Enable ANSSI R69 rule for AlmaLinux

SOURCES/0001-Add-AlmaLinux-8-support.patch

@@ -66,7 +66,7 @@ index 2b00bd908..4fc431b04 100644
  - ensure_gpgcheck_globally_activated
  - ensure_gpgcheck_local_packages
 diff --git a/controls/anssi.yml b/controls/anssi.yml
-index d02cd2523..54d70cfe3 100644
+index d02cd2523..deec2f8e9 100644
 --- a/controls/anssi.yml
 +++ b/controls/anssi.yml
 @@ -1238,7 +1238,7 @@ controls:
@@ -112,6 +112,30 @@ index d02cd2523..54d70cfe3 100644
  
    - id: R68
      title: Protecting stored passwords
+@@ -1411,23 +1402,14 @@ controls:
+       When the user databases are stored on a remote network service, NSS must
+       be configured to establish a secure link that allows, at minimum, to
+       authenticate the server and protect the communication channel.
+-    {{% if "rhel" in product %}}
+     notes: |-
+       A nsswitch service connecting to remote database is provided by sssd. This is checked in requirement R67.
+       Another such service is winbind which is by default configured to connect
+       securely to Samba domains.
+       Other relevant services are NIS and Hesiod. These should not be used.
+     status: automated
+-    {{% if product in ["rhel7", "rhel8"] %}}
+     rules:
+       - no_nis_in_nsswitch
+-      {{% if product == "rhel7" %}}
+-      - no_hesiod_in_nsswitch
+-      {{% endif %}}
+-    {{% endif %}}
+-    {{% else %}}
+-    status: pending
+-    {{% endif %}}
+ 
+ 
+   - id: R70
 diff --git a/controls/cis_rhel8.yml b/controls/cis_rhel8.yml
 index 48406c172..28ae0c5c2 100644
 --- a/controls/cis_rhel8.yml