - RHEL 8 must not have the telnet-server package installed.</title>
              <affected family="unix">
@@ -37570,7 +25110,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12625,7 +12786,8 @@ If a privileged user were to log on using this service, the privileged user pass
+@@ -12748,7 +12895,8 @@ If a privileged user were to log on using this service, the privileged user pass
            <metadata>
              <title>RHEL-08-040001 - RHEL 8 must not have any automated bug reporting tools installed.</title>
              <affected family="unix">
@@ -37580,7 +25120,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12643,7 +12805,8 @@ Verify the operating system is configured to disable non-essential capabilities.
+@@ -12766,7 +12914,8 @@ Verify the operating system is configured to disable non-essential capabilities.
            <metadata>
              <title>RHEL-08-040002 - RHEL 8 must not have the sendmail package installed.</title>
              <affected family="unix">
@@ -37590,7 +25130,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12661,7 +12824,8 @@ Verify the operating system is configured to disable non-essential capabilities.
+@@ -12784,7 +12933,8 @@ Verify the operating system is configured to disable non-essential capabilities.
            <metadata>
              <title>RHEL-08-040010 - RHEL 8 must not have the rsh-server package installed.</title>
              <affected family="unix">
@@ -37600,67 +25140,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12679,7 +12843,8 @@ If a privileged user were to log on using this service, the privileged user pass
-           <metadata>
-             <title>RHEL-08-040021 - RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -12696,7 +12861,8 @@ The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data li
-           <metadata>
-             <title>RHEL-08-040022 - RHEL 8 must disable the controller area network (CAN) protocol.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -12713,7 +12879,8 @@ The Controller Area Network (CAN) is a serial communications protocol, which was
-           <metadata>
-             <title>RHEL-08-040023 - RHEL 8 must disable the stream control transmission (SCTP) protocol.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -12730,7 +12897,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
-           <metadata>
-             <title>RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -12747,7 +12915,8 @@ The Transparent Inter-Process Communication (TIPC) protocol is designed to provi
-           <metadata>
-             <title>RHEL-08-040025 - RHEL 8 must disable mounting of cramfs.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -12764,7 +12933,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
-           <metadata>
-             <title>RHEL-08-040026 - RHEL 8 must disable IEEE 1394 (FireWire) Support.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -12779,7 +12949,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
+@@ -12802,7 +12952,8 @@ If a privileged user were to log on using this service, the privileged user pass
            <metadata>
              <title>RHEL-08-040060 - RHEL 8 must enforce SSHv2 for network access to all accounts.</title>
              <affected family="unix">
@@ -37670,27 +25150,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>A replay attack may enable an unauthorized user to gain access to RHEL 8. Authentication sessions between the authenticator and RHEL 8 validating the user credentials must not be vulnerable to a replay attack.
  
-@@ -12800,7 +12971,8 @@ RHEL 8 incorporates OpenSSH as a default ssh provider. OpenSSH has been a 100 pe
-           <metadata>
-             <title>RHEL-08-040080 - RHEL 8 must be configured to disable USB mass storage.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity.</description>
-           </metadata>
-@@ -12813,7 +12985,8 @@ RHEL 8 incorporates OpenSSH as a default ssh provider. OpenSSH has been a 100 pe
-           <metadata>
-             <title>RHEL-08-040111 - RHEL 8 Bluetooth must be disabled.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 8</platform>
-+              <platform>Red Hat Enterprise Linux 8</platform>
-+<platform>AlmaLinux 8</platform>
-             </affected>
-             <description>Without protection of communications with wireless peripherals, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read, altered, or used to compromise the RHEL 8 operating system.
- 
-@@ -12830,7 +13003,8 @@ Protecting the confidentiality and integrity of communications with wireless per
+@@ -12823,7 +12974,8 @@ RHEL 8 incorporates OpenSSH as a default ssh provider. OpenSSH has been a 100 pe
            <metadata>
              <title>RHEL-08-040120 - RHEL 8 must mount /dev/shm with the nodev option.</title>
              <affected family="unix">
@@ -37700,7 +25160,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12849,7 +13023,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12842,7 +12994,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040121 - RHEL 8 must mount /dev/shm with the nosuid option.</title>
              <affected family="unix">
@@ -37710,7 +25170,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12866,7 +13041,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12859,7 +13012,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040122 - RHEL 8 must mount /dev/shm with the noexec option.</title>
              <affected family="unix">
@@ -37720,7 +25180,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12885,7 +13061,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12878,7 +13032,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040123 - RHEL 8 must mount /tmp with the nodev option.</title>
              <affected family="unix">
@@ -37730,7 +25190,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12905,7 +13082,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12898,7 +13053,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040124 - RHEL 8 must mount /tmp with the nosuid option.</title>
              <affected family="unix">
@@ -37740,7 +25200,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12923,7 +13101,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12916,7 +13072,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040125 - RHEL 8 must mount /tmp with the noexec option.</title>
              <affected family="unix">
@@ -37750,7 +25210,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12943,7 +13122,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12936,7 +13093,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040126 - RHEL 8 must mount /var/log with the nodev option.</title>
              <affected family="unix">
@@ -37760,7 +25220,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12963,7 +13143,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12956,7 +13114,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040127 - RHEL 8 must mount /var/log with the nosuid option.</title>
              <affected family="unix">
@@ -37770,7 +25230,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12983,7 +13164,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12976,7 +13135,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040128 - RHEL 8 must mount /var/log with the noexec option.</title>
              <affected family="unix">
@@ -37780,7 +25240,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13003,7 +13185,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12996,7 +13156,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040129 - RHEL 8 must mount /var/log/audit with the nodev option.</title>
              <affected family="unix">
@@ -37790,7 +25250,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13023,7 +13206,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13016,7 +13177,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040130 - RHEL 8 must mount /var/log/audit with the nosuid option.</title>
              <affected family="unix">
@@ -37800,7 +25260,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13043,7 +13227,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13036,7 +13198,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040131 - RHEL 8 must mount /var/log/audit with the noexec option.</title>
              <affected family="unix">
@@ -37810,7 +25270,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13063,7 +13248,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13056,7 +13219,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040132 - RHEL 8 must mount /var/tmp with the nodev option.</title>
              <affected family="unix">
@@ -37820,7 +25280,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13082,7 +13268,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13075,7 +13239,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040133 - RHEL 8 must mount /var/tmp with the nosuid option.</title>
              <affected family="unix">
@@ -37830,7 +25290,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13101,7 +13288,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13094,7 +13259,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040134 - RHEL 8 must mount /var/tmp with the noexec option.</title>
              <affected family="unix">
@@ -37840,7 +25300,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13120,7 +13308,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13113,7 +13279,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            <metadata>
              <title>RHEL-08-040160 - All RHEL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.</title>
              <affected family="unix">
@@ -37850,7 +25310,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
  
-@@ -13137,7 +13326,8 @@ Protecting the confidentiality and integrity of organizational information can b
+@@ -13130,7 +13297,8 @@ Protecting the confidentiality and integrity of organizational information can b
            <metadata>
              <title>RHEL 8 must force a frequent session key renegotiation for SSH connections to the server.</title>
              <affected family="unix">
@@ -37860,7 +25320,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
  
-@@ -13156,7 +13346,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+@@ -13149,7 +13317,8 @@ Session key regeneration limits the chances of a session key becoming compromise
            <metadata>
              <title>RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled.</title>
              <affected family="unix">
@@ -37870,7 +25330,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.</description>
            </metadata>
-@@ -13168,7 +13359,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+@@ -13161,7 +13330,8 @@ Session key regeneration limits the chances of a session key becoming compromise
            <metadata>
              <title>RHEL-08-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support.</title>
              <affected family="unix">
@@ -37880,7 +25340,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If TFTP is required for operational support (such as the transmission of router configurations) its use must be documented with the Information System Security Officer (ISSO), restricted to only authorized personnel, and have access control rules established.</description>
            </metadata>
-@@ -13180,7 +13372,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+@@ -13173,7 +13343,8 @@ Session key regeneration limits the chances of a session key becoming compromise
            <metadata>
              <title>RHEL-08-040200 - The root account must be the only account having unrestricted access to the RHEL 8 system.</title>
              <affected family="unix">
@@ -37890,7 +25350,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.</description>
            </metadata>
-@@ -13192,7 +13385,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+@@ -13185,7 +13356,8 @@ Session key regeneration limits the chances of a session key becoming compromise
            <metadata>
              <title>RHEL-08-040210 - RHEL 8 must prevent Internet Control Message Protocol (ICMP) redirect messages from being accepted.</title>
              <affected family="unix">
@@ -37900,7 +25360,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
  
-@@ -13216,7 +13410,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13209,7 +13381,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040220 - RHEL 8 must not send Internet Control Message Protocol (ICMP) redirects.</title>
              <affected family="unix">
@@ -37910,7 +25370,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
  
-@@ -13239,7 +13434,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13232,7 +13405,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040230 - RHEL 8 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.</title>
              <affected family="unix">
@@ -37920,7 +25380,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.
  
-@@ -13262,7 +13458,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13255,7 +13429,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040240 - RHEL 8 must not forward source-routed packets.</title>
              <affected family="unix">
@@ -37930,7 +25390,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
  
-@@ -13286,7 +13483,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13279,7 +13454,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040250 - RHEL 8 must not forward source-routed packets by default.</title>
              <affected family="unix">
@@ -37940,7 +25400,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
  
-@@ -13310,7 +13508,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13303,7 +13479,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040260 - RHEL 8 must not be performing packet forwarding unless the system is a router.</title>
              <affected family="unix">
@@ -37950,7 +25410,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
  
-@@ -13334,7 +13533,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13327,7 +13504,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040261 - RHEL 8 must not accept router advertisements on all IPv6 interfaces.</title>
              <affected family="unix">
@@ -37960,7 +25420,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
  
-@@ -13360,7 +13560,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13353,7 +13531,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040262 - RHEL 8 must not accept router advertisements on all IPv6 interfaces by default.</title>
              <affected family="unix">
@@ -37970,7 +25430,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
  
-@@ -13386,7 +13587,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13379,7 +13558,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040270 - RHEL 8 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default.</title>
              <affected family="unix">
@@ -37980,7 +25440,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
  
-@@ -13409,7 +13611,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13402,7 +13582,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040280 - RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages.</title>
              <affected family="unix">
@@ -37990,7 +25450,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
  
-@@ -13433,7 +13636,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13426,7 +13607,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040281 - RHEL 8 must disable access to network bpf syscall from unprivileged processes.</title>
              <affected family="unix">
@@ -38000,7 +25460,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13454,7 +13658,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13447,7 +13629,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040282 - RHEL 8 must restrict usage of ptrace to descendant processes.</title>
              <affected family="unix">
@@ -38010,7 +25470,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13475,7 +13680,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13468,7 +13651,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040283 - RHEL 8 must restrict exposed kernel pointer addresses access.</title>
              <affected family="unix">
@@ -38020,7 +25480,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13496,7 +13702,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13489,7 +13673,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040284 - RHEL 8 must disable the use of user namespaces.</title>
              <affected family="unix">
@@ -38030,7 +25490,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13517,7 +13724,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13510,7 +13695,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces.</title>
              <affected family="unix">
@@ -38040,7 +25500,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13538,7 +13746,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13531,7 +13717,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying.</title>
              <affected family="unix">
@@ -38050,7 +25510,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.</description>
            </metadata>
-@@ -13551,7 +13760,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13544,7 +13731,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-040340 - RHEL 8 remote X connections for interactive users must be disabled unless to fulfill documented and validated mission requirements.</title>
              <affected family="unix">
@@ -38060,7 +25520,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The security risk of using X11 forwarding is that the client's X11 display server may be exposed to attack when the SSH client requests forwarding.  A system administrator may have a stance in which they want to protect clients that may expose themselves to attack by unwittingly requesting X11 forwarding, which can warrant a ''no'' setting.
  X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user's X11 authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring if the ForwardX11Trusted option is also enabled.
-@@ -13566,7 +13776,8 @@ If X11 services are not required for the system's intended function, they should
+@@ -13559,7 +13747,8 @@ If X11 services are not required for the system's intended function, they should
            <metadata>
              <title>RHEL-08-040341 - The RHEL 8 SSH daemon must prevent remote hosts from connecting to the proxy display.</title>
              <affected family="unix">
@@ -38070,7 +25530,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address. By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DIPSLAY environment variable to localhost. This prevents remote hosts from connecting to the proxy display.</description>
            </metadata>
-@@ -13579,7 +13790,8 @@ If X11 services are not required for the system's intended function, they should
+@@ -13572,7 +13761,8 @@ If X11 services are not required for the system's intended function, they should
            <metadata>
              <title>RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode.</title>
              <affected family="unix">
@@ -38080,7 +25540,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Restricting TFTP to a specific directory prevents remote users from copying, transferring, or overwriting system files.</description>
            </metadata>
-@@ -13592,7 +13804,8 @@ If X11 services are not required for the system's intended function, they should
+@@ -13585,7 +13775,8 @@ If X11 services are not required for the system's intended function, they should
            <metadata>
              <title>RHEL-08-040360 - A File Transfer Protocol (FTP) server package must not be installed unless mission essential on RHEL 8.</title>
              <affected family="unix">
@@ -38090,7 +25550,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The FTP service provides an unencrypted remote access that does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. SSH or other encrypted file transfer methods must be used in place of this service.</description>
            </metadata>
-@@ -13604,7 +13817,8 @@ If X11 services are not required for the system's intended function, they should
+@@ -13597,7 +13788,8 @@ If X11 services are not required for the system's intended function, they should
            <metadata>
              <title>RHEL-08-040370 - The gssproxy package must not be installed unless mission essential on RHEL 8.</title>
              <affected family="unix">
@@ -38100,7 +25560,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13620,7 +13834,8 @@ The gssproxy package is a proxy for GSS API credential handling and could expose
+@@ -13613,7 +13805,8 @@ The gssproxy package is a proxy for GSS API credential handling and could expose
            <metadata>
              <title>RHEL-08-040380 - The iprutils package must not be installed unless mission essential on RHEL 8.</title>
              <affected family="unix">
@@ -38110,7 +25570,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13636,7 +13851,8 @@ The iprutils package provides a suite of utilities to manage and configure SCSI
+@@ -13629,7 +13822,8 @@ The iprutils package provides a suite of utilities to manage and configure SCSI
            <metadata>
              <title>RHEL-08-040390 - The tuned package must not be installed unless mission essential on RHEL 8.</title>
              <affected family="unix">
@@ -38120,7 +25580,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13652,7 +13868,8 @@ The tuned package contains a daemon that tunes the system settings dynamically.
+@@ -13645,7 +13839,8 @@ The tuned package contains a daemon that tunes the system settings dynamically.
            <metadata>
              <title>RHEL-08-030670 - RHEL 8 must have the packages required for offloading audit logs installed.</title>
              <affected family="unix">
@@ -38130,7 +25590,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
  
-@@ -13675,7 +13892,8 @@ Note that a port number was given as there is no standard port for RELP.</descri
+@@ -13668,7 +13863,8 @@ Note that a port number was given as there is no standard port for RELP.</descri
            <metadata>
              <title>RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8.</title>
              <affected family="unix">
@@ -38140,7 +25600,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -13694,7 +13912,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -13687,7 +13883,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            <metadata>
              <title>RHEL-08-010382 - RHEL 8 must restrict privilege elevation to authorized personnel.</title>
              <affected family="unix">
@@ -38150,7 +25610,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.</description>
            </metadata>
-@@ -13707,7 +13926,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -13700,7 +13897,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            <metadata>
              <title>RHEL-08-010383 - RHEL 8 must use the invoking user's password for privilege escalation when using "sudo".</title>
              <affected family="unix">
@@ -38160,7 +25620,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password. 
  For more information on each of the listed configurations, reference the sudoers(5) manual page.</description>
-@@ -13731,7 +13951,8 @@ For more information on each of the listed configurations, reference the sudoers
+@@ -13724,7 +13922,8 @@ For more information on each of the listed configurations, reference the sudoers
            <metadata>
              <title>RHEL-08-010384 - RHEL 8 must require re-authentication when using the "sudo" command.</title>
              <affected family="unix">
@@ -38170,7 +25630,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
  
-@@ -13747,7 +13968,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+@@ -13740,7 +13939,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
            <metadata>
              <title>RHEL-08-020331 - RHEL 8 must not allow blank or null passwords in the system-auth file.</title>
              <affected family="unix">
@@ -38180,7 +25640,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</description>
            </metadata>
-@@ -13759,7 +13981,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+@@ -13752,7 +13952,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
            <metadata>
              <title>RHEL-08-020332 - RHEL 8 must not allow blank or null passwords in the password-auth file.</title>
              <affected family="unix">
@@ -38190,7 +25650,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</description>
            </metadata>
-@@ -13771,7 +13994,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+@@ -13764,7 +13965,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
            <metadata>
              <title>RHEL-08-040286 - RHEL 8 must enable hardening for the Berkeley Packet Filter Just-in-time compiler.</title>
              <affected family="unix">
@@ -38200,7 +25660,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13794,7 +14018,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13787,7 +13989,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010121 - The RHEL 8 operating system must not have accounts configured with blank or null passwords.</title>
              <affected family="unix">
@@ -38210,7 +25670,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</description>
            </metadata>
-@@ -13806,7 +14031,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13799,7 +14002,8 @@ The sysctl --system command will load settings from all system configuration fil
            <metadata>
              <title>RHEL-08-010000 - RHEL 8 must be a vendor-supported release.</title>
              <affected family="unix">
@@ -38220,7 +25680,27 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>An operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.
  
-@@ -13821,7 +14047,8 @@ Note: The life-cycle time spans and dates are subject to adjustment.</descriptio
+@@ -13814,7 +14018,8 @@ Note: The life-cycle time spans and dates are subject to adjustment.</descriptio
+           <metadata>
+             <title>RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the Federal Government since this provides assurance they have been tested and validated.
+ 
+@@ -13832,7 +14037,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPO
+           <metadata>
+             <title>RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -13848,7 +14054,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            <metadata>
              <title>RHEL-08-010200 - RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements.</title>
              <affected family="unix">
@@ -38230,7 +25710,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Terminating an idle SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
  
-@@ -13839,7 +14066,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
+@@ -13866,7 +14073,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
            <metadata>
              <title>RHEL-08-010300 - RHEL 8 system commands must have mode 755 or less permissive.</title>
              <affected family="unix">
@@ -38240,7 +25720,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
  
-@@ -13853,7 +14081,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+@@ -13880,7 +14088,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
            <metadata>
              <title>RHEL-08-010371 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.</title>
              <affected family="unix">
@@ -38250,7 +25730,17 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
  
-@@ -13869,7 +14098,8 @@ Verifying the authenticity of the software prior to installation validates the i
+@@ -13896,7 +14105,8 @@ Verifying the authenticity of the software prior to installation validates the i
+           <metadata>
+             <title>RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
+ 
+@@ -13910,7 +14120,8 @@ This requirement applies to operating systems performing security function verif
            <metadata>
              <title>RHEL-08-010540 - RHEL 8 must use a separate file system for /var.</title>
              <affected family="unix">
@@ -38260,7 +25750,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.</description>
            </metadata>
-@@ -13881,7 +14111,8 @@ Verifying the authenticity of the software prior to installation validates the i
+@@ -13922,7 +14133,8 @@ This requirement applies to operating systems performing security function verif
            <metadata>
              <title>RHEL-08-010541 - RHEL 8 must use a separate file system for /var/log.</title>
              <affected family="unix">
@@ -38270,7 +25760,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.</description>
            </metadata>
-@@ -13893,7 +14124,8 @@ Verifying the authenticity of the software prior to installation validates the i
+@@ -13934,7 +14146,8 @@ This requirement applies to operating systems performing security function verif
            <metadata>
              <title>RHEL-08-020024 - RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types.</title>
              <affected family="unix">
@@ -38280,7 +25770,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Operating system management includes the ability to control the number of users and user sessions that utilize an operating system. Limiting the number of allowed users and sessions per user is helpful in reducing the risks related to DoS attacks.
  
-@@ -13907,7 +14139,8 @@ This requirement addresses concurrent sessions for information system accounts a
+@@ -13948,7 +14161,8 @@ This requirement addresses concurrent sessions for information system accounts a
            <metadata>
              <title>RHEL-08-020040 - RHEL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for command line sessions.</title>
              <affected family="unix">
@@ -38290,7 +25780,7 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
  
-@@ -13925,7 +14158,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011</description>
+@@ -13966,7 +14180,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011</description>
            <metadata>
              <title>RHEL-08-020100 - RHEL 8 must ensure the password complexity module is enabled in the password-auth file.</title>
              <affected family="unix">
@@ -38300,7 +25790,87 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
  
-@@ -13941,7 +14175,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. This
+@@ -13982,7 +14197,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. This
+           <metadata>
+             <title>RHEL-08-020110 - RHEL 8 must enforce password complexity by requiring that at least one uppercase character be used.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -13998,7 +14214,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
+           <metadata>
+             <title>RHEL-08-020120 - RHEL 8 must enforce password complexity by requiring that at least one lower-case character be used.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -14014,7 +14231,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
+           <metadata>
+             <title>RHEL-08-020130 - RHEL 8 must enforce password complexity by requiring that at least one numeric character be used.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -14030,7 +14248,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+           <metadata>
+             <title>RHEL-08-020140 - RHEL 8 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -14046,7 +14265,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           <metadata>
+             <title>RHEL-08-020150 - RHEL 8 must require the maximum number of repeating characters be limited to three when passwords are changed.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -14062,7 +14282,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           <metadata>
+             <title>RHEL-08-020160 - RHEL 8 must require the change of at least four character classes when passwords are changed.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -14078,7 +14299,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           <metadata>
+             <title>RHEL-08-020170 - RHEL 8 must require the change of at least 8 characters when passwords are changed.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -14094,7 +14316,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           <metadata>
+             <title>RHEL-08-020210 - RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.</description>
+           </metadata>
+@@ -14106,7 +14329,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            <metadata>
              <title>RHEL-08-020220 - RHEL 8 must be configured in the password-auth file to prohibit password reuse for a minimum of five generations.</title>
              <affected family="unix">
@@ -38310,7 +25880,47 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.
  
-@@ -13959,7 +14194,8 @@ Note that manual changes to the listed files may be overwritten by the "authsele
+@@ -14124,7 +14348,8 @@ Note that manual changes to the listed files may be overwritten by the "authsele
+           <metadata>
+             <title>RHEL-08-020230 - RHEL 8 passwords must have a minimum of 15 characters.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
+ 
+@@ -14144,7 +14369,8 @@ The DoD minimum password requirement is 15 characters.</description>
+           <metadata>
+             <title>RHEL-08-020280 - All RHEL 8 passwords must contain at least one special character.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -14160,7 +14386,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+           <metadata>
+             <title>RHEL-08-020290 - RHEL 8 must prohibit the use of cached authentications after one day.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>If cached authentication information is out-of-date, the validity of the authentication information may be questionable.
+ 
+@@ -14174,7 +14401,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
+           <metadata>
+             <title>RHEL-08-020340 - RHEL 8 must display the date and time of the last successful account logon upon logon.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Providing users with feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.</description>
+           </metadata>
+@@ -14186,7 +14414,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
            <metadata>
              <title>RHEL-08-030070 - RHEL 8 audit logs must have a mode of 0600 or less permissive to prevent unauthorized read access.</title>
              <affected family="unix">
@@ -38320,7 +25930,97 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -13975,7 +14211,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+@@ -14202,7 +14431,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           <metadata>
+             <title>RHEL-08-040021 - RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -14218,7 +14448,8 @@ The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data li
+           <metadata>
+             <title>RHEL-08-040022 - RHEL 8 must disable the controller area network (CAN) protocol.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -14234,7 +14465,8 @@ The Controller Area Network (CAN) is a serial communications protocol, which was
+           <metadata>
+             <title>RHEL-08-040023 - RHEL 8 must disable the stream control transmission protocol (SCTP).</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -14250,7 +14482,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
+           <metadata>
+             <title>RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -14266,7 +14499,8 @@ The Transparent Inter-Process Communication (TIPC) protocol is designed to provi
+           <metadata>
+             <title>RHEL-08-040025 - RHEL 8 must disable mounting of cramfs.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -14282,7 +14516,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
+           <metadata>
+             <title>RHEL-08-040026 - RHEL 8 must disable IEEE 1394 (FireWire) Support.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -14296,7 +14531,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
+           <metadata>
+             <title>RHEL-08-040080 - RHEL 8 must be configured to disable USB mass storage.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity.
+ 
+@@ -14310,7 +14546,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163</description>
+           <metadata>
+             <title>RHEL-08-040111 - RHEL 8 Bluetooth must be disabled.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Without protection of communications with wireless peripherals, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read, altered, or used to compromise the RHEL 8 operating system.
+ 
+@@ -14326,7 +14563,8 @@ Protecting the confidentiality and integrity of communications with wireless per
+           <metadata>
+             <title>RHEL-08-010159 - The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -14342,7 +14580,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            <metadata>
              <title>RHEL-08-020102 - RHEL 8 systems below version 8.4 must ensure the password complexity module in the system-auth file is configured for three retries or less.</title>
              <affected family="unix">
@@ -38330,7 +26030,17 @@ index a6e6e2c0b..67788580d 100644
              </affected>
              <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
  
-@@ -14092,15 +14329,15 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+@@ -14360,7 +14599,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+           <metadata>
+             <title>RHEL-08-020035 - RHEL 8 must terminate idle user sessions.</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <description>Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.</description>
+           </metadata>
+@@ -14588,15 +14828,15 @@ By limiting the number of attempts to meet the pwquality module complexity requi
            <object object_ref="oval:mil.disa.stig.rhel8:obj:10501" />
            <state state_ref="oval:mil.disa.stig.rhel8:ste:10500" />
          </textfilecontent54_test>
@@ -38349,7 +26059,7 @@ index a6e6e2c0b..67788580d 100644
            <object object_ref="oval:mil.disa.stig.rhel8:obj:10602" />
          </file_test>
          <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="/boot/grub2/grub.cfg:superusers exists and has a name." id="oval:mil.disa.stig.rhel8:tst:10700" version="1">
-@@ -15677,18 +15914,18 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+@@ -16399,18 +16639,18 @@ By limiting the number of attempts to meet the pwquality module complexity requi
            <pattern operation="pattern match">^\s*SHA_CRYPT_MAX_ROUNDS\s+(\d+)\b</pattern>
            <instance datatype="int" operation="greater than or equal">1</instance>
          </textfilecontent54_object>
@@ -38374,11 +26084,21 @@ index a6e6e2c0b..67788580d 100644
          </file_object>
          <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" comment="/boot/grub2/grub.cfg:superusers" id="oval:mil.disa.stig.rhel8:obj:10700" version="1">
            <filepath datatype="string">/boot/grub2/grub.cfg</filepath>
-diff --git a/shared/references/disa-stig-rhel8-v1r11-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v1r11-xccdf-manual.xml
-index 403903215..c192556f6 100644
---- a/shared/references/disa-stig-rhel8-v1r11-xccdf-manual.xml
-+++ b/shared/references/disa-stig-rhel8-v1r11-xccdf-manual.xml
-@@ -376,7 +376,7 @@ SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-32877r809272_fix" /><check system=
+@@ -18909,7 +19149,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+           <metadata>
+             <title>RHEL 8 is installed</title>
+             <affected family="unix">
+-              <platform>Red Hat Enterprise Linux 8</platform>
++              <platform>Red Hat Enterprise Linux 8</platform>
++<platform>AlmaLinux 8</platform>
+             </affected>
+             <reference ref_id="cpe:/o:redhat:enterprise_linux:8" source="CPE" />
+             <description>RHEL 8 is installed</description>
+diff --git a/shared/references/disa-stig-rhel8-v1r13-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v1r13-xccdf-manual.xml
+index b9d25d9e9..3df1cb89c 100644
+--- a/shared/references/disa-stig-rhel8-v1r13-xccdf-manual.xml
++++ b/shared/references/disa-stig-rhel8-v1r13-xccdf-manual.xml
+@@ -373,7 +373,7 @@ SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-32877r809272_fix" /><check system=
  
  If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "5000", this is a finding.
  
@@ -38387,7 +26107,7 @@ index 403903215..c192556f6 100644
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -386,7 +386,7 @@ Confirm password:</fixtext><fix id="F-32878r743921_fix" /><check system="C-32903
+@@ -383,7 +383,7 @@ Confirm password:</fixtext><fix id="F-32878r743921_fix" /><check system="C-32903
  
  Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
  
@@ -38396,7 +26116,7 @@ index 403903215..c192556f6 100644
  
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
-@@ -6475,11 +6475,11 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
+@@ -6456,11 +6456,11 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
  
  Generate a new grub.cfg file with the following command:
  
@@ -38410,6 +26130,37 @@ index 403903215..c192556f6 100644
  set superusers="[someuniquestringhere]"
  export superusers
  
+diff --git a/shared/references/disa-stig-rhel9-v1r0-xccdf-scap.xml b/shared/references/disa-stig-rhel9-v1r0-xccdf-scap.xml
+index 7ed716276..d334df131 100755
+--- a/shared/references/disa-stig-rhel9-v1r0-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel9-v1r0-xccdf-scap.xml
+@@ -3244,7 +3244,7 @@ Reboot the system for the changes to take effect.</xccdf:fixtext>
+           </metadata>
+           <criteria operator="OR">
+             <criteria operator="AND">
+-              <criterion test_ref="oval:mil.disa.stig.unix:tst:10000600" comment="/boot/efi/EFI/redhat/grub.cfg exists." />
++              <criterion test_ref="oval:mil.disa.stig.unix:tst:10000600" comment="/boot/efi/EFI/almalinux/grub.cfg exists." />
+               <criteria operator="OR" comment="System is RHEL7, RHEL 8, OL7, OL8, TOSS, SLES12, SLES15, Ubuntu18, or Ubuntu20">
+                 <extend_definition definition_ref="oval:mil.disa.stig.ubuntu1804:def:1" />
+                 <extend_definition definition_ref="oval:mil.disa.stig.ubuntu2004:def:1" />
+@@ -4629,7 +4629,7 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPO
+           <object object_ref="oval:mil.disa.stig.ubuntu2004:obj:100" />
+           <state state_ref="oval:mil.disa.stig.ubuntu2004:ste:100" />
+         </textfilecontent54_test>
+-        <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" check="all" check_existence="all_exist" id="oval:mil.disa.stig.unix:tst:10000600" comment="/boot/efi/EFI/redhat/grub.cfg exists." version="1">
++        <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" check="all" check_existence="all_exist" id="oval:mil.disa.stig.unix:tst:10000600" comment="/boot/efi/EFI/almalinux/grub.cfg exists." version="1">
+           <object object_ref="oval:mil.disa.stig.unix:obj:10000600" />
+         </file_test>
+         <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" check="all" check_existence="all_exist" id="oval:mil.disa.stig.unix:tst:10000601" comment="/etc/grub2-efi.cfg exists." version="1">
+@@ -5249,7 +5249,7 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPO
+           <instance datatype="int">1</instance>
+         </textfilecontent54_object>
+         <file_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.unix:obj:10000600" version="1">
+-          <filepath datatype="string">/boot/efi/EFI/redhat/grub.cfg</filepath>
++          <filepath datatype="string">/boot/efi/EFI/almalinux/grub.cfg</filepath>
+         </file_object>
+         <file_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.unix:obj:10000601" version="1">
+           <filepath datatype="string">/etc/grub2-efi.cfg</filepath>
 diff --git a/shared/templates/accounts_password/ansible.template b/shared/templates/accounts_password/ansible.template
 index b324dc01a..6bcaeee57 100644
 --- a/shared/templates/accounts_password/ansible.template
@@ -38431,62 +26182,62 @@ index 46e98c147..d1e49f5a0 100644
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_dac_modification/ansible.template b/shared/templates/audit_rules_dac_modification/ansible.template
-index dc30ff3d3..d75b9981e 100644
+index 5a686b0b2..74a7d8c30 100644
 --- a/shared/templates/audit_rules_dac_modification/ansible.template
 +++ b/shared/templates/audit_rules_dac_modification/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_dac_modification/bash.template b/shared/templates/audit_rules_dac_modification/bash.template
-index 9b57c6656..b5b584f0a 100644
+index daee70210..ae6608360 100644
 --- a/shared/templates/audit_rules_dac_modification/bash.template
 +++ b/shared/templates/audit_rules_dac_modification/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_file_deletion_events/ansible.template b/shared/templates/audit_rules_file_deletion_events/ansible.template
-index 34d9b1bb7..54081378f 100644
+index 33b29b977..cbee8fdf7 100644
 --- a/shared/templates/audit_rules_file_deletion_events/ansible.template
 +++ b/shared/templates/audit_rules_file_deletion_events/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_file_deletion_events/bash.template b/shared/templates/audit_rules_file_deletion_events/bash.template
-index e7158afa9..02766651b 100644
+index b3eab4edb..da237aa3d 100644
 --- a/shared/templates/audit_rules_file_deletion_events/bash.template
 +++ b/shared/templates/audit_rules_file_deletion_events/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_login_events/ansible.template b/shared/templates/audit_rules_login_events/ansible.template
-index 2ccdb5483..14fc6eb85 100644
+index e62981561..4f8c1b6e5 100644
 --- a/shared/templates/audit_rules_login_events/ansible.template
 +++ b/shared/templates/audit_rules_login_events/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_login_events/bash.template b/shared/templates/audit_rules_login_events/bash.template
-index c94b10739..a7a1623c3 100644
+index e3c55b43a..0a13eabe8 100644
 --- a/shared/templates/audit_rules_login_events/bash.template
 +++ b/shared/templates/audit_rules_login_events/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  
@@ -38537,16 +26288,16 @@ index 63dfcb06c..110b94caf 100644
  ACTION_ARCH_FILTERS="-a always,exit"
  OTHER_FILTERS="-F path={{{ PATH }}}{{{ perm_x }}}"
 diff --git a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
-index b2eb8c411..ef45fb0c6 100644
+index 26ed4807d..29b415410 100644
 --- a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
 +++ b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
 +# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ # packages = audit
  
  source common.sh
- 
 diff --git a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
 index 2cfd69a19..f3c352227 100644
 --- a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
@@ -38579,22 +26330,22 @@ index bd5bb94cb..d1f68626a 100644
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
-index 18d7dbd53..0b390b835 100644
+index 9beb65537..e6da688f0 100644
 --- a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
 +++ b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
-index ff9a4f5e3..ae7f6000e 100644
+index b18223c98..e82de6427 100644
 --- a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
 +++ b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
@@ -38619,22 +26370,22 @@ index 62faac341..3461e4e29 100644
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  
 diff --git a/shared/templates/grub2_bootloader_argument/ansible.template b/shared/templates/grub2_bootloader_argument/ansible.template
-index bebe5ccbc..11d89c67b 100644
+index a573b6a1b..7011157d8 100644
 --- a/shared/templates/grub2_bootloader_argument/ansible.template
 +++ b/shared/templates/grub2_bootloader_argument/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
  # reboot = true
  # strategy = restrict
  # complexity = medium
 diff --git a/shared/templates/grub2_bootloader_argument/bash.template b/shared/templates/grub2_bootloader_argument/bash.template
-index 965f4d38e..7289a1c0c 100644
+index 7a7ba6899..ac12c1878 100644
 --- a/shared/templates/grub2_bootloader_argument/bash.template
 +++ b/shared/templates/grub2_bootloader_argument/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
  {{#
     See the OVAL template for more comments.
     Product-specific categorization should be synced across all template content types
@@ -38741,7 +26492,7 @@ index e5ce738c3..d10d44c31 100644
  
  # Adds argument with a value from kernel command line in /etc/default/grub
 diff --git a/shared/templates/kernel_module_disabled/ansible.template b/shared/templates/kernel_module_disabled/ansible.template
-index ed7727e86..a8bdafa6b 100644
+index 88e846697..a329cbe76 100644
 --- a/shared/templates/kernel_module_disabled/ansible.template
 +++ b/shared/templates/kernel_module_disabled/ansible.template
 @@ -1,4 +1,4 @@
@@ -38751,7 +26502,7 @@ index ed7727e86..a8bdafa6b 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/kernel_module_disabled/bash.template b/shared/templates/kernel_module_disabled/bash.template
-index aa9030c27..d3af51ac4 100644
+index 699c13a20..a6cf74ccd 100644
 --- a/shared/templates/kernel_module_disabled/bash.template
 +++ b/shared/templates/kernel_module_disabled/bash.template
 @@ -1,4 +1,4 @@
@@ -38772,13 +26523,13 @@ index bc678c80e..516c10ce4 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh b/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
-index 175d5c8e6..4043fc0e2 100644
+index 8a1319eed..fb20c3b4a 100644
 --- a/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
 +++ b/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_ubuntu
  
  echo > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
  echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
@@ -38833,12 +26584,12 @@ index 0ac55f51f..dd0bcddea 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/package_installed/bash.template b/shared/templates/package_installed/bash.template
-index 473feef5c..ef56a56a6 100644
+index 65c48d381..ee1e6386d 100644
 --- a/shared/templates/package_installed/bash.template
 +++ b/shared/templates/package_installed/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
  # reboot = false
  # strategy = enable
  # complexity = low
@@ -38875,24 +26626,24 @@ index 54804685b..1c4b4f3e1 100755
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh
-index 25430db03..a391a419a 100755
+index 1ba8e0cda..02f0e77e9 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh
-index b58e73893..7ad174810 100755
+index 321df77d9..756bdb524 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
@@ -38930,57 +26681,57 @@ index 203f640f5..a127500e8 100755
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh
-index 87df70e28..6ebb9ae05 100755
+index f623b6be4..8d4399023 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh
-index 0d6d82cae..2bf2df736 100755
+index c825c0b08..746d6dfa4 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh
-index 8f52d8c83..7b98fb7eb 100755
+index a8e723bee..a1e6b245c 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh
-index 93fa29a30..ff6ca3f66 100755
+index d3f639a2b..b5d757274 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh
-index 48113c1f2..e8207afb7 100755
+index d3be7ffc3..5b4b11307 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
@@ -39029,24 +26780,24 @@ index ec9296694..6bd64894b 100755
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh
-index b17eb6b74..1d9caba98 100755
+index 9dcbe0c2e..b7f6323c9 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh
-index 40939f967..cd79713a4 100755
+index dc9ea0eef..9c6694804 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
@@ -39073,7 +26824,7 @@ index abdb09c48..9cc24d061 100755
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/sebool/ansible.template b/shared/templates/sebool/ansible.template
-index d17eaee45..bf4667ece 100644
+index 53a67710f..12e9f9b3b 100644
 --- a/shared/templates/sebool/ansible.template
 +++ b/shared/templates/sebool/ansible.template
 @@ -1,4 +1,4 @@
@@ -39083,7 +26834,7 @@ index d17eaee45..bf4667ece 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/sebool/bash.template b/shared/templates/sebool/bash.template
-index 9af019254..dcab00908 100644
+index 8cf8e262d..9a8eddad1 100644
 --- a/shared/templates/sebool/bash.template
 +++ b/shared/templates/sebool/bash.template
 @@ -1,4 +1,4 @@
@@ -39093,12 +26844,12 @@ index 9af019254..dcab00908 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/service_disabled/bash.template b/shared/templates/service_disabled/bash.template
-index 27666b03b..c5305b1a9 100644
+index c8b6826b2..6bbb8eb2a 100644
 --- a/shared/templates/service_disabled/bash.template
 +++ b/shared/templates/service_disabled/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  # reboot = false
  # strategy = disable
  # complexity = low
@@ -39123,12 +26874,12 @@ index 00fd1ee2f..2d99ec854 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/sysctl/bash.template b/shared/templates/sysctl/bash.template
-index 49e4d949b..e1bb820c7 100644
+index d66b33206..f02d3bac6 100644
 --- a/shared/templates/sysctl/bash.template
 +++ b/shared/templates/sysctl/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
  # reboot = true
  # strategy = disable
  # complexity = low
@@ -39153,10 +26904,10 @@ index 25cd7432c..a415f2a38 100644
  # Correct BLS option using grubby, which is a thin wrapper around BLS operations
  grubby --update-kernel=ALL --args="{{{ ARG_NAME }}}={{{ ARG_VALUE }}}"
 diff --git a/ssg/constants.py b/ssg/constants.py
-index a2d759535..c6da43d01 100644
+index 18fbf39d3..4dfe02089 100644
 --- a/ssg/constants.py
 +++ b/ssg/constants.py
-@@ -39,6 +39,7 @@ SSG_REF_URIS = {
+@@ -40,6 +40,7 @@ SSG_REF_URIS = {
  product_directories = [
      'alinux2',
      'alinux3',
@@ -39164,7 +26915,7 @@ index a2d759535..c6da43d01 100644
      'anolis8',
      'anolis23',
      'chromium',
-@@ -194,6 +195,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
+@@ -197,6 +198,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
  FULL_NAME_TO_PRODUCT_MAPPING = {
      "Alibaba Cloud Linux 2": "alinux2",
      "Alibaba Cloud Linux 3": "alinux3",
@@ -39172,26 +26923,27 @@ index a2d759535..c6da43d01 100644
      "Anolis OS 8": "anolis8",
      "Anolis OS 23": "anolis23",
      "Chromium": "chromium",
-@@ -270,13 +272,14 @@ REFERENCES = dict(
+@@ -276,7 +278,7 @@ REFERENCES = dict(
  )
  
  
 -MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
 +MULTI_PLATFORM_LIST = ["almalinux", "rhel", "fedora", "rhv", "debian", "ubuntu",
+                        "openeuler",
                         "opensuse", "sle", "ol", "ocp", "rhcos",
-                        "example", "eks", "alinux", "uos", "anolis"]
- 
+                        "example", "eks", "alinux", "uos", "anolis", "openembedded"]
+@@ -284,6 +286,7 @@ MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
  MULTI_PLATFORM_MAPPING = {
      "multi_platform_alinux": ["alinux2", "alinux3"],
      "multi_platform_anolis": ["anolis8", "anolis23"],
 +    "multi_platform_almalinux": ["almalinux8"],
-     "multi_platform_debian": ["debian10", "debian11"],
+     "multi_platform_debian": ["debian10", "debian11", "debian12"],
      "multi_platform_example": ["example"],
      "multi_platform_eks": ["eks"],
-@@ -459,6 +462,7 @@ MAKEFILE_ID_TO_PRODUCT_MAP = {
-     'ocp': 'Red Hat OpenShift Container Platform',
+@@ -470,6 +473,7 @@ MAKEFILE_ID_TO_PRODUCT_MAP = {
      'rhcos': 'Red Hat Enterprise Linux CoreOS',
      'eks': 'Amazon Elastic Kubernetes Service',
+     'openembedded': 'OpenEmbedded',
 +    'almalinux': 'AlmaLinux',
  }
  
@@ -39240,7 +26992,7 @@ index ff0b30f03..0116294f1 100644
  # strategy = restrict
  # complexity = low
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml
-index f4f480be7..62c561f9a 100644
+index 9d0a0d087..b64b4b0fc 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@