diff --git a/SOURCES/0001-Add-AlmaLinux-8-support.patch b/SOURCES/0001-Add-AlmaLinux-8-support.patch index 0902f7f..86b69e9 100644 --- a/SOURCES/0001-Add-AlmaLinux-8-support.patch +++ b/SOURCES/0001-Add-AlmaLinux-8-support.patch @@ -1,50 +1,57 @@ diff --git a/CMakeLists.txt b/CMakeLists.txt -index 3e122ae2..29803a99 100644 +index ab11e31f5..66f6d60b9 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -67,6 +67,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui - # Products to build content for. These generally correspond to directories in - # the root of this project. Note that the example product is always disabled +@@ -69,6 +69,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui # unless explicitly asked for. + option(SSG_PRODUCT_ALINUX2 "If enabled, the Alibaba Cloud Linux 2 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) + option(SSG_PRODUCT_ALINUX3 "If enabled, the Alibaba Cloud Linux 3 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) +option(SSG_PRODUCT_ALMALINUX8 "If enabled, the AlmaLinux 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) + option(SSG_PRODUCT_ANOLIS8 "If enabled, the Anolis OS 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_CHROMIUM "If enabled, the Chromium SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) - option(SSG_PRODUCT_DEBIAN9 "If enabled, the Debian 9 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_DEBIAN10 "If enabled, the Debian 10 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) -@@ -272,6 +273,7 @@ message(STATUS "STIG Delta Taloring files: ${SSG_BUILD_DISA_DELTA_FILES}") - message(STATUS " ") - +@@ -267,6 +268,7 @@ message(STATUS " ") message(STATUS "Products:") + message(STATUS "Alibaba Cloud Linux 2: ${SSG_PRODUCT_ALINUX2}") + message(STATUS "Alibaba Cloud Linux 3: ${SSG_PRODUCT_ALINUX3}") +message(STATUS "AlmaLinux 8: ${SSG_PRODUCT_ALMALINUX8}") + message(STATUS "Anolis OS 8: ${SSG_PRODUCT_ANOLIS8}") message(STATUS "Chromium: ${SSG_PRODUCT_CHROMIUM}") - message(STATUS "Debian 9: ${SSG_PRODUCT_DEBIAN9}") message(STATUS "Debian 10: ${SSG_PRODUCT_DEBIAN10}") -@@ -338,6 +340,9 @@ endif() - - ssg_build_man_page() - +@@ -333,13 +335,15 @@ endif() + if (SSG_PRODUCT_ALINUX3) + add_subdirectory("products/alinux3" "alinux3") + endif() +if (SSG_PRODUCT_ALMALINUX8) + add_subdirectory("products/almalinux8" "almalinux8") +endif() + if (SSG_PRODUCT_ANOLIS8) + add_subdirectory("products/anolis8" "anolis8") + endif() if (SSG_PRODUCT_CHROMIUM) add_subdirectory("products/chromium" "chromium") endif() +- + if (SSG_PRODUCT_DEBIAN10) + add_subdirectory("products/debian10" "debian10") + endif() diff --git a/build_product b/build_product -index 1ba2e099..13413929 100755 +index fc793cbe7..bc7ab2ac8 100755 --- a/build_product +++ b/build_product -@@ -282,6 +282,7 @@ set_explict_build_targets() { - # Get this using - # grep 'option(SSG_PRODUCT' CMakeLists.txt | sed -e 's/option(SSG_PRODUCT_\(\w\+\).*/\1/' +@@ -307,6 +307,7 @@ set_explict_build_targets() { all_cmake_products=( -+ ALMALINUX8 + ALINUX2 + ALINUX3 ++ ALMALINUX8 + ANOLIS8 CHROMIUM - DEBIAN9 DEBIAN10 diff --git a/cmake/SSGCommon.cmake b/cmake/SSGCommon.cmake -index 9c2550cf..ec748556 100644 +index 6ca61cb10..adc73a09a 100644 --- a/cmake/SSGCommon.cmake +++ b/cmake/SSGCommon.cmake -@@ -900,7 +900,7 @@ macro(ssg_build_product PRODUCT) +@@ -751,7 +751,7 @@ macro(ssg_build_product PRODUCT) add_dependencies(html-stats ${PRODUCT}-html-stats) add_dependencies(html-profile-stats ${PRODUCT}-html-profile-stats) @@ -54,60 +61,59 @@ index 9c2550cf..ec748556 100644 add_dependencies(${PRODUCT} generate-ssg-delta-${PRODUCT}-stig) endif() diff --git a/controls/anssi.yml b/controls/anssi.yml -index 5c3d5f34..960aecff 100644 +index 9e631d1de..2961e1526 100644 --- a/controls/anssi.yml +++ b/controls/anssi.yml -@@ -198,7 +198,7 @@ controls: - levels: - - intermediary - title: Partitioning type -- notes: >- -+ notes: >- - The rule for the /proc file system is not implemented - status: partial - rules: -@@ -293,7 +293,7 @@ controls: +@@ -297,7 +297,7 @@ controls: - ensure_gpgcheck_never_disabled - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - ensure_oracle_gpgkey_installed + - ensure_suse_gpgkey_installed - - id: R16 -@@ -584,7 +584,7 @@ controls: - - sysctl_kernel_perf_event_max_sample_rate - - sysctl_kernel_perf_cpu_time_max_percent - -- -+ - - id: R24 - levels: - - enhanced diff --git a/controls/cis_rhel8.yml b/controls/cis_rhel8.yml -index 005c94c0..94241308 100644 +index efc53d03f..254c5f0e4 100644 --- a/controls/cis_rhel8.yml +++ b/controls/cis_rhel8.yml -@@ -283,7 +283,7 @@ controls: +@@ -349,7 +349,7 @@ controls: - l1_workstation status: manual related_rules: - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - - id: 1.2.4 + - id: 1.2.3 title: Ensure gpgcheck is globally activated (Automated) -@@ -1752,7 +1752,7 @@ controls: - # NEEDS RULE - # The current sshd_enable_warning_banner rule uses /etc/issue instead - # of the /etc/issue.net that the benchmark expects. -- # -+ # - - id: 5.2.15 - title: Ensure SSH warning banner is configured (Automated) - levels: +diff --git a/controls/cis_rhel9.yml b/controls/cis_rhel9.yml +index 30f7e8d18..1ff31a0c7 100644 +--- a/controls/cis_rhel9.yml ++++ b/controls/cis_rhel9.yml +@@ -304,7 +304,7 @@ controls: + - l1_workstation + status: manual + related_rules: +- - ensure_redhat_gpgkey_installed ++ - ensure_almalinux_gpgkey_installed + + - id: 1.2.2 + title: Ensure gpgcheck is globally activated (Automated) +diff --git a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml +index ba143b86b..903a00ac5 100644 +--- a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml ++++ b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml +@@ -13,7 +13,7 @@ controls: + - ensure_gpgcheck_local_packages + - ensure_gpgcheck_never_disabled + {{% if 'rhel' in product %}} +- - ensure_redhat_gpgkey_installed ++ - ensure_almalinux_gpgkey_installed + {{% endif %}} + + status: automated diff --git a/linux_os/guide/services/avahi/avahi_configuration/avahi_check_ttl/rule.yml b/linux_os/guide/services/avahi/avahi_configuration/avahi_check_ttl/rule.yml -index 14ea150a..0f9407b4 100644 +index 14ea150a7..0f9407b40 100644 --- a/linux_os/guide/services/avahi/avahi_configuration/avahi_check_ttl/rule.yml +++ b/linux_os/guide/services/avahi/avahi_configuration/avahi_check_ttl/rule.yml @@ -1,6 +1,6 @@ @@ -119,7 +125,7 @@ index 14ea150a..0f9407b4 100644 title: 'Check Avahi Responses'' TTL Field' diff --git a/linux_os/guide/services/avahi/avahi_configuration/avahi_ip_only/rule.yml b/linux_os/guide/services/avahi/avahi_configuration/avahi_ip_only/rule.yml -index 36bb0308..949fda55 100644 +index 36bb0308b..949fda551 100644 --- a/linux_os/guide/services/avahi/avahi_configuration/avahi_ip_only/rule.yml +++ b/linux_os/guide/services/avahi/avahi_configuration/avahi_ip_only/rule.yml @@ -1,6 +1,6 @@ @@ -131,7 +137,7 @@ index 36bb0308..949fda55 100644 title: 'Serve Avahi Only via Required Protocol' diff --git a/linux_os/guide/services/avahi/avahi_configuration/avahi_prevent_port_sharing/rule.yml b/linux_os/guide/services/avahi/avahi_configuration/avahi_prevent_port_sharing/rule.yml -index 69c83eef..a7d9e163 100644 +index 69c83eef5..a7d9e163b 100644 --- a/linux_os/guide/services/avahi/avahi_configuration/avahi_prevent_port_sharing/rule.yml +++ b/linux_os/guide/services/avahi/avahi_configuration/avahi_prevent_port_sharing/rule.yml @@ -1,6 +1,6 @@ @@ -143,7 +149,7 @@ index 69c83eef..a7d9e163 100644 title: 'Prevent Other Programs from Using Avahi''s Port' diff --git a/linux_os/guide/services/avahi/avahi_configuration/avahi_restrict_published_information/rule.yml b/linux_os/guide/services/avahi/avahi_configuration/avahi_restrict_published_information/rule.yml -index 0db51bd1..b7cf62ec 100644 +index 0db51bd1b..b7cf62ece 100644 --- a/linux_os/guide/services/avahi/avahi_configuration/avahi_restrict_published_information/rule.yml +++ b/linux_os/guide/services/avahi/avahi_configuration/avahi_restrict_published_information/rule.yml @@ -1,6 +1,6 @@ @@ -155,19 +161,19 @@ index 0db51bd1..b7cf62ec 100644 title: 'Restrict Information Published by Avahi' diff --git a/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml b/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml -index 2d30e4c2..7cb54017 100644 +index 6d5ebf540..05970eafa 100644 --- a/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml +++ b/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Avahi Server Software' diff --git a/linux_os/guide/services/base/package_abrt_removed/rule.yml b/linux_os/guide/services/base/package_abrt_removed/rule.yml -index 1c823d79..49db8255 100644 +index 1c823d798..49db82556 100644 --- a/linux_os/guide/services/base/package_abrt_removed/rule.yml +++ b/linux_os/guide/services/base/package_abrt_removed/rule.yml @@ -1,6 +1,6 @@ @@ -188,7 +194,7 @@ index 1c823d79..49db8255 100644 {{{ complete_ocil_entry_package(package="abrt") }}} diff --git a/linux_os/guide/services/base/package_psacct_installed/rule.yml b/linux_os/guide/services/base/package_psacct_installed/rule.yml -index b5a0e717..0b6a33ff 100644 +index b5a0e7174..0b6a33ff6 100644 --- a/linux_os/guide/services/base/package_psacct_installed/rule.yml +++ b/linux_os/guide/services/base/package_psacct_installed/rule.yml @@ -1,6 +1,6 @@ @@ -200,19 +206,19 @@ index b5a0e717..0b6a33ff 100644 title: 'Install the psacct package' diff --git a/linux_os/guide/services/base/service_abrtd_disabled/rule.yml b/linux_os/guide/services/base/service_abrtd_disabled/rule.yml -index eb9cbc32..c1c37672 100644 +index 38557afea..7f96c4cd3 100644 --- a/linux_os/guide/services/base/service_abrtd_disabled/rule.yml +++ b/linux_os/guide/services/base/service_abrtd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8 +-prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,uos20 ++prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,uos20 title: 'Disable Automatic Bug Reporting Tool (abrtd)' diff --git a/linux_os/guide/services/base/service_acpid_disabled/rule.yml b/linux_os/guide/services/base/service_acpid_disabled/rule.yml -index cc474092..7a910128 100644 +index 51894a447..8435eba24 100644 --- a/linux_os/guide/services/base/service_acpid_disabled/rule.yml +++ b/linux_os/guide/services/base/service_acpid_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -224,7 +230,7 @@ index cc474092..7a910128 100644 title: 'Disable Advanced Configuration and Power Interface (acpid)' diff --git a/linux_os/guide/services/base/service_certmonger_disabled/rule.yml b/linux_os/guide/services/base/service_certmonger_disabled/rule.yml -index 095ff4a2..3cb513e8 100644 +index f7813a663..a7de82ff1 100644 --- a/linux_os/guide/services/base/service_certmonger_disabled/rule.yml +++ b/linux_os/guide/services/base/service_certmonger_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -236,7 +242,7 @@ index 095ff4a2..3cb513e8 100644 title: 'Disable Certmonger Service (certmonger)' diff --git a/linux_os/guide/services/base/service_cockpit_disabled/rule.yml b/linux_os/guide/services/base/service_cockpit_disabled/rule.yml -index 95232c12..0ac38103 100644 +index dcf0885f1..3a7bd94b7 100644 --- a/linux_os/guide/services/base/service_cockpit_disabled/rule.yml +++ b/linux_os/guide/services/base/service_cockpit_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -248,7 +254,7 @@ index 95232c12..0ac38103 100644 title: 'Disable Cockpit Management Server' diff --git a/linux_os/guide/services/base/service_cpupower_disabled/rule.yml b/linux_os/guide/services/base/service_cpupower_disabled/rule.yml -index 3328abe3..c4221608 100644 +index 39b7cde75..f24b42210 100644 --- a/linux_os/guide/services/base/service_cpupower_disabled/rule.yml +++ b/linux_os/guide/services/base/service_cpupower_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -260,7 +266,7 @@ index 3328abe3..c4221608 100644 title: 'Disable CPU Speed (cpupower)' diff --git a/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda b/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda -index 1f6a233e..9f3a4d6b 100644 +index 1f6a233ed..9f3a4d6b4 100644 --- a/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda +++ b/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda @@ -1,3 +1,3 @@ @@ -269,14 +275,14 @@ index 1f6a233e..9f3a4d6b 100644 kdump --disable diff --git a/linux_os/guide/services/base/service_kdump_disabled/rule.yml b/linux_os/guide/services/base/service_kdump_disabled/rule.yml -index 81d24c22..16792f7b 100644 +index 80fe7b688..1aa2d2a63 100644 --- a/linux_os/guide/services/base/service_kdump_disabled/rule.yml +++ b/linux_os/guide/services/base/service_kdump_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable KDump Kernel Crash Analyzer (kdump)' @@ -290,7 +296,7 @@ index 81d24c22..16792f7b 100644 stigid@sle15: SLES-15-040190 stigid@ubuntu2004: UBTU-20-010413 diff --git a/linux_os/guide/services/base/service_mdmonitor_disabled/rule.yml b/linux_os/guide/services/base/service_mdmonitor_disabled/rule.yml -index 04a7fb5d..728f96cf 100644 +index e8a285d1f..c60c2615d 100644 --- a/linux_os/guide/services/base/service_mdmonitor_disabled/rule.yml +++ b/linux_os/guide/services/base/service_mdmonitor_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -302,7 +308,7 @@ index 04a7fb5d..728f96cf 100644 title: 'Disable Software RAID Monitor (mdmonitor)' diff --git a/linux_os/guide/services/base/service_netconsole_disabled/rule.yml b/linux_os/guide/services/base/service_netconsole_disabled/rule.yml -index 19ffe27e..b4231f8b 100644 +index 2e45b969e..4a710b4a2 100644 --- a/linux_os/guide/services/base/service_netconsole_disabled/rule.yml +++ b/linux_os/guide/services/base/service_netconsole_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -314,31 +320,31 @@ index 19ffe27e..b4231f8b 100644 title: 'Disable Network Console (netconsole)' diff --git a/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml b/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml -index 12d26e4e..e9b7bdac 100644 +index 2d3189bc1..1453bf488 100644 --- a/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml +++ b/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9 +-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20 ++prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,uos20 title: 'Disable ntpdate Service (ntpdate)' diff --git a/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml b/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml -index 77f7e4f4..e68dfa7f 100644 +index ffa0e5d82..4c2d7995b 100644 --- a/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml +++ b/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9 +-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20 ++prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,uos20 title: 'Disable Odd Job Daemon (oddjobd)' diff --git a/linux_os/guide/services/base/service_portreserve_disabled/rule.yml b/linux_os/guide/services/base/service_portreserve_disabled/rule.yml -index fceb228b..3819ac65 100644 +index 6539144f3..9e06c22bf 100644 --- a/linux_os/guide/services/base/service_portreserve_disabled/rule.yml +++ b/linux_os/guide/services/base/service_portreserve_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -350,7 +356,7 @@ index fceb228b..3819ac65 100644 title: 'Disable Portreserve (portreserve)' diff --git a/linux_os/guide/services/base/service_psacct_enabled/rule.yml b/linux_os/guide/services/base/service_psacct_enabled/rule.yml -index fa34b99f..a1264aca 100644 +index 591897122..ec402d363 100644 --- a/linux_os/guide/services/base/service_psacct_enabled/rule.yml +++ b/linux_os/guide/services/base/service_psacct_enabled/rule.yml @@ -1,6 +1,6 @@ @@ -362,20 +368,20 @@ index fa34b99f..a1264aca 100644 title: 'Enable Process Accounting (psacct)' diff --git a/linux_os/guide/services/base/service_qpidd_disabled/rule.yml b/linux_os/guide/services/base/service_qpidd_disabled/rule.yml -index ecdd76ec..a87c33b7 100644 +index c71ce1b23..89a39a7c1 100644 --- a/linux_os/guide/services/base/service_qpidd_disabled/rule.yml +++ b/linux_os/guide/services/base/service_qpidd_disabled/rule.yml @@ -1,7 +1,7 @@ documentation_complete: true # package is unlikely to appear on a RHEL9 system, don't extend to RHEL10 --prodtype: ol7,ol8,rhel7,rhel8,rhel9 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9 +-prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20 ++prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,uos20 title: 'Disable Apache Qpid (qpidd)' diff --git a/linux_os/guide/services/base/service_quota_nld_disabled/rule.yml b/linux_os/guide/services/base/service_quota_nld_disabled/rule.yml -index a04bd5ce..3e9aa353 100644 +index 604f053c0..be4a9ca10 100644 --- a/linux_os/guide/services/base/service_quota_nld_disabled/rule.yml +++ b/linux_os/guide/services/base/service_quota_nld_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -387,19 +393,19 @@ index a04bd5ce..3e9aa353 100644 title: 'Disable Quota Netlink (quota_nld)' diff --git a/linux_os/guide/services/base/service_rdisc_disabled/rule.yml b/linux_os/guide/services/base/service_rdisc_disabled/rule.yml -index 37cc6549..593318ef 100644 +index 7ca16e386..1a896bc13 100644 --- a/linux_os/guide/services/base/service_rdisc_disabled/rule.yml +++ b/linux_os/guide/services/base/service_rdisc_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9 +-prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20 ++prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,uos20 title: 'Disable Network Router Discovery Daemon (rdisc)' diff --git a/linux_os/guide/services/base/service_rhnsd_disabled/rule.yml b/linux_os/guide/services/base/service_rhnsd_disabled/rule.yml -index c46674a2..c44afdd1 100644 +index 41571146d..55cccff87 100644 --- a/linux_os/guide/services/base/service_rhnsd_disabled/rule.yml +++ b/linux_os/guide/services/base/service_rhnsd_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -411,7 +417,7 @@ index c46674a2..c44afdd1 100644 title: 'Disable Red Hat Network Service (rhnsd)' diff --git a/linux_os/guide/services/base/service_rhsmcertd_disabled/rule.yml b/linux_os/guide/services/base/service_rhsmcertd_disabled/rule.yml -index 93240d9b..e1ea7a80 100644 +index 022d1c20c..4498e4b66 100644 --- a/linux_os/guide/services/base/service_rhsmcertd_disabled/rule.yml +++ b/linux_os/guide/services/base/service_rhsmcertd_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -423,7 +429,7 @@ index 93240d9b..e1ea7a80 100644 title: 'Disable Red Hat Subscription Manager Daemon (rhsmcertd)' diff --git a/linux_os/guide/services/base/service_saslauthd_disabled/rule.yml b/linux_os/guide/services/base/service_saslauthd_disabled/rule.yml -index d6409183..f802628e 100644 +index d9bda04aa..107c30636 100644 --- a/linux_os/guide/services/base/service_saslauthd_disabled/rule.yml +++ b/linux_os/guide/services/base/service_saslauthd_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -435,7 +441,7 @@ index d6409183..f802628e 100644 title: 'Disable Cyrus SASL Authentication Daemon (saslauthd)' diff --git a/linux_os/guide/services/base/service_sysstat_disabled/rule.yml b/linux_os/guide/services/base/service_sysstat_disabled/rule.yml -index be42e5dd..b3af30ca 100644 +index c35775de9..926651cdb 100644 --- a/linux_os/guide/services/base/service_sysstat_disabled/rule.yml +++ b/linux_os/guide/services/base/service_sysstat_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -447,7 +453,7 @@ index be42e5dd..b3af30ca 100644 title: 'Disable System Statistics Reset Service (sysstat)' diff --git a/linux_os/guide/services/cron_and_at/disable_anacron/rule.yml b/linux_os/guide/services/cron_and_at/disable_anacron/rule.yml -index 93206153..0ac567a3 100644 +index 932061531..0ac567a3d 100644 --- a/linux_os/guide/services/cron_and_at/disable_anacron/rule.yml +++ b/linux_os/guide/services/cron_and_at/disable_anacron/rule.yml @@ -1,6 +1,6 @@ @@ -459,331 +465,331 @@ index 93206153..0ac567a3 100644 title: 'Disable anacron Service' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml -index 477e0e45..e103fe85 100644 +index b56d06eae..ed3d360ec 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns cron.d' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml -index 029e9657..20ad74e1 100644 +index 909b41757..426653836 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns cron.daily' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml -index 9d0902f9..30d46124 100644 +index 16c756978..cd5a1c8af 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns cron.hourly' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml -index a20878d7..e697560e 100644 +index 2840534a5..c52cfa416 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns cron.monthly' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml -index 710a88f7..d913e3cd 100644 +index c9e039124..565e90315 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns cron.weekly' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml -index e14e78ad..2de486fd 100644 +index 277c9c9d9..ebb887560 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns Crontab' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml -index 8e0659f0..645dfaad 100644 +index c941caa5c..4c7e19288 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Owner on cron.d' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml -index e0380966..8d8cb832 100644 +index d0a6675fa..0f18f4bcf 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Owner on cron.daily' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml -index e4b9e57f..fd8fe7eb 100644 +index 65b3ba05a..eecd6f911 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Owner on cron.hourly' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml -index ceaa0424..4f8abe13 100644 +index f72fb065e..2ed480296 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Owner on cron.monthly' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml -index 20185169..f28ea4b0 100644 +index 80175dcca..7012c71b7 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Owner on cron.weekly' diff --git a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml -index 7f54d498..6e77f9d7 100644 +index 3df7aba3f..908b6acef 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Owner on crontab' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml -index a45701d1..7bced050 100644 +index e15a2f68b..6d8e81070 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on cron.d' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml -index 77c847f1..2a9f3d11 100644 +index ce3f09ada..69cfe8c2b 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on cron.daily' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml -index bb419f05..2db51c7f 100644 +index fc59dfe62..b2ead4699 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on cron.hourly' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml -index 20f35979..3a9a0eb9 100644 +index 1c78762ca..c98499508 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on cron.monthly' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml -index 164e724f..2661d33a 100644 +index 476a3125f..9defb4c81 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on cron.weekly' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml -index 7be734c2..c5329e50 100644 +index 9d344b64b..2caa8ee03 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on crontab' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml -index 681f009c..2ab097ff 100644 +index 51e2d97b1..4b728ad78 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhel7,rhel8,rhel9 -+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9 +-prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204 title: 'Ensure that /etc/at.deny does not exist' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml -index e03812bc..df09d43b 100644 +index 132288177..e9452eac9 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhel7,rhel8,rhel9,sle15 -+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,sle15 +-prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204 title: 'Ensure that /etc/cron.deny does not exist' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml -index 1fc8763a..30f03d6d 100644 +index 6a1eff2d2..69e3e3968 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8,rhel9,sle12,sle15,ubuntu2004 -+prodtype: rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns /etc/at.allow file' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml -index 77066c6c..49467074 100644 +index a74bf116b..4cb408f2e 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: alinux2,alinux3,anolis8,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns /etc/cron.allow file' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml -index 3d4f9996..79523128 100644 +index ed08e6442..4da838ae5 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: alinux2,alinux3,anolis8,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify User Who Owns /etc/cron.allow file' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml -index 8da1a95a..c854e9f8 100644 +index da7a2286e..b7bbc4916 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8,rhel9,sle12,sle15,ubuntu2004 -+prodtype: rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on /etc/at.allow file' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml -index 33ebca60..8b3a62ee 100644 +index 42275f213..6a6f8b778 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on /etc/cron.allow file' diff --git a/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml b/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml -index f710f01e..2a19ca89 100644 +index 91f458db0..0c72c1314 100644 --- a/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml +++ b/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9 +-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,uos20 title: 'Disable At Service (atd)' diff --git a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml -index dffcf36a..1b4e7a92 100644 +index ec390e36c..4d73d6d4a 100644 --- a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml +++ b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 +-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Enable cron Service' diff --git a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_configure_logging/rule.yml b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_configure_logging/rule.yml -index 6baf9026..81a9ad03 100644 +index 6baf90263..81a9ad03d 100644 --- a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_configure_logging/rule.yml +++ b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_configure_logging/rule.yml @@ -1,6 +1,6 @@ @@ -795,7 +801,7 @@ index 6baf9026..81a9ad03 100644 title: 'Configure Logging' diff --git a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_bootp/rule.yml b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_bootp/rule.yml -index 1d825698..8c28acb9 100644 +index 1d825698a..8c28acb91 100644 --- a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_bootp/rule.yml +++ b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_bootp/rule.yml @@ -1,6 +1,6 @@ @@ -807,7 +813,7 @@ index 1d825698..8c28acb9 100644 title: 'Deny BOOTP Queries' diff --git a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_decline/rule.yml b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_decline/rule.yml -index 4b0fa9a5..f50fe476 100644 +index 4b0fa9a59..f50fe476f 100644 --- a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_decline/rule.yml +++ b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_deny_decline/rule.yml @@ -1,6 +1,6 @@ @@ -819,7 +825,7 @@ index 4b0fa9a5..f50fe476 100644 title: 'Deny Decline Messages' diff --git a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_disable_ddns/rule.yml b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_disable_ddns/rule.yml -index e9cdf799..71db5eef 100644 +index e9cdf7996..71db5eef0 100644 --- a/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_disable_ddns/rule.yml +++ b/linux_os/guide/services/dhcp/dhcp_server_configuration/dhcp_server_disable_ddns/rule.yml @@ -1,6 +1,6 @@ @@ -831,7 +837,7 @@ index e9cdf799..71db5eef 100644 title: 'Do Not Use Dynamic DNS' diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_client/sysconfig_networking_bootproto_ifcfg/rule.yml b/linux_os/guide/services/dhcp/disabling_dhcp_client/sysconfig_networking_bootproto_ifcfg/rule.yml -index 6c9c0b02..bda84dff 100644 +index 6c9c0b02b..bda84dff8 100644 --- a/linux_os/guide/services/dhcp/disabling_dhcp_client/sysconfig_networking_bootproto_ifcfg/rule.yml +++ b/linux_os/guide/services/dhcp/disabling_dhcp_client/sysconfig_networking_bootproto_ifcfg/rule.yml @@ -1,6 +1,6 @@ @@ -843,55 +849,55 @@ index 6c9c0b02..bda84dff 100644 title: 'Disable DHCP Client in ifcfg' diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml b/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml -index e5a25eef..4b5f8de1 100644 +index 9fd433b7c..dd24372ff 100644 --- a/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml +++ b/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall DHCP Server Package' diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml b/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml -index 79a554aa..e0f3407a 100644 +index 356f23677..af3333626 100644 --- a/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml +++ b/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle15 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Disable DHCP Service' diff --git a/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml b/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml -index d973c70d..ef687b87 100644 +index eed8c2545..0ebd8cc7a 100644 --- a/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml +++ b/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204,uos20 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204,uos20 title: 'Uninstall bind Package' diff --git a/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml b/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml -index ad48971c..55a47e6c 100644 +index ce858b1d8..1beccd391 100644 --- a/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml +++ b/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle15 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Disable named Service' diff --git a/linux_os/guide/services/dns/dns_server_protection/dns_server_authenticate_zone_transfers/rule.yml b/linux_os/guide/services/dns/dns_server_protection/dns_server_authenticate_zone_transfers/rule.yml -index f8220f53..239b7f2e 100644 +index f8220f537..239b7f2e7 100644 --- a/linux_os/guide/services/dns/dns_server_protection/dns_server_authenticate_zone_transfers/rule.yml +++ b/linux_os/guide/services/dns/dns_server_protection/dns_server_authenticate_zone_transfers/rule.yml @@ -1,6 +1,6 @@ @@ -903,7 +909,7 @@ index f8220f53..239b7f2e 100644 title: 'Authenticate Zone Transfers' diff --git a/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_dynamic_updates/rule.yml b/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_dynamic_updates/rule.yml -index 175cc987..a271f9e8 100644 +index 175cc9872..a271f9e87 100644 --- a/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_dynamic_updates/rule.yml +++ b/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_dynamic_updates/rule.yml @@ -1,6 +1,6 @@ @@ -915,7 +921,7 @@ index 175cc987..a271f9e8 100644 title: 'Disable Dynamic Updates' diff --git a/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_zone_transfers/rule.yml b/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_zone_transfers/rule.yml -index 05aa2344..8c441644 100644 +index 05aa23441..8c4416440 100644 --- a/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_zone_transfers/rule.yml +++ b/linux_os/guide/services/dns/dns_server_protection/dns_server_disable_zone_transfers/rule.yml @@ -1,6 +1,6 @@ @@ -926,42 +932,81 @@ index 05aa2344..8c441644 100644 title: 'Disable Zone Transfers from the Nameserver' +diff --git a/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml b/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml +index 52c640e85..4875f4042 100644 +--- a/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml ++++ b/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: ol8,ol9,rhel8,rhel9 ++prodtype: ol8,ol9,rhel8,almalinux8,rhel9 + + title: 'Configure Fapolicy Module to Employ a Deny-all, Permit-by-exception Policy to Allow the Execution of Authorized Software Programs.' + +@@ -26,7 +26,7 @@ references: + nist: CM-7 (2),CM-7 (5) (b),CM-6 b + srg: SRG-OS-000368-GPOS-00154,SRG-OS-000370-GPOS-00155,SRG-OS-000480-GPOS-00232 + stigid@ol8: OL08-00-040137 +- stigid@rhel8: RHEL-08-040137 ++ stigid@almalinux8: RHEL-08-040137 + + ocil_clause: 'fapolicyd is not running in enforcement mode with a deny-all, permit-by-exception policy' + +@@ -41,7 +41,7 @@ ocil: |- + + Check that fapolicyd employs a deny-all policy on system mounts with the following commands: + +- {{%- if product in ["ol8", "rhel8"] %}} ++ {{%- if product in ["ol8", "rhel8", "almalinux8"] %}} + {{% set product_short_name = "OL" if "ol" in product else "RHEL" %}} + For {{{ product_short_name }}} 8.5 systems and older: + $ sudo tail /etc/fapolicyd/fapolicyd.rules +@@ -61,7 +61,7 @@ fixtext: |- + + permissive = 1 + +- {{%- if product in ["ol8", "rhel8"] %}} ++ {{%- if product in ["ol8", "rhel8", "almalinux8"] %}} + For {{{ product_short_name }}} 8.5 systems and older: + Build the whitelist in the "/etc/fapolicyd/fapolicyd.rules" file ensuring the last rule is "deny perm=any all : all". + diff --git a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml -index e3fd65ec..93777b3d 100644 +index febad1cc8..4c1608be6 100644 --- a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml +++ b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol8,rhcos4,rhel8,rhel9 -+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9 +-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9 ++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9 title: 'Install fapolicyd Package' @@ -23,7 +23,7 @@ references: nist: CM-6(a),SI-4(22) - srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154 + srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230 stigid@ol8: OL08-00-040135 - stigid@rhel8: RHEL-08-040135 + stigid@almalinux8: RHEL-08-040135 - ocil_clause: 'the package is not installed' + ocil_clause: 'the fapolicyd package is not installed' diff --git a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml -index 35e7b5cd..411951b5 100644 +index 57e01f723..f1efa8bba 100644 --- a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml +++ b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol8,rhcos4,rhel8,rhel9 -+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9 +-prodtype: ol8,ol9,rhcos4,rhel8,rhel9 ++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9 title: 'Enable the File Access Policy Service' @@ -25,7 +25,7 @@ references: ospp: FMT_SMF_EXT.1 - srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154 + srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230 stigid@ol8: OL08-00-040136 - stigid@rhel8: RHEL-08-040136 + stigid@almalinux8: RHEL-08-040136 @@ -969,18 +1014,18 @@ index 35e7b5cd..411951b5 100644 ocil_clause: 'the service is not enabled' diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml -index 0b69920d..32d9ba12 100644 +index 1995163a1..9bb06ebdd 100644 --- a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml +++ b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall vsftpd Package' -@@ -36,7 +36,7 @@ references: +@@ -40,7 +40,7 @@ references: stigid@ol7: OL07-00-040690 stigid@ol8: OL08-00-040360 stigid@rhel7: RHEL-07-040690 @@ -990,19 +1035,19 @@ index 0b69920d..32d9ba12 100644 stigid@sle15: SLES-15-010030 diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml -index bdd7f045..d613b728 100644 +index bd77bb3f1..bb251d133 100644 --- a/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml +++ b/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle15 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Disable vsftpd Service' diff --git a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_disable_uploads/rule.yml b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_disable_uploads/rule.yml -index f94beaf6..72143561 100644 +index f94beaf66..72143561f 100644 --- a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_disable_uploads/rule.yml +++ b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_disable_uploads/rule.yml @@ -1,6 +1,6 @@ @@ -1014,7 +1059,7 @@ index f94beaf6..72143561 100644 title: 'Disable FTP Uploads if Possible' diff --git a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_home_partition/rule.yml b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_home_partition/rule.yml -index 62818647..6c59fe87 100644 +index 628186475..6c59fe879 100644 --- a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_home_partition/rule.yml +++ b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_home_partition/rule.yml @@ -1,6 +1,6 @@ @@ -1026,7 +1071,7 @@ index 62818647..6c59fe87 100644 title: 'Place the FTP Home Directory on its Own Partition' diff --git a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_log_transactions/rule.yml b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_log_transactions/rule.yml -index 3f9a0e0d..04625628 100644 +index 3f9a0e0d4..04625628a 100644 --- a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_log_transactions/rule.yml +++ b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_log_transactions/rule.yml @@ -1,6 +1,6 @@ @@ -1038,7 +1083,7 @@ index 3f9a0e0d..04625628 100644 title: 'Enable Logging of All FTP Transactions' diff --git a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_present_banner/rule.yml b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_present_banner/rule.yml -index 3cacb857..0ce945f0 100644 +index 3cacb8574..0ce945f0c 100644 --- a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_present_banner/rule.yml +++ b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_present_banner/rule.yml @@ -1,6 +1,6 @@ @@ -1050,7 +1095,7 @@ index 3cacb857..0ce945f0 100644 title: 'Create Warning Banners for All FTP Users' diff --git a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_restrict_users/ftp_restrict_to_anon/rule.yml b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_restrict_users/ftp_restrict_to_anon/rule.yml -index 2782961b..e74183f3 100644 +index 2782961b0..e74183f3a 100644 --- a/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_restrict_users/ftp_restrict_to_anon/rule.yml +++ b/linux_os/guide/services/ftp/ftp_configure_vsftpd/ftp_restrict_users/ftp_restrict_to_anon/rule.yml @@ -1,6 +1,6 @@ @@ -1062,7 +1107,7 @@ index 2782961b..e74183f3 100644 title: 'Restrict Access to Anonymous Users if Possible' diff --git a/linux_os/guide/services/ftp/ftp_use_vsftpd/package_vsftpd_installed/rule.yml b/linux_os/guide/services/ftp/ftp_use_vsftpd/package_vsftpd_installed/rule.yml -index 6aa51e73..289415f1 100644 +index 6aa51e736..289415f17 100644 --- a/linux_os/guide/services/ftp/ftp_use_vsftpd/package_vsftpd_installed/rule.yml +++ b/linux_os/guide/services/ftp/ftp_use_vsftpd/package_vsftpd_installed/rule.yml @@ -1,6 +1,6 @@ @@ -1074,31 +1119,31 @@ index 6aa51e73..289415f1 100644 title: 'Install vsftpd Package' diff --git a/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml b/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml -index 13297588..33c7f7fd 100644 +index 7462b9c7f..0fc804eda 100644 --- a/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml +++ b/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall httpd Package' diff --git a/linux_os/guide/services/http/disabling_httpd/service_httpd_disabled/rule.yml b/linux_os/guide/services/http/disabling_httpd/service_httpd_disabled/rule.yml -index cdc6ba69..6f6b1f12 100644 +index d71d6003f..55c6beaab 100644 --- a/linux_os/guide/services/http/disabling_httpd/service_httpd_disabled/rule.yml +++ b/linux_os/guide/services/http/disabling_httpd/service_httpd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle15 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15 +-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,sel12,sle15 ++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,sel12,sle15 title: 'Disable httpd Service' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml -index bb71b36f..38cbb050 100644 +index bb71b36f9..38cbb050d 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml @@ -1,6 +1,6 @@ @@ -1110,7 +1155,7 @@ index bb71b36f..38cbb050 100644 title: 'Configure Error Log Format' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml -index 3a9b317b..e04b503d 100644 +index 3a9b317b7..e04b503d3 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml @@ -1,6 +1,6 @@ @@ -1122,7 +1167,7 @@ index 3a9b317b..e04b503d 100644 title: 'Configure The Number of Allowed Simultaneous Requests' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml -index 136cd7cc..77021742 100644 +index 136cd7cca..770217420 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml @@ -1,6 +1,6 @@ @@ -1134,7 +1179,7 @@ index 136cd7cc..77021742 100644 title: 'Scan All Uploaded Content for Malicious Software' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_firewall/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_firewall/rule.yml -index 2d0a5c51..8de48bb4 100644 +index 2d0a5c514..8de48bb43 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_firewall/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_firewall/rule.yml @@ -1,6 +1,6 @@ @@ -1146,7 +1191,7 @@ index 2d0a5c51..8de48bb4 100644 title: 'Configure firewall to Allow Access to the Web Server' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_remote_session_encryption/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_remote_session_encryption/rule.yml -index afc9519f..09dc97cb 100644 +index afc9519f7..09dc97cbd 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_remote_session_encryption/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_configure_remote_session_encryption/rule.yml @@ -1,6 +1,6 @@ @@ -1158,7 +1203,7 @@ index afc9519f..09dc97cb 100644 title: 'Ensure Remote Administrative Access Is Encrypted' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_etc_httpd_conf/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_etc_httpd_conf/rule.yml -index 91174c07..50ceb9d0 100644 +index 91174c07e..50ceb9d0b 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_etc_httpd_conf/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_etc_httpd_conf/rule.yml @@ -1,6 +1,6 @@ @@ -1170,7 +1215,7 @@ index 91174c07..50ceb9d0 100644 title: 'Set Permissions on the /etc/httpd/conf/ Directory' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_var_log_httpd/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_var_log_httpd/rule.yml -index dedc508f..5f0e74c8 100644 +index dedc508f9..5f0e74c81 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_var_log_httpd/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/dir_perms_var_log_httpd/rule.yml @@ -1,6 +1,6 @@ @@ -1182,7 +1227,7 @@ index dedc508f..5f0e74c8 100644 title: 'Set Permissions on the /var/log/httpd/ Directory' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_d_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_d_files/rule.yml -index d8631eb9..1fc8f7b4 100644 +index d8631eb95..1fc8f7b4d 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_d_files/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_d_files/rule.yml @@ -1,6 +1,6 @@ @@ -1194,7 +1239,7 @@ index d8631eb9..1fc8f7b4 100644 title: 'Set Permissions on All Configuration Files Inside /etc/httpd/conf.d/' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_files/rule.yml -index 5227203b..e31765b0 100644 +index 5227203b8..e31765b0c 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_files/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_files/rule.yml @@ -1,6 +1,6 @@ @@ -1206,7 +1251,7 @@ index 5227203b..e31765b0 100644 title: 'Set Permissions on All Configuration Files Inside /etc/httpd/conf/' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_modules_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_modules_files/rule.yml -index 1af8689b..a0623cc7 100644 +index 1af8689b8..a0623cc71 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_modules_files/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_modules_files/rule.yml @@ -1,6 +1,6 @@ @@ -1218,7 +1263,7 @@ index 1af8689b..a0623cc7 100644 title: 'Set Permissions on All Configuration Files Inside /etc/httpd/conf.modules.d/' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml -index e09f15a6..8be87c58 100644 +index e09f15a6b..8be87c58a 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml @@ -1,6 +1,6 @@ @@ -1230,7 +1275,7 @@ index e09f15a6..8be87c58 100644 title: 'HTTPD Log Files Must Be Owned By Root' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_perl_securely/httpd_configure_perl_taint/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_perl_securely/httpd_configure_perl_taint/rule.yml -index e04cdfd5..827288f8 100644 +index e04cdfd5b..827288f8f 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_configure_perl_securely/httpd_configure_perl_taint/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_perl_securely/httpd_configure_perl_taint/rule.yml @@ -1,6 +1,6 @@ @@ -1242,7 +1287,7 @@ index e04cdfd5..827288f8 100644 title: 'Configure HTTP PERL Scripts To Use TAINT Option' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_anonymous_content_sharing/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_anonymous_content_sharing/rule.yml -index 130a822f..dd60cb4a 100644 +index 130a822f7..dd60cb4ac 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_anonymous_content_sharing/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_anonymous_content_sharing/rule.yml @@ -1,6 +1,6 @@ @@ -1254,7 +1299,7 @@ index 130a822f..dd60cb4a 100644 title: 'Web Content Directories Must Not Be Shared Anonymously' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_configure_script_permissions/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_configure_script_permissions/rule.yml -index 28cab365..226e53e4 100644 +index 28cab3652..226e53e49 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_configure_script_permissions/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_configure_script_permissions/rule.yml @@ -1,6 +1,6 @@ @@ -1266,7 +1311,7 @@ index 28cab365..226e53e4 100644 title: 'Remove Write Permissions From Filesystem Paths And Server Scripts' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_disable_anonymous_ftp_access/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_disable_anonymous_ftp_access/rule.yml -index 81f39f7b..49ce8bcd 100644 +index 81f39f7be..49ce8bcd1 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_disable_anonymous_ftp_access/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_disable_anonymous_ftp_access/rule.yml @@ -1,6 +1,6 @@ @@ -1278,7 +1323,7 @@ index 81f39f7b..49ce8bcd 100644 title: 'Disable Anonymous FTP Access' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_ignore_htaccess_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_ignore_htaccess_files/rule.yml -index cb6e4ef5..813459fd 100644 +index cb6e4ef56..813459fdf 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_ignore_htaccess_files/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_ignore_htaccess_files/rule.yml @@ -1,6 +1,6 @@ @@ -1290,7 +1335,7 @@ index cb6e4ef5..813459fd 100644 title: 'Ignore HTTPD .htaccess Files' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_limit_available_methods/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_limit_available_methods/rule.yml -index fb02b8d4..93de1f84 100644 +index fb02b8d46..93de1f84f 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_limit_available_methods/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_limit_available_methods/rule.yml @@ -1,6 +1,6 @@ @@ -1302,7 +1347,7 @@ index fb02b8d4..93de1f84 100644 title: 'Limit Available Methods' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_critical_directories/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_critical_directories/rule.yml -index 2194e268..496484d0 100644 +index 2194e2685..496484d06 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_critical_directories/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_critical_directories/rule.yml @@ -1,6 +1,6 @@ @@ -1314,7 +1359,7 @@ index 2194e268..496484d0 100644 title: 'Restrict Other Critical Directories' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_root_directory/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_root_directory/rule.yml -index a02162aa..87ec21b7 100644 +index a02162aa3..87ec21b7b 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_root_directory/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_root_directory/rule.yml @@ -1,6 +1,6 @@ @@ -1326,7 +1371,7 @@ index a02162aa..87ec21b7 100644 title: 'Restrict Root Directory' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_web_directory/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_web_directory/rule.yml -index cb5e5231..0f53af52 100644 +index cb5e5231f..0f53af528 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_web_directory/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_restrict_web_directory/rule.yml @@ -1,6 +1,6 @@ @@ -1338,7 +1383,7 @@ index cb5e5231..0f53af52 100644 title: 'Restrict Web Directory' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_disable_mime_types/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_disable_mime_types/rule.yml -index ea7ab8bf..89776d62 100644 +index ea7ab8bf6..89776d624 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_disable_mime_types/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_disable_mime_types/rule.yml @@ -1,6 +1,6 @@ @@ -1350,7 +1395,7 @@ index ea7ab8bf..89776d62 100644 title: 'MIME types for csh or sh shell programs must be disabled' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_enable_error_logging/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_enable_error_logging/rule.yml -index f324b60e..bc49ebc1 100644 +index f324b60e8..bc49ebc18 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_enable_error_logging/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_enable_error_logging/rule.yml @@ -1,6 +1,6 @@ @@ -1362,7 +1407,7 @@ index f324b60e..bc49ebc1 100644 title: 'Enable HTTPD Error Logging' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_enable_loglevel/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_enable_loglevel/rule.yml -index e8bb96b2..d3d67773 100644 +index e8bb96b21..d3d67773c 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_enable_loglevel/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_enable_loglevel/rule.yml @@ -1,6 +1,6 @@ @@ -1374,7 +1419,7 @@ index e8bb96b2..d3d67773 100644 title: 'Enable HTTPD LogLevel' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_enable_system_logging/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_enable_system_logging/rule.yml -index 33b9a33e..2d953da2 100644 +index 33b9a33ed..2d953da28 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_enable_system_logging/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_enable_system_logging/rule.yml @@ -1,6 +1,6 @@ @@ -1386,7 +1431,7 @@ index 33b9a33e..2d953da2 100644 title: 'Enable HTTPD System Logging' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_entrust_passwords/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_entrust_passwords/rule.yml -index fcf1c504..b4d29e35 100644 +index fcf1c504e..b4d29e35f 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_entrust_passwords/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_entrust_passwords/rule.yml @@ -1,6 +1,6 @@ @@ -1398,7 +1443,7 @@ index fcf1c504..b4d29e35 100644 title: 'The web server password(s) must be entrusted to the SA or Web Manager' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cache_support/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cache_support/rule.yml -index 97b49e06..47d23073 100644 +index 97b49e069..47d230736 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cache_support/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cache_support/rule.yml @@ -1,6 +1,6 @@ @@ -1410,7 +1455,7 @@ index 97b49e06..47d23073 100644 title: 'Disable Cache Support' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cgi_support/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cgi_support/rule.yml -index 20ec65bd..34d59440 100644 +index 20ec65bd1..34d59440b 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cgi_support/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_cgi_support/rule.yml @@ -1,6 +1,6 @@ @@ -1422,7 +1467,7 @@ index 20ec65bd..34d59440 100644 title: 'Disable CGI Support' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_digest_authentication/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_digest_authentication/rule.yml -index 5bef0902..ac5afa64 100644 +index 5bef09023..ac5afa64f 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_digest_authentication/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_digest_authentication/rule.yml @@ -1,6 +1,6 @@ @@ -1434,7 +1479,7 @@ index 5bef0902..ac5afa64 100644 title: 'Disable HTTP Digest Authentication' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_enable_log_config/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_enable_log_config/rule.yml -index 250f3ba6..6fbb5909 100644 +index 250f3ba6c..6fbb59093 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_enable_log_config/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_enable_log_config/rule.yml @@ -1,6 +1,6 @@ @@ -1446,7 +1491,7 @@ index 250f3ba6..6fbb5909 100644 title: 'Enable log_config_module For HTTPD Logging' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_ldap_support/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_ldap_support/rule.yml -index 6afbb503..e3e7380a 100644 +index 6afbb5034..e3e7380ad 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_ldap_support/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_ldap_support/rule.yml @@ -1,6 +1,6 @@ @@ -1458,7 +1503,7 @@ index 6afbb503..e3e7380a 100644 title: 'Disable LDAP Support' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mime_magic/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mime_magic/rule.yml -index a49a797d..31d622a1 100644 +index a49a797d9..31d622a1c 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mime_magic/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mime_magic/rule.yml @@ -1,6 +1,6 @@ @@ -1470,7 +1515,7 @@ index a49a797d..31d622a1 100644 title: 'Disable MIME Magic' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mod_rewrite/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mod_rewrite/rule.yml -index e72cd1b1..35f2881e 100644 +index e72cd1b13..35f2881e6 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mod_rewrite/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_mod_rewrite/rule.yml @@ -1,6 +1,6 @@ @@ -1482,7 +1527,7 @@ index e72cd1b1..35f2881e 100644 title: 'Disable HTTP mod_rewrite' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_proxy_support/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_proxy_support/rule.yml -index 49ddb85a..013c1e90 100644 +index 49ddb85ae..013c1e904 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_proxy_support/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_proxy_support/rule.yml @@ -1,6 +1,6 @@ @@ -1494,7 +1539,7 @@ index 49ddb85a..013c1e90 100644 title: 'Disable Proxy Support' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_activity_status/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_activity_status/rule.yml -index 59b00d06..d5ed46a4 100644 +index 59b00d06d..d5ed46a41 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_activity_status/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_activity_status/rule.yml @@ -1,6 +1,6 @@ @@ -1506,7 +1551,7 @@ index 59b00d06..d5ed46a4 100644 title: 'Disable Server Activity Status' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_configuration_display/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_configuration_display/rule.yml -index 3b7a1c74..43335230 100644 +index 3b7a1c74e..433352308 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_configuration_display/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_configuration_display/rule.yml @@ -1,6 +1,6 @@ @@ -1518,7 +1563,7 @@ index 3b7a1c74..43335230 100644 title: 'Disable Web Server Configuration Display' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_side_includes/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_side_includes/rule.yml -index 119cfb6a..cf8848f9 100644 +index 119cfb6a2..cf8848f97 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_side_includes/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_server_side_includes/rule.yml @@ -1,6 +1,6 @@ @@ -1530,7 +1575,7 @@ index 119cfb6a..cf8848f9 100644 title: 'Disable Server Side Includes' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_url_correction/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_url_correction/rule.yml -index b11038c3..875c149a 100644 +index b11038c34..875c149a4 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_url_correction/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_url_correction/rule.yml @@ -1,6 +1,6 @@ @@ -1542,7 +1587,7 @@ index b11038c3..875c149a 100644 title: 'Disable URL Correction on Misspelled Entries' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_webdav/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_webdav/rule.yml -index 0dbde818..b0ea54ca 100644 +index 0dbde818c..b0ea54cab 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_webdav/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_webdav/rule.yml @@ -1,6 +1,6 @@ @@ -1554,7 +1599,7 @@ index 0dbde818..b0ea54ca 100644 title: 'Disable WebDAV (Distributed Authoring and Versioning)' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_security/httpd_install_mod_security/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_security/httpd_install_mod_security/rule.yml -index 8389ba24..a1e675f5 100644 +index 8389ba24a..a1e675f5a 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_security/httpd_install_mod_security/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_security/httpd_install_mod_security/rule.yml @@ -1,6 +1,6 @@ @@ -1566,7 +1611,7 @@ index 8389ba24..a1e675f5 100644 title: 'Install mod_security' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_tls/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_tls/rule.yml -index 4fcb6742..e1802d1e 100644 +index 4fcb67426..e1802d1e4 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_tls/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_tls/rule.yml @@ -1,6 +1,6 @@ @@ -1578,7 +1623,7 @@ index 4fcb6742..e1802d1e 100644 title: 'Enable Transport Layer Security (TLS) Encryption' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_valid_server_cert/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_valid_server_cert/rule.yml -index 2fbe3e26..451af3fc 100644 +index 2fbe3e264..451af3fc6 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_valid_server_cert/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_valid_server_cert/rule.yml @@ -1,6 +1,6 @@ @@ -1590,7 +1635,7 @@ index 2fbe3e26..451af3fc 100644 title: 'Configure A Valid Server Certificate' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_install_mod_ssl/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_install_mod_ssl/rule.yml -index f845c3e9..46eb5cf8 100644 +index f845c3e93..46eb5cf8f 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_install_mod_ssl/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_install_mod_ssl/rule.yml @@ -1,6 +1,6 @@ @@ -1602,7 +1647,7 @@ index f845c3e9..46eb5cf8 100644 title: 'Install mod_ssl' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_require_client_certs/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_require_client_certs/rule.yml -index 08429251..113b317d 100644 +index 084292515..113b317de 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_require_client_certs/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_require_client_certs/rule.yml @@ -1,6 +1,6 @@ @@ -1614,7 +1659,7 @@ index 08429251..113b317d 100644 title: 'Require Client Certificates' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_nipr_accredited_dmz/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_nipr_accredited_dmz/rule.yml -index 65c10b74..ee0f8eda 100644 +index 65c10b743..ee0f8eda0 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_nipr_accredited_dmz/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_nipr_accredited_dmz/rule.yml @@ -1,6 +1,6 @@ @@ -1626,7 +1671,7 @@ index 65c10b74..ee0f8eda 100644 title: 'A public web server, if hosted on the NIPRNet, must be isolated in an accredited DoD DMZ extension' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_no_compilers_in_prod/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_no_compilers_in_prod/rule.yml -index c0a8e19c..d75e3f3f 100644 +index c0a8e19c5..d75e3f3f5 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_no_compilers_in_prod/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_no_compilers_in_prod/rule.yml @@ -1,6 +1,6 @@ @@ -1638,7 +1683,7 @@ index c0a8e19c..d75e3f3f 100644 title: 'Installation of a compiler on production web server is prohibited' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_private_server_on_separate_subnet/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_private_server_on_separate_subnet/rule.yml -index 177fc6b1..7515622f 100644 +index 177fc6b1b..7515622f0 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_private_server_on_separate_subnet/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_private_server_on_separate_subnet/rule.yml @@ -1,6 +1,6 @@ @@ -1650,7 +1695,7 @@ index 177fc6b1..7515622f 100644 title: 'A private web server must be located on a separate controlled access subnet' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_public_resources_not_shared/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_public_resources_not_shared/rule.yml -index 7b93fe2d..ca9dbde3 100644 +index 7b93fe2d0..ca9dbde38 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_public_resources_not_shared/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_public_resources_not_shared/rule.yml @@ -1,6 +1,6 @@ @@ -1662,7 +1707,7 @@ index 7b93fe2d..ca9dbde3 100644 title: 'Public web server resources must not be shared with private assets' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_remove_backups/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_remove_backups/rule.yml -index c26a075a..79294345 100644 +index c26a075a9..792943451 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_remove_backups/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_remove_backups/rule.yml @@ -1,6 +1,6 @@ @@ -1674,7 +1719,7 @@ index c26a075a..79294345 100644 title: 'Backup interactive scripts on the production web server are prohibited' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_serversignature_off/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_serversignature_off/rule.yml -index 433ce96d..56729d6b 100644 +index 433ce96d0..56729d6b3 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_serversignature_off/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_serversignature_off/rule.yml @@ -1,6 +1,6 @@ @@ -1686,7 +1731,7 @@ index 433ce96d..56729d6b 100644 title: 'Set httpd ServerSignature Directive to Off' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_servertokens_prod/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_servertokens_prod/rule.yml -index af49aaeb..9aa5d9a2 100644 +index af49aaebc..9aa5d9a26 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_servertokens_prod/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_restrict_info_leakage/httpd_servertokens_prod/rule.yml @@ -1,6 +1,6 @@ @@ -1698,7 +1743,7 @@ index af49aaeb..9aa5d9a2 100644 title: 'Set httpd ServerTokens Directive to Prod' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_banner_page/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_banner_page/rule.yml -index f885d2ce..d573f442 100644 +index f885d2ce0..d573f4428 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_banner_page/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_banner_page/rule.yml @@ -1,6 +1,6 @@ @@ -1710,7 +1755,7 @@ index f885d2ce..d573f442 100644 title: 'Configure A Banner Page For Each Website' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_documentroot/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_documentroot/rule.yml -index b3a76b83..de57edf1 100644 +index b3a76b83b..de57edf1a 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_documentroot/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_configure_documentroot/rule.yml @@ -1,6 +1,6 @@ @@ -1722,7 +1767,7 @@ index b3a76b83..de57edf1 100644 title: 'Each Web Content Directory Must Contain An index.html File' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_disable_content_symlinks/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_disable_content_symlinks/rule.yml -index ea3b87ed..f75f9612 100644 +index ea3b87ed1..f75f96121 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_disable_content_symlinks/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_disable_content_symlinks/rule.yml @@ -1,6 +1,6 @@ @@ -1734,7 +1779,7 @@ index ea3b87ed..f75f9612 100644 title: 'Disable Web Content Symbolic Links' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_encrypt_file_uploads/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_encrypt_file_uploads/rule.yml -index f84d6d5c..0773ee07 100644 +index f84d6d5c2..0773ee070 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_encrypt_file_uploads/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_encrypt_file_uploads/rule.yml @@ -1,6 +1,6 @@ @@ -1746,7 +1791,7 @@ index f84d6d5c..0773ee07 100644 title: 'Encrypt All File Uploads' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_limit_java_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_limit_java_files/rule.yml -index 4e519379..62902b85 100644 +index 4e5193793..62902b85b 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_limit_java_files/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_limit_java_files/rule.yml @@ -1,6 +1,6 @@ @@ -1758,7 +1803,7 @@ index 4e519379..62902b85 100644 title: 'Remove .java And .jpp Files' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_remove_robots_file/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_remove_robots_file/rule.yml -index cc7c33d1..e585f723 100644 +index cc7c33d1d..e585f723d 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_remove_robots_file/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/httpd_remove_robots_file/rule.yml @@ -1,6 +1,6 @@ @@ -1770,7 +1815,7 @@ index cc7c33d1..e585f723 100644 title: 'The robots.txt Files Must Not Exist' diff --git a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/partition_for_web_content/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/partition_for_web_content/rule.yml -index 6d7e27f4..bd29cf0b 100644 +index 6d7e27f43..bd29cf0ba 100644 --- a/linux_os/guide/services/http/securing_httpd/httpd_secure_content/partition_for_web_content/rule.yml +++ b/linux_os/guide/services/http/securing_httpd/httpd_secure_content/partition_for_web_content/rule.yml @@ -1,6 +1,6 @@ @@ -1782,7 +1827,7 @@ index 6d7e27f4..bd29cf0b 100644 title: 'Ensure Web Content Located on Separate partition' diff --git a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_cert/rule.yml b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_cert/rule.yml -index d03ccdc5..420b1a6d 100644 +index 9029d1aa5..d4ae26520 100644 --- a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_cert/rule.yml +++ b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_cert/rule.yml @@ -1,6 +1,6 @@ @@ -1794,7 +1839,7 @@ index d03ccdc5..420b1a6d 100644 title: 'Configure Dovecot to Use the SSL Certificate file' diff --git a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_key/rule.yml b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_key/rule.yml -index 34c4865f..0c1a2b7b 100644 +index 91009af0b..50d730e9b 100644 --- a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_key/rule.yml +++ b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_configure_ssl_key/rule.yml @@ -1,6 +1,6 @@ @@ -1806,7 +1851,7 @@ index 34c4865f..0c1a2b7b 100644 title: 'Configure Dovecot to Use the SSL Key file' diff --git a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_disable_plaintext_auth/rule.yml b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_disable_plaintext_auth/rule.yml -index cd829dd8..cfedf22c 100644 +index cd829dd80..cfedf22c6 100644 --- a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_disable_plaintext_auth/rule.yml +++ b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_disable_plaintext_auth/rule.yml @@ -1,6 +1,6 @@ @@ -1818,7 +1863,7 @@ index cd829dd8..cfedf22c 100644 title: 'Disable Plaintext Authentication' diff --git a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_enable_ssl/rule.yml b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_enable_ssl/rule.yml -index d88e1120..5744fe45 100644 +index d88e1120b..5744fe457 100644 --- a/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_enable_ssl/rule.yml +++ b/linux_os/guide/services/imap/configure_dovecot/dovecot_enabling_ssl/dovecot_enable_ssl/rule.yml @@ -1,6 +1,6 @@ @@ -1830,56 +1875,75 @@ index d88e1120..5744fe45 100644 title: 'Enable the SSL flag in /etc/dovecot.conf' diff --git a/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml b/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml -index f15f25e4..fadc6b84 100644 +index 27457df04..7180d59dd 100644 --- a/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml +++ b/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 +-prodtype: alinux2,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall dovecot Package' diff --git a/linux_os/guide/services/imap/disabling_dovecot/service_dovecot_disabled/rule.yml b/linux_os/guide/services/imap/disabling_dovecot/service_dovecot_disabled/rule.yml -index d460c186..46ebf86a 100644 +index b5abe51d5..e5aac4e0a 100644 --- a/linux_os/guide/services/imap/disabling_dovecot/service_dovecot_disabled/rule.yml +++ b/linux_os/guide/services/imap/disabling_dovecot/service_dovecot_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle15 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15 +-prodtype: alinux3,anolis8,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Disable Dovecot Service' diff --git a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml -index c943a315..7c7ed0d2 100644 +index 87375c0d9..6d49d9ec8 100644 --- a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml +++ b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml -@@ -23,7 +23,7 @@ references: +@@ -2,7 +2,7 @@ documentation_complete: true + + # new major OS versions will most likely not be applicable because of the + # kerberos version higher than 1.17-18 +-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9 ++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9 + + title: 'Disable Kerberos by removing host keytab' + +@@ -27,7 +27,7 @@ references: ospp: FTP_ITC_EXT.1 srg: SRG-OS-000120-GPOS-00061 stigid@ol8: OL08-00-010161 - stigid@rhel8: RHEL-08-010161 + stigid@almalinux8: RHEL-08-010161 - ocil_clause: 'it is present on the system' - + platforms: + - krb5_server_older_than_1_17-18 and krb5_workstation_older_than_1_17-18 diff --git a/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml b/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml -index 52efaf10..b6a8f0fb 100644 +index 88a8417bc..ad70f3e7c 100644 --- a/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml +++ b/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml -@@ -1,6 +1,6 @@ - documentation_complete: true +@@ -2,7 +2,7 @@ documentation_complete: true + # new major OS versions will most likely not be applicable because of the + # kerberos version higher than 1.17-18 -prodtype: ol7,ol8,rhel7,rhel8,rhel9 +prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9 title: 'Remove the Kerberos Server Package' +@@ -30,7 +30,7 @@ references: + nist: IA-7,IA-7.1 + srg: SRG-OS-000120-GPOS-00061 + stigid@ol8: OL08-00-010163 +- stigid@rhel8: RHEL-08-010163 ++ stigid@almalinux8: RHEL-08-010163 + + platforms: + - krb5_server_older_than_1_17-18 diff --git a/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml b/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml -index a4bd1fc3..727dc22a 100644 +index a4bd1fc3c..727dc22a3 100644 --- a/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml +++ b/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml @@ -1,6 +1,6 @@ @@ -1891,41 +1955,41 @@ index a4bd1fc3..727dc22a 100644 title: 'Uninstall 389-ds-base Package' diff --git a/linux_os/guide/services/ldap/openldap_client/enable_ldap_client/rule.yml b/linux_os/guide/services/ldap/openldap_client/enable_ldap_client/rule.yml -index 9a86c7ab..5a8e1fda 100644 +index 3683bb50d..6a9628612 100644 --- a/linux_os/guide/services/ldap/openldap_client/enable_ldap_client/rule.yml +++ b/linux_os/guide/services/ldap/openldap_client/enable_ldap_client/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhv4 -+prodtype: rhel7,rhel8,almalinux8,rhv4 +-prodtype: ol7,ol8,rhel7,rhel8,rhv4 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4 title: 'Enable the LDAP Client For Use in Authconfig' diff --git a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh -index 3fb71a04..acb34bba 100644 +index 646e63f4b..cb346ebf4 100644 --- a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh +++ b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol ++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol # Use LDAP for authentication diff --git a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/rule.yml b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/rule.yml -index 4f64afff..348ddaa5 100644 +index 9092dccbd..838330b0f 100644 --- a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/rule.yml +++ b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhv4 -+prodtype: rhel7,rhel8,almalinux8,rhv4 +-prodtype: ol7,ol8,rhel7,rhel8,rhv4 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4 title: 'Configure LDAP Client to Use TLS For All Transactions' diff --git a/linux_os/guide/services/ldap/openldap_client/ldap_client_tls_cacertpath/rule.yml b/linux_os/guide/services/ldap/openldap_client/ldap_client_tls_cacertpath/rule.yml -index e05e43a9..9ea470b8 100644 +index e05e43a9f..9ea470b87 100644 --- a/linux_os/guide/services/ldap/openldap_client/ldap_client_tls_cacertpath/rule.yml +++ b/linux_os/guide/services/ldap/openldap_client/ldap_client_tls_cacertpath/rule.yml @@ -1,6 +1,6 @@ @@ -1937,54 +2001,67 @@ index e05e43a9..9ea470b8 100644 title: 'Configure Certificate Directives for LDAP Use of TLS' diff --git a/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml b/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml -index 0bccc020..9fff25e3 100644 +index 8244e0504..3f669b769 100644 --- a/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml +++ b/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure LDAP client is not installed' diff --git a/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml b/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml -index 95601fbd..17f118fd 100644 +index 5cc0bd10d..ecdfae110 100644 --- a/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml +++ b/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall openldap-servers Package' diff --git a/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml b/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml -index 542f70ae..5071e907 100644 +index 8501b6286..531539010 100644 --- a/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml +++ b/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8,rhel9 -+prodtype: rhel8,almalinux8,rhel9 +-prodtype: alinux2,alinux3,anolis8,rhel8,rhel9 ++prodtype: alinux2,alinux3,anolis8,rhel8,almalinux8,rhel9 title: 'Disable LDAP Server (slapd)' +diff --git a/linux_os/guide/services/mail/package_postfix_installed/rule.yml b/linux_os/guide/services/mail/package_postfix_installed/rule.yml +index a2b8325d2..1b7a24e1f 100644 +--- a/linux_os/guide/services/mail/package_postfix_installed/rule.yml ++++ b/linux_os/guide/services/mail/package_postfix_installed/rule.yml +@@ -18,7 +18,7 @@ identifiers: + + references: + srg: SRG-OS-000046-GPOS-00022 +- stigid@rhel8: RHEL-08-030030 ++ stigid@almalinux8: RHEL-08-030030 + + ocil_clause: 'the package is not installed' + diff --git a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml -index fe7861b6..c1d6dd84 100644 +index 3674a8609..13f1c6ec4 100644 --- a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml +++ b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9 +-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Uninstall Sendmail Package' -@@ -33,7 +33,7 @@ references: +@@ -35,7 +35,7 @@ references: nist-csf: PR.IP-1,PR.PT-3 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000095-GPOS-00049 stigid@ol8: OL08-00-040002 @@ -1993,53 +2070,73 @@ index fe7861b6..c1d6dd84 100644 {{{ complete_ocil_entry_package(package="sendmail") }}} -diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/rule.yml -index dc68aace..e056f370 100644 ---- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/rule.yml -+++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/rule.yml -@@ -32,7 +32,7 @@ references: - nist@sle12: AU-5(a),AU-5.1(ii) +diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml +index cf67161e3..9ac592066 100644 +--- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml ++++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml +@@ -1,4 +1,4 @@ +-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle + # reboot = false + # strategy = configure + # complexity = low +diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh +index a6bc6cb16..746f87283 100644 +--- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh ++++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh +@@ -1,4 +1,4 @@ +-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle + + {{{ bash_instantiate_variables("var_postfix_root_mail_alias") }}} + +diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml +index 1f8ff5831..09393bc47 100644 +--- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml ++++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml +@@ -29,7 +29,7 @@ references: + nist: AU-5(a),AU-5.1(ii) srg: SRG-OS-000046-GPOS-00022 stigid@ol8: OL08-00-030030 - stigid@rhel8: RHEL-08-030030 + stigid@almalinux8: RHEL-08-030030 - stigid@sle12: SLES-12-020050 - stigid@sle15: SLES-15-030580 + + ocil_clause: 'the alias is not set or is not root' diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml -index e1c9d00d..df00159e 100644 +index c5e7ae18c..1ab2a0a40 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml +++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh -index bd6f4236..16f610e5 100644 +index 93a9e5878..5768cb749 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh +++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu {{{ bash_instantiate_variables("var_postfix_inet_interfaces") }}} diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml -index 6441e452..e694725d 100644 +index 1c94cefa7..7f42093e5 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml +++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 +-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204 ++prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204 title: 'Disable Postfix Network Listening' diff --git a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_banner/rule.yml b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_banner/rule.yml -index e169429a..d9f0688b 100644 +index e169429a7..d9f0688b9 100644 --- a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_banner/rule.yml +++ b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_banner/rule.yml @@ -1,6 +1,6 @@ @@ -2051,14 +2148,14 @@ index e169429a..d9f0688b 100644 title: 'Configure SMTP Greeting Banner' diff --git a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml -index 5ccf6ffc..d7a9bacd 100644 +index 379999e33..f6820af4f 100644 --- a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml +++ b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,wrlinux1019 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9 title: 'Prevent Unrestricted Mail Relaying' @@ -2069,22 +2166,34 @@ index 5ccf6ffc..d7a9bacd 100644 - stigid@rhel8: RHEL-08-040290 + stigid@almalinux8: RHEL-08-040290 - ocil_clause: 'it is not' + ocil_clause: 'the "smtpd_client_restrictions" parameter contains any entries other than "permit_mynetworks" and "reject"' diff --git a/linux_os/guide/services/mail/service_postfix_enabled/rule.yml b/linux_os/guide/services/mail/service_postfix_enabled/rule.yml -index 1399f5d5..f85ba23a 100644 +index 8120beda0..19595cd1d 100644 --- a/linux_os/guide/services/mail/service_postfix_enabled/rule.yml +++ b/linux_os/guide/services/mail/service_postfix_enabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 +-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204 ++prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204 title: 'Enable Postfix Service' +diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/package_rpcbind_removed/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/package_rpcbind_removed/rule.yml +index 1fc438cc4..753aa25b0 100644 +--- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/package_rpcbind_removed/rule.yml ++++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/package_rpcbind_removed/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 + + title: 'Uninstall rpcbind Package' + diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_nfslock_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_nfslock_disabled/rule.yml -index 2524bf79..e398c312 100644 +index 2524bf798..e398c3121 100644 --- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_nfslock_disabled/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_nfslock_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -2096,19 +2205,19 @@ index 2524bf79..e398c312 100644 title: 'Disable Network File System Lock Service (nfslock)' diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml -index 760147e1..04593972 100644 +index 0b6c8d464..c72d048d9 100644 --- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 +-prodtype: alinux2,alinux3,anolis8,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Disable rpcbind Service' diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcgssd_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcgssd_disabled/rule.yml -index 965d781c..3119d78b 100644 +index 965d781c1..3119d78b3 100644 --- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcgssd_disabled/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcgssd_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -2120,7 +2229,7 @@ index 965d781c..3119d78b 100644 title: 'Disable Secure RPC Client Service (rpcgssd)' diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcidmapd_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcidmapd_disabled/rule.yml -index 9dded936..672b5bdf 100644 +index 9dded9361..672b5bdfe 100644 --- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcidmapd_disabled/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcidmapd_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -2132,7 +2241,7 @@ index 9dded936..672b5bdf 100644 title: 'Disable RPC ID Mapping Service (rpcidmapd)' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_tcp_port/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_tcp_port/rule.yml -index 322d5924..c93b5d14 100644 +index 322d59243..c93b5d147 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_tcp_port/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_tcp_port/rule.yml @@ -1,6 +1,6 @@ @@ -2144,7 +2253,7 @@ index 322d5924..c93b5d14 100644 title: 'Configure lockd to use static TCP port' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_udp_port/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_udp_port/rule.yml -index ca67db92..a1aaad35 100644 +index ca67db926..a1aaad355 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_udp_port/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_lockd_udp_port/rule.yml @@ -1,6 +1,6 @@ @@ -2156,7 +2265,7 @@ index ca67db92..a1aaad35 100644 title: 'Configure lockd to use static UDP port' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_mountd_port/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_mountd_port/rule.yml -index 7d8839f5..563cd079 100644 +index 7d8839f55..563cd0791 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_mountd_port/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_mountd_port/rule.yml @@ -1,6 +1,6 @@ @@ -2168,7 +2277,7 @@ index 7d8839f5..563cd079 100644 title: 'Configure mountd to use static port' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_statd_port/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_statd_port/rule.yml -index adcc2e18..c9a2bc06 100644 +index adcc2e18e..c9a2bc064 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_statd_port/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_all_machines/nfs_configure_fixed_ports/nfs_fixed_statd_port/rule.yml @@ -1,6 +1,6 @@ @@ -2180,7 +2289,7 @@ index adcc2e18..c9a2bc06 100644 title: 'Configure statd to use static port' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/nfs_no_anonymous/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/nfs_no_anonymous/rule.yml -index 73a0d70b..36a53e46 100644 +index 73a0d70b6..36a53e464 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/nfs_no_anonymous/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/nfs_no_anonymous/rule.yml @@ -1,6 +1,6 @@ @@ -2192,41 +2301,19 @@ index 73a0d70b..36a53e46 100644 title: 'Specify UID and GID for Anonymous NFS Connections' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml -index f99879c8..6224464d 100644 +index 91f73abe9..01b7eac0c 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhel7,rhel8,rhel9 -+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9 +-prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Disable Network File System (nfs)' -diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_disabled.pass.sh b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_disabled.pass.sh -index 30af5520..722a8f2e 100644 ---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_disabled.pass.sh -+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_disabled.pass.sh -@@ -1,5 +1,5 @@ - #!/bin/bash --# platform = multi_platform_rhel,multi_platform_fedora -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora - # packages = nfs-utils - - systemctl stop nfs-server -diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_enabled.fail.sh b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_enabled.fail.sh -index 8e4eee8b..db823921 100644 ---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_enabled.fail.sh -+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_enabled.fail.sh -@@ -1,5 +1,5 @@ - #!/bin/bash --# platform = multi_platform_rhel,multi_platform_fedora -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora - # packages = nfs-utils - - systemctl start nfs-server diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_rpcsvcgssd_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_rpcsvcgssd_disabled/rule.yml -index bb5788e3..3703a84c 100644 +index c7d1c7a2b..b61ccdfdd 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_rpcsvcgssd_disabled/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_rpcsvcgssd_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -2238,26 +2325,26 @@ index bb5788e3..3703a84c 100644 title: 'Disable Secure RPC Server Service (rpcsvcgssd)' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml -index 65bcba60..97f66925 100644 +index 9a95382a6..c864e7015 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9 title: 'Mount Remote Filesystems with Kerberos Security' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml -index 202e0864..3fcea47e 100644 +index 6911a7163..7b6f02703 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4 title: 'Mount Remote Filesystems with nodev' @@ -2271,14 +2358,14 @@ index 202e0864..3fcea47e 100644 ocil_clause: 'the setting does not show' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml -index 940b1eb8..ec1c49a8 100644 +index 95c902246..e16d08d88 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Mount Remote Filesystems with noexec' @@ -2292,14 +2379,14 @@ index 940b1eb8..ec1c49a8 100644 stigid@sle15: SLES-15-040170 diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml -index 2d1fd79f..bd8ec080 100644 +index c2805a5cd..97ab97ff9 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Mount Remote Filesystems with nosuid' @@ -2313,7 +2400,7 @@ index 2d1fd79f..bd8ec080 100644 stigid@sle15: SLES-15-040160 diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/no_insecure_locks_exports/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/no_insecure_locks_exports/rule.yml -index daaf44ae..548c4d83 100644 +index daaf44ae3..548c4d838 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/no_insecure_locks_exports/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/no_insecure_locks_exports/rule.yml @@ -1,6 +1,6 @@ @@ -2325,7 +2412,7 @@ index daaf44ae..548c4d83 100644 title: 'Ensure Insecure File Locking is Not Allowed' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/restrict_nfs_clients_to_privileged_ports/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/restrict_nfs_clients_to_privileged_ports/rule.yml -index 0978d54c..00145705 100644 +index 0978d54c4..001457052 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/restrict_nfs_clients_to_privileged_ports/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/restrict_nfs_clients_to_privileged_ports/rule.yml @@ -1,6 +1,6 @@ @@ -2337,19 +2424,19 @@ index 0978d54c..00145705 100644 title: 'Restrict NFS Clients to Privileged Ports' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml -index 9176e00b..85034a83 100644 +index b666538f2..579cae284 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Use Kerberos Security on All Exports' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_root_squashing_all_exports/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_root_squashing_all_exports/rule.yml -index c5983cbe..0f39d0ff 100644 +index c5983cbe8..0f39d0ff8 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_root_squashing_all_exports/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_root_squashing_all_exports/rule.yml @@ -1,6 +1,6 @@ @@ -2361,19 +2448,19 @@ index c5983cbe..0f39d0ff 100644 title: 'Use Root-Squashing on All Exports' diff --git a/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml b/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml -index 4a6e5254..cc9ac42e 100644 +index 2e7632b7e..dec0c5f42 100644 --- a/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 +-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Uninstall nfs-utils Package' diff --git a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh -index f3d9ac33..1ba1ab9c 100644 +index 524cdc7d0..2678708d2 100644 --- a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh @@ -1,4 +1,4 @@ @@ -2381,9 +2468,9 @@ index f3d9ac33..1ba1ab9c 100644 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol - {{{ bash_replace_or_append("/etc/chrony.conf", '^port', '0', '%s %s') }}} + {{{ bash_replace_or_append(chrony_conf_path, '^port', '0', '%s %s') }}} diff --git a/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml -index a97cf1a9..f285ebb4 100644 +index a97cf1a9f..f285ebb44 100644 --- a/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml +++ b/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml @@ -1,5 +1,5 @@ @@ -2394,28 +2481,28 @@ index a97cf1a9..f285ebb4 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml -index e94276f8..28f55b98 100644 +index 0e9ab7fe9..dd3b6f4ce 100644 --- a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol8,rhcos4,rhel8,rhel9 -+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9 +-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9 ++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9 title: 'Disable chrony daemon from acting as server' -@@ -28,7 +28,7 @@ references: +@@ -29,7 +29,7 @@ references: ospp: FMT_SMF_EXT.1 srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049 stigid@ol8: OL08-00-030741 - stigid@rhel8: RHEL-08-030741 + stigid@almalinux8: RHEL-08-030741 - ocil_clause: 'it does not exist or port is set to non-zero value' + ocil_clause: 'the "port" option is not set to "0", is commented out, or is missing' diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh -index 5bfd2b1f..e03fc658 100644 +index 25b768688..a1e46bc12 100644 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh @@ -1,4 +1,4 @@ @@ -2423,9 +2510,9 @@ index 5bfd2b1f..e03fc658 100644 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol - {{{ bash_replace_or_append("/etc/chrony.conf", '^cmdport', '0', '%s %s') }}} + {{{ bash_replace_or_append(chrony_conf_path, '^cmdport', '0', '%s %s') }}} diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml -index a97cf1a9..f285ebb4 100644 +index a97cf1a9f..f285ebb44 100644 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml +++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml @@ -1,5 +1,5 @@ @@ -2436,14 +2523,14 @@ index a97cf1a9..f285ebb4 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml -index a5e998d0..48dcd4c6 100644 +index 782106734..2e304b52e 100644 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol8,rhcos4,rhel8,rhel9 -+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9 +-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9 ++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9 title: 'Disable network management of chrony daemon' @@ -2454,30 +2541,30 @@ index a5e998d0..48dcd4c6 100644 - stigid@rhel8: RHEL-08-030742 + stigid@almalinux8: RHEL-08-030742 - ocil_clause: 'it does not exist or port is set to non-zero value' + ocil_clause: 'the "cmdport" option is not set to "0", is commented out, or is missing' diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml -index da0a6223..36ad0175 100644 +index e571e6ee2..fa9118753 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_sle,multi_platform_rhel -+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh -index 770312c9..8a8ca27d 100644 +index f1bb759d9..a3d4dde5b 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu {{{ bash_instantiate_variables("var_time_service_set_maxpoll") }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml -index a97cf1a9..f285ebb4 100644 +index a97cf1a9f..f285ebb44 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml @@ -1,5 +1,5 @@ @@ -2488,18 +2575,18 @@ index a97cf1a9..f285ebb4 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml -index e8e4ec45..59a09814 100644 +index b7bef7d30..7e0139491 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Configure Time Service Maxpoll Interval' -@@ -99,7 +99,7 @@ references: +@@ -95,7 +95,7 @@ references: stigid@ol7: OL07-00-040500 stigid@ol8: OL08-00-030740 stigid@rhel7: RHEL-07-040500 @@ -2509,7 +2596,7 @@ index e8e4ec45..59a09814 100644 stigid@sle15: SLES-15-010400 stigid@ubuntu2004: UBTU-20-010435 diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh -index 428a5407..696798a0 100644 +index 6b76902a1..3925ca7b9 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh @@ -1,4 +1,4 @@ @@ -2519,7 +2606,7 @@ index 428a5407..696798a0 100644 {{{ bash_instantiate_variables("var_multiple_time_servers") }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml -index a97cf1a9..f285ebb4 100644 +index a97cf1a9f..f285ebb44 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml @@ -1,5 +1,5 @@ @@ -2530,7 +2617,7 @@ index a97cf1a9..f285ebb4 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml -index adab67dc..85fef84a 100644 +index 03c694987..5dafa25d8 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml @@ -1,6 +1,6 @@ @@ -2542,7 +2629,7 @@ index adab67dc..85fef84a 100644 title: 'Specify Additional Remote NTP Servers' diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh -index f0a41078..8e1f92d4 100644 +index 6bf4f9aae..fea88a083 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh @@ -1,4 +1,4 @@ @@ -2552,7 +2639,7 @@ index f0a41078..8e1f92d4 100644 {{{ bash_instantiate_variables("var_multiple_time_servers") }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml -index a97cf1a9..f285ebb4 100644 +index a97cf1a9f..f285ebb44 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml @@ -1,5 +1,5 @@ @@ -2563,205 +2650,308 @@ index a97cf1a9..f285ebb4 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml -index c0635acd..3941b2a1 100644 +index 5e882bd16..a80ddb872 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4 +-prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4 ++prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4 title: 'Specify a Remote NTP Server' diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml -index e60dd11e..12f4bd92 100644 +index 63880e804..076146db2 100644 --- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml +++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml -@@ -1,4 +1,4 @@ +@@ -1,11 +1,11 @@ -# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8 +# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8 # reboot = false # strategy = configure # complexity = low + # disruption = low + + {{%- set ok_by_default = false %}} +-{{%- if product in ["rhel7", "ol7", "rhel8", "ol8", "rhel9", "ol9", "fedora"] %}} ++{{%- if product in ["rhel7", "ol7", "rhel8", "almalinux8", "ol8", "rhel9", "ol9", "fedora"] %}} + {{%- set ok_by_default = true %}} + {{%- endif %}} + +diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/bash/shared.sh +index 462528038..0bada7168 100644 +--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/bash/shared.sh ++++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/bash/shared.sh +@@ -1,6 +1,6 @@ + # platform = multi_platform_all + {{%- set ok_by_default = false %}} +-{{%- if product in ["rhel7", "ol7", "rhel8", "ol8", "rhel9", "ol9", "fedora"] %}} ++{{%- if product in ["rhel7", "ol7", "rhel8", "almalinux8", "ol8", "rhel9", "ol9", "fedora"] %}} + {{%- set ok_by_default = true %}} + {{%- endif %}} + +diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/oval/shared.xml b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/oval/shared.xml +index e1d712f25..325ed08c1 100644 +--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/oval/shared.xml ++++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/oval/shared.xml +@@ -1,5 +1,5 @@ + {{%- set ok_by_default = false %}} +-{{%- if product in ["rhel7", "ol7", "rhel8", "ol8", "rhel9", "ol9", "fedora"] %}} ++{{%- if product in ["rhel7", "ol7", "rhel8", "almalinux8", "ol8", "rhel9", "ol9", "fedora"] %}} + {{%- set ok_by_default = true %}} + {{%- endif %}} + diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml -index 1e0f65ac..3a5ec70e 100644 +index 0f3dfd4a2..306dec361 100644 --- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml -@@ -1,6 +1,6 @@ +@@ -1,11 +1,11 @@ documentation_complete: true --prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 -+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure that chronyd is running under chrony user account' + {{%- set ok_by_default = false %}} +-{{%- if product in ["rhel7", "ol7", "rhel8", "ol8", "rhel9", "ol9", "fedora"] %}} ++{{%- if product in ["rhel7", "ol7", "rhel8", "almalinux8", "ol8", "rhel9", "ol9", "fedora"] %}} + {{%- set ok_by_default = true %}} + {{%- endif %}} + +diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh +index 2e3d4e406..a348b99df 100644 +--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh ++++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh +@@ -1,5 +1,5 @@ + #!/bin/bash +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle + # packages = chrony + + +diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh +index b75e59c2e..6c3415c34 100644 +--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh ++++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh +@@ -1,5 +1,5 @@ + #!/bin/bash +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle + # packages = chrony + + +diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh +index edd19015f..11fcd1bce 100644 +--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh ++++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh +@@ -1,5 +1,5 @@ + #!/bin/bash +-# platform = multi_platform_rhel,multi_platform_fedora ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora + # packages = chrony + + +diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh +index 83120046d..12b9d1a42 100644 +--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh ++++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh +@@ -1,5 +1,5 @@ + #!/bin/bash +-# platform = multi_platform_rhel,multi_platform_fedora ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora + # packages = chrony + + +diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh +index 0b8c54cfb..7a44d477b 100644 +--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh ++++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh +@@ -1,5 +1,5 @@ + #!/bin/bash +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle + # packages = chrony + + +diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh +index 69908e41f..0c506bca3 100644 +--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh ++++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh +@@ -1,5 +1,5 @@ + #!/bin/bash +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle + # packages = chrony + + diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml -index 6dc24f1b..159b99d1 100644 +index baffcb0e1..79cae0e53 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml -@@ -22,7 +22,7 @@ identifiers: - references: +@@ -23,7 +23,7 @@ references: disa: CCI-001891 srg: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144,SRG-OS-000359-GPOS-00146 + stigid@ol8: OL08-00-030740 - stigid@rhel8: RHEL-08-030740 + stigid@almalinux8: RHEL-08-030740 - ocil_clause: 'a remote time server is not configured or configured with pool directive' + ocil_clause: 'an authoritative remote time server is not configured or configured with pool directive' diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh -index d1ba0755..d63e9963 100644 +index b2427c1d5..2d62ca68b 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux # remediation = none - echo "" > /etc/chrony.conf + echo "" > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh -index 12a50ebc..062721b3 100644 +index 16c634e0a..e0e0b136a 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux # remediation = none - rm -f /etc/chrony.conf + rm -f {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh -index bffa8b62..081e47a7 100644 +index 56b414e2e..c28bc2f7f 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux # remediation = none - echo "some line" > /etc/chrony.conf + echo "some line" > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh -index 5527f389..a121cf97 100644 +index 01a21e0b0..3b8082c73 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux # remediation = none - sed -i "^pool.*" /etc/chrony.conf + sed -i "^pool.*" {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh -index 616fe884..8ca788f4 100644 +index 6f45a555f..5d03e6e21 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux # remediation = none - sed -i "^server.*" /etc/chrony.conf + sed -i "^server.*" {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh -index 21a70dc4..58061797 100644 +index ec9e58c75..1a31ccf74 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - sed -i "^pool.*" /etc/chrony.conf - echo "server 0.pool.ntp.org" > /etc/chrony.conf + sed -i "^pool.*" {{{ chrony_conf_path }}} + echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh -index 4a1fd261..3483a7db 100644 +index d74bde623..8f83241cd 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - echo "server 0.pool.ntp.org" > /etc/chrony.conf + echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh -index 6612538e..f0654680 100644 +index 56cee5abd..a8d771d62 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - echo "pool 0.pool.ntp.org" > /etc/chrony.conf + echo "pool 0.pool.ntp.org" > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh -index 8a9866d2..02d6a61f 100644 +index 50e0715cc..e75a1ec07 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - echo "" > /etc/chrony.conf + echo "" > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh -index c6ac20c1..638372b8 100644 +index d89bdb1e5..a56b2e0dc 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - rm -f /etc/chrony.conf + rm -f {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh -index 02693609..3667b6ff 100644 +index ce121222a..3c7d36f8b 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - echo "some line" > /etc/chrony.conf - echo "another line" >> /etc/chrony.conf + echo "some line" > {{{ chrony_conf_path }}} + echo "another line" >> {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh -index 6c2557aa..f9f96f9c 100644 +index 917d2e610..eccff3389 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - echo "server 0.pool.ntp.org" > /etc/chrony.conf - echo "server 1.pool.ntp.org" >> /etc/chrony.conf + echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}} + echo "server 1.pool.ntp.org" >> {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh -index a5d6aecf..e6f5e057 100644 +index 5f0ad2c6e..7c6175efb 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - echo "server " > /etc/chrony.conf + echo "server " > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml -index b9add520..ac7b4cec 100644 +index b9add5207..ac7b4cec9 100644 --- a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml +++ b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -2771,7 +2961,7 @@ index b9add520..ac7b4cec 100644 # strategy = enable # complexity = low diff --git a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh -index f8a77aee..33166cac 100644 +index f8a77aeee..33166cac2 100644 --- a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh +++ b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh @@ -1,4 +1,4 @@ @@ -2781,68 +2971,68 @@ index f8a77aee..33166cac 100644 # strategy = enable # complexity = low diff --git a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml -index 66c66754..2b31b599 100644 +index 3c3898fb0..373182011 100644 --- a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml +++ b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Enable the NTP Daemon' diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml -index d413ff15..2c1dfe5f 100644 +index a602354c3..f3a302990 100644 --- a/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml +++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall xinetd Package' diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml -index 5b08676a..b11c8af4 100644 +index 06ffe16cb..95d2c87ec 100644 --- a/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml @@ -1,7 +1,7 @@ documentation_complete: true # package is unlikely to appear on a RHEL9 system, don't extend to RHEL10 --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Disable xinetd Service' diff --git a/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml -index 83fe71b9..89043489 100644 +index 9be95ffed..7e899d3b9 100644 --- a/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml +++ b/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true +-prodtype: alinux2,alinux3,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 + + title: 'Remove NIS Client' + +diff --git a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml +index 6ab9cdac3..d6a96d70d 100644 +--- a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml ++++ b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + -prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 +prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 - title: 'Remove NIS Client' - -diff --git a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml -index 292a6eb7..be96a91c 100644 ---- a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml -+++ b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml -@@ -1,6 +1,6 @@ - documentation_complete: true - --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 - title: 'Uninstall ypserv Package' diff --git a/linux_os/guide/services/obsolete/nis/service_ypbind_disabled/rule.yml b/linux_os/guide/services/obsolete/nis/service_ypbind_disabled/rule.yml -index 29f66c6f..8a2e364f 100644 +index ce41faf92..b2a4c7c4c 100644 --- a/linux_os/guide/services/obsolete/nis/service_ypbind_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/nis/service_ypbind_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -2854,36 +3044,49 @@ index 29f66c6f..8a2e364f 100644 title: 'Disable ypbind Service' diff --git a/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml b/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml -index 1867eec5..fec683fa 100644 +index 4f414d3af..2daa6163f 100644 --- a/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8,rhel9 -+prodtype: rhel8,almalinux8,rhel9 +-prodtype: alinux2,alinux3,anolis8,rhel8,rhel9 ++prodtype: alinux2,alinux3,anolis8,rhel8,almalinux8,rhel9 title: 'Disable ypserv Service' +diff --git a/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml b/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml +index d3139b999..75f03c459 100644 +--- a/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml ++++ b/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml +@@ -6,7 +6,7 @@ + + documentation_complete: true + +-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 + + title: 'Uninstall rsync Package' + diff --git a/linux_os/guide/services/obsolete/r_services/no_host_based_files/bash/shared.sh b/linux_os/guide/services/obsolete/r_services/no_host_based_files/bash/shared.sh -index 26b3c514..f65fd861 100644 +index 3a98b0947..bd5b8127e 100644 --- a/linux_os/guide/services/obsolete/r_services/no_host_based_files/bash/shared.sh +++ b/linux_os/guide/services/obsolete/r_services/no_host_based_files/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_sle,multi_platform_wrlinux,multi_platform_ol -+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_wrlinux,multi_platform_ol +-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_sle,multi_platform_ol ++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ol # Identify local mounts MOUNT_LIST=$(df --local | awk '{ print $6 }') diff --git a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml -index b2cd780b..9666ab40 100644 +index 822b02f50..7fa4aeb9c 100644 --- a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Remove Host-Based Authentication Files' @@ -2897,44 +3100,44 @@ index b2cd780b..9666ab40 100644 stigid@sle15: SLES-15-040030 diff --git a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml -index 660eebd6..564781aa 100644 +index 6af0b5732..713381d73 100644 --- a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml +++ b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh -index a465105d..6d9d15e4 100644 +index e64838b15..baaa07631 100644 --- a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh +++ b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu find /root -xdev -type f -name ".rhosts" -exec rm -f {} \; find /home -maxdepth 2 -xdev -type f -name ".rhosts" -exec rm -f {} \; diff --git a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/bash/shared.sh b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/bash/shared.sh -index 6e902385..3a6461d6 100644 +index b7c88b077..a9c7c4e31 100644 --- a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/bash/shared.sh +++ b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_sle,multi_platform_wrlinux,multi_platform_ol -+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_wrlinux,multi_platform_ol +-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_sle,multi_platform_ol ++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ol # Identify local mounts MOUNT_LIST=$(df --local | awk '{ print $6 }') diff --git a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml -index 79b85c1b..a614e1f5 100644 +index 43da70e0f..c05b0a93c 100644 --- a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Remove User Host-Based Authentication Files' @@ -2948,18 +3151,18 @@ index 79b85c1b..a614e1f5 100644 stigid@sle15: SLES-15-040020 diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml -index 8a1f7ba9..9cb71d63 100644 +index b2e659932..b0caa23e3 100644 --- a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall rsh-server Package' -@@ -38,7 +38,7 @@ references: +@@ -39,7 +39,7 @@ references: stigid@ol7: OL07-00-020000 stigid@ol8: OL08-00-040010 stigid@rhel7: RHEL-07-020000 @@ -2969,19 +3172,19 @@ index 8a1f7ba9..9cb71d63 100644 {{{ complete_ocil_entry_package(package="rsh-server") }}} diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml -index 05e41516..467932cc 100644 +index e343810ac..d71fff5d3 100644 --- a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall rsh Package' diff --git a/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml b/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml -index 8b94664d..69b3cc37 100644 +index 8b94664dc..69b3cc377 100644 --- a/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -2993,79 +3196,79 @@ index 8b94664d..69b3cc37 100644 title: 'Disable rexec Service' diff --git a/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml b/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml -index abaa36a1..27c0b794 100644 +index 1b5db8e51..2fbbb79a5 100644 --- a/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml @@ -1,7 +1,7 @@ documentation_complete: true # potentially obsolete, rsh-server is not available in RHEL9 --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Disable rlogin Service' diff --git a/linux_os/guide/services/obsolete/r_services/service_rsh_disabled/rule.yml b/linux_os/guide/services/obsolete/r_services/service_rsh_disabled/rule.yml -index 70d6cb15..7241a8d0 100644 +index fa3fbd472..0af455948 100644 --- a/linux_os/guide/services/obsolete/r_services/service_rsh_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/service_rsh_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4 +-prodtype: alinux2,ol7,ol8,rhel7,rhel8,rhv4 ++prodtype: alinux2,ol7,ol8,rhel7,rhel8,almalinux8,rhv4 title: 'Disable rsh Service' diff --git a/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml b/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml -index d3d48820..4870dbaa 100644 +index 315af3908..85341a15e 100644 --- a/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 +-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 - title: 'Ensure rsyncd service is diabled' + title: 'Ensure rsyncd service is disabled' diff --git a/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml -index 4faf52ea..84f94d7c 100644 +index 8ca257b6f..d7a907ce9 100644 --- a/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 +-prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Uninstall talk-server Package' diff --git a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml -index ae60c8e1..fb6760bb 100644 +index ea67a07fe..9527c3e4b 100644 --- a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml +++ b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall talk Package' diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml -index ea679e6a..c6b24427 100644 +index 2780aafb9..6957bf8ce 100644 --- a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Uninstall telnet-server Package' -@@ -49,7 +49,7 @@ references: +@@ -52,7 +52,7 @@ references: stigid@ol7: OL07-00-021710 stigid@ol8: OL08-00-040000 stigid@rhel7: RHEL-07-021710 @@ -3075,42 +3278,42 @@ index ea679e6a..c6b24427 100644 stigid@sle15: SLES-15-010180 diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml -index 7134b8b2..ec8c1f52 100644 +index b1c974e80..3e418beff 100644 --- a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml +++ b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 +-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Remove telnet Clients' diff --git a/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml b/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml -index 3c879a79..264fce08 100644 +index a38c0cc48..1205b52bb 100644 --- a/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 +-prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Disable telnet Service' diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml -index 10f44352..c97cdffe 100644 +index f9328616a..75d5a86a2 100644 --- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Uninstall tftp-server Package' -@@ -36,7 +36,7 @@ references: +@@ -40,7 +40,7 @@ references: stigid@ol7: OL07-00-040700 stigid@ol8: OL08-00-040190 stigid@rhel7: RHEL-07-040700 @@ -3120,72 +3323,111 @@ index 10f44352..c97cdffe 100644 {{{ complete_ocil_entry_package(package="tftp-server") }}} diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml -index 50b22bb8..5c32712b 100644 +index ac1bafde0..aae1b00cd 100644 --- a/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml +++ b/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9 -+prodtype: rhel7,rhel8,almalinux8,rhel9 +-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Remove tftp Daemon' diff --git a/linux_os/guide/services/obsolete/tftp/service_tftp_disabled/rule.yml b/linux_os/guide/services/obsolete/tftp/service_tftp_disabled/rule.yml -index 1d6d6c81..f9aebbf5 100644 +index 56889e4a6..136a095f0 100644 --- a/linux_os/guide/services/obsolete/tftp/service_tftp_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/tftp/service_tftp_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,sle15 -+prodtype: rhel7,rhel8,almalinux8,sle15 +-prodtype: alinux2,rhel7,rhel8,sle15 ++prodtype: alinux2,rhel7,rhel8,almalinux8,sle15 title: 'Disable tftp Service' diff --git a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/ansible/shared.yml b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/ansible/shared.yml -index 359670e3..0192b27e 100644 +index ac39e46a6..dc82d6507 100644 --- a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/ansible/shared.yml +++ b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,WRLinux 1019 -+# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,WRLinux 1019 +-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4 ++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4 # reboot = false # complexity = low # strategy = configure diff --git a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/bash/shared.sh b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/bash/shared.sh -index d192f984..37f93ceb 100644 +index 1560f0c1e..43a88b1bf 100644 --- a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/bash/shared.sh +++ b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,WRLinux 1019 -+# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,WRLinux 1019 +-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4 ++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4 {{{ bash_instantiate_variables ("var_tftpd_secure_directory") }}} diff --git a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml -index 775dcfbe..d2cd2ad3 100644 +index dd0bd7983..757ed6c1e 100644 --- a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml +++ b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml -@@ -1,6 +1,6 @@ +@@ -1,13 +1,13 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 title: 'Ensure tftp Daemon Uses Secure Mode' -@@ -40,7 +40,7 @@ references: + description: |- + If running the Trivial File Transfer Protocol (TFTP) service is necessary, + it should be configured to change its root directory at startup. To do so, +- {{%- if product in ["rhel7","ol7","rhel8","ol8","rhv4"] %}} ++ {{%- if product in ["rhel7","ol7","rhel8", "almalinux8","ol8","rhv4"] %}} + ensure /etc/xinetd.d/tftp includes -s as a command line argument, + as shown in the following example: + 
server_args = -s {{{ xccdf_value("var_tftpd_secure_directory") }}}
+@@ -47,10 +47,10 @@ references: stigid@ol7: OL07-00-040720 stigid@ol8: OL08-00-040350 stigid@rhel7: RHEL-07-040720 - stigid@rhel8: RHEL-08-040350 + stigid@almalinux8: RHEL-08-040350 - ocil_clause: 'this flag is missing' + ocil_clause: |- +-{{%- if product in ["rhel7","ol7","rhel8","ol8","rhv4"] %}} ++{{%- if product in ["rhel7","ol7","rhel8", "almalinux8","ol8","rhv4"] %}} + '"server_args" line does not have a "-s" option, and a subdirectory is not assigned' + {{%- else %}} + 'the "ExecStart" line does not have a "-s" option, and a subdirectory is not assigned' +@@ -60,7 +60,7 @@ ocil: |- + Verify the TFTP daemon is configured to operate in secure mode. + Check if a TFTP server is installed with the following command: +- {{% if product in ["rhel7","ol7","rhel8","ol8","rhv4"] %}} ++ {{% if product in ["rhel7","ol7","rhel8", "almalinux8","ol8","rhv4"] %}} + 
$ rpm -qa | grep tftp
+ {{% else %}} + 
$ sudo dnf list --installed tftp-server
+@@ -70,7 +70,7 @@ ocil: |-
+ 
+     If a TFTP server is not installed, this is Not Applicable.
+     


+-    {{% if product in ["rhel7","ol7","rhel8","ol8","rhv4"] %}}
++    {{% if product in ["rhel7","ol7","rhel8", "almalinux8","ol8","rhv4"] %}}
+     If a TFTP server is installed, verify TFTP is configured by with
+     the -s option by running the following command:
+ 
+@@ -84,7 +84,7 @@ ocil: |-
+     {{% endif %}}
+ 
+ fixtext: |-
+-    {{%- if product in ["rhel7","ol7","rhel8","ol8","rhv4"] %}}
++    {{%- if product in ["rhel7","ol7","rhel8", "almalinux8","ol8","rhv4"] %}}
+     Configure the TFTP daemon to operate in secure mode by adding the following line to "/etc/xinetd.d/tftp" (or modify the line to have the required value):
+ 
+     server_args = -s {{{ xccdf_value("var_tftpd_secure_directory") }}}
 diff --git a/linux_os/guide/services/printing/configure_printing/cups_disable_browsing/rule.yml b/linux_os/guide/services/printing/configure_printing/cups_disable_browsing/rule.yml
-index 07e05068..99d2c008 100644
+index 07e050686..99d2c0082 100644
 --- a/linux_os/guide/services/printing/configure_printing/cups_disable_browsing/rule.yml
 +++ b/linux_os/guide/services/printing/configure_printing/cups_disable_browsing/rule.yml
 @@ -1,6 +1,6 @@
@@ -3197,7 +3439,7 @@ index 07e05068..99d2c008 100644
  title: 'Disable Printer Browsing Entirely if Possible'
  
 diff --git a/linux_os/guide/services/printing/configure_printing/cups_disable_printserver/rule.yml b/linux_os/guide/services/printing/configure_printing/cups_disable_printserver/rule.yml
-index 0455776f..e37dae84 100644
+index 0455776f4..e37dae841 100644
 --- a/linux_os/guide/services/printing/configure_printing/cups_disable_printserver/rule.yml
 +++ b/linux_os/guide/services/printing/configure_printing/cups_disable_printserver/rule.yml
 @@ -1,6 +1,6 @@
@@ -3208,44 +3450,56 @@ index 0455776f..e37dae84 100644
  
  title: 'Disable Print Server Capabilities'
  
+diff --git a/linux_os/guide/services/printing/package_cups_removed/rule.yml b/linux_os/guide/services/printing/package_cups_removed/rule.yml
+index df44086ff..505489ac1 100644
+--- a/linux_os/guide/services/printing/package_cups_removed/rule.yml
++++ b/linux_os/guide/services/printing/package_cups_removed/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+ 
+ title: 'Uninstall CUPS Package'
+ 
 diff --git a/linux_os/guide/services/printing/service_cups_disabled/rule.yml b/linux_os/guide/services/printing/service_cups_disabled/rule.yml
-index dd72c6f7..00241a47 100644
+index 1c9a75bc5..acb6c6223 100644
 --- a/linux_os/guide/services/printing/service_cups_disabled/rule.yml
 +++ b/linux_os/guide/services/printing/service_cups_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004
+-prodtype: alinux3,anolis8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable the CUPS Service'
  
 diff --git a/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml b/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml
-index 8700dc83..155aa7f8 100644
+index c0d33e434..23cef9be2 100644
 --- a/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml
 +++ b/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Uninstall squid Package'
  
 diff --git a/linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml b/linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml
-index f12fa6f2..0b1a4ea5 100644
+index 9321e667b..fcbb8717a 100644
 --- a/linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml
 +++ b/linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Disable Squid'
  
 diff --git a/linux_os/guide/services/radius/package_freeradius_removed/rule.yml b/linux_os/guide/services/radius/package_freeradius_removed/rule.yml
-index 7c01c09b..89f28d22 100644
+index 7c01c09b4..89f28d22e 100644
 --- a/linux_os/guide/services/radius/package_freeradius_removed/rule.yml
 +++ b/linux_os/guide/services/radius/package_freeradius_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -3257,28 +3511,19 @@ index 7c01c09b..89f28d22 100644
  title: 'Remove the FreeRadius Server Package'
  
 diff --git a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
-index 1bb70346..e1d4dd4c 100644
+index 9993786dc..88041fd82 100644
 --- a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
 +++ b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Enable the Hardware RNG Entropy Gatherer Service'
  
-@@ -24,7 +24,7 @@ references:
-     ospp: FCS_RBG_EXT.1
-     srg: SRG-OS-000480-GPOS-00227
-     stigid@ol8: OL08-00-010471
--    stigid@rhel8: RHEL-08-010471
-+    stigid@almalinux8: RHEL-08-010471
- 
- ocil_clause: 'the service is not enabled'
- 
 diff --git a/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml b/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml
-index b63deaa8..285c1b64 100644
+index 4c37ae2f7..53ecf1017 100644
 --- a/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml
 +++ b/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -3290,7 +3535,7 @@ index b63deaa8..285c1b64 100644
  title: 'Uninstall quagga Package'
  
 diff --git a/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml b/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml
-index 54e52790..c7a14e6f 100644
+index 15d2f4400..36bd768fd 100644
 --- a/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml
 +++ b/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -3302,7 +3547,7 @@ index 54e52790..c7a14e6f 100644
  title: 'Disable Quagga Service'
  
 diff --git a/linux_os/guide/services/smb/configuring_samba/mount_option_smb_client_signing/rule.yml b/linux_os/guide/services/smb/configuring_samba/mount_option_smb_client_signing/rule.yml
-index da59b70a..c2835fba 100644
+index da59b70a6..c2835fbaa 100644
 --- a/linux_os/guide/services/smb/configuring_samba/mount_option_smb_client_signing/rule.yml
 +++ b/linux_os/guide/services/smb/configuring_samba/mount_option_smb_client_signing/rule.yml
 @@ -1,6 +1,6 @@
@@ -3314,7 +3559,7 @@ index da59b70a..c2835fba 100644
  title: 'Require Client SMB Packet Signing, if using mount.cifs'
  
 diff --git a/linux_os/guide/services/smb/configuring_samba/package_samba-common_installed/rule.yml b/linux_os/guide/services/smb/configuring_samba/package_samba-common_installed/rule.yml
-index 1f7d56c1..4e5fb508 100644
+index 1f7d56c19..4e5fb5081 100644
 --- a/linux_os/guide/services/smb/configuring_samba/package_samba-common_installed/rule.yml
 +++ b/linux_os/guide/services/smb/configuring_samba/package_samba-common_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -3326,7 +3571,7 @@ index 1f7d56c1..4e5fb508 100644
  title: 'Install the Samba Common Package'
  
 diff --git a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
-index a6606860..f25b9504 100644
+index a66068605..f25b95045 100644
 --- a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
 +++ b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -3336,7 +3581,7 @@ index a6606860..f25b9504 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh
-index 9e1f01f5..d7d4c265 100644
+index 9e1f01f53..d7d4c2651 100644
 --- a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh
 +++ b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -3346,7 +3591,7 @@ index 9e1f01f5..d7d4c265 100644
  #By Luke "Brisk-OH" Brisk
  #luke.brisk@boeing.com or luke.brisk@gmail.com
 diff --git a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/rule.yml b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/rule.yml
-index 103130bc..77660a77 100644
+index 103130bc8..77660a770 100644
 --- a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/rule.yml
 +++ b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/rule.yml
 @@ -1,6 +1,6 @@
@@ -3358,7 +3603,7 @@ index 103130bc..77660a77 100644
  title: 'Require Client SMB Packet Signing, if using smbclient'
  
 diff --git a/linux_os/guide/services/smb/configuring_samba/smb_server_disable_root/rule.yml b/linux_os/guide/services/smb/configuring_samba/smb_server_disable_root/rule.yml
-index 0cf80fb6..d9978cea 100644
+index 0cf80fb63..d9978cea7 100644
 --- a/linux_os/guide/services/smb/configuring_samba/smb_server_disable_root/rule.yml
 +++ b/linux_os/guide/services/smb/configuring_samba/smb_server_disable_root/rule.yml
 @@ -1,6 +1,6 @@
@@ -3370,55 +3615,55 @@ index 0cf80fb6..d9978cea 100644
  title: 'Disable Root Access to SMB Shares'
  
 diff --git a/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml b/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml
-index 0a90377e..99e264dc 100644
+index 1f75e60ce..56b8080d0 100644
 --- a/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml
 +++ b/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Uninstall Samba Package'
  
 diff --git a/linux_os/guide/services/smb/disabling_samba/service_smb_disabled/rule.yml b/linux_os/guide/services/smb/disabling_samba/service_smb_disabled/rule.yml
-index 41375ebd..12bf35bf 100644
+index 76303fa12..c16638e40 100644
 --- a/linux_os/guide/services/smb/disabling_samba/service_smb_disabled/rule.yml
 +++ b/linux_os/guide/services/smb/disabling_samba/service_smb_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,sle15
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Disable Samba'
  
 diff --git a/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml b/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml
-index bd32b570..299567ea 100644
+index 271f1f27e..2eadb3218 100644
 --- a/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml
 +++ b/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: debian10,debian11,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: debian10,debian11,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Uninstall net-snmp Package'
  
 diff --git a/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml b/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml
-index 1b1f9e57..1356372e 100644
+index be039de1f..b489cfe5c 100644
 --- a/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml
 +++ b/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,rhel7,rhel8,rhel9,sle15
-+prodtype: debian10,debian11,debian9,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Disable snmpd Service'
  
 diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/bash/shared.sh b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/bash/shared.sh
-index 084c8934..c38f2b92 100644
+index 084c89343..c38f2b927 100644
 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/bash/shared.sh
 +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -3428,7 +3673,7 @@ index 084c8934..c38f2b92 100644
  if grep -s "rwuser" /etc/snmp/snmpd.conf | grep -qv "^#"; then
  	sed -i "/^\s*#/b;/rwuser/ s/^/#/" /etc/snmp/snmpd.conf
 diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml
-index 3ff132df..ae50caed 100644
+index c2af07442..2c009ce79 100644
 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml
 +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml
 @@ -1,6 +1,6 @@
@@ -3440,39 +3685,39 @@ index 3ff132df..ae50caed 100644
  title: 'Ensure SNMP Read Write is disabled'
  
 diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
-index 632c7111..f4f8427b 100644
+index 3b8653a60..5de223af4 100644
 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
 +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = debian 11,debian 10,debian 9,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,WRLinux 1019
-+# platform = debian 11,debian 10,debian 9,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,WRLinux 1019
+-# platform = debian 11,debian 10,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = debian 11,debian 10,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh
-index 50871561..7d4722af 100644
+index ce70b2c19..6e484b30e 100644
 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh
 +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = debian 11,debian 10,debian 9,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,WRLinux 1019
-+# platform = debian 11,debian 10,debian 9,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,WRLinux 1019
+-# platform = debian 11,debian 10,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = debian 11,debian 10,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  {{{ bash_instantiate_variables("var_snmpd_ro_string", "var_snmpd_rw_string") }}}
  
 diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/rule.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/rule.yml
-index 4bfec9ff..87cc1ccf 100644
+index f02c9a7e0..ebf1a539c 100644
 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/rule.yml
 +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhel7,rhel8,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhel7,rhel8,almalinux8,wrlinux1019
+-prodtype: debian10,debian11,fedora,ol7,ol8,rhel7,rhel8
++prodtype: debian10,debian11,fedora,ol7,ol8,rhel7,rhel8,almalinux8
  
  title: 'Ensure Default SNMP Password Is Not Used'
  
 diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_use_newer_protocol/rule.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_use_newer_protocol/rule.yml
-index 789f2264..ef5b6e8d 100644
+index 309efb9aa..d8c7643df 100644
 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_use_newer_protocol/rule.yml
 +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_use_newer_protocol/rule.yml
 @@ -1,6 +1,6 @@
@@ -3484,46 +3729,46 @@ index 789f2264..ef5b6e8d 100644
  title: 'Configure SNMP Service to Use Only SNMPv3 or Newer'
  
 diff --git a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
-index 2e3bccf6..7f8c24e2 100644
+index e393c6c2c..69645e333 100644
 --- a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
 +++ b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Verify Group Who Owns SSH Server config file'
  
 diff --git a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
-index a2a1b879..67fe7751 100644
+index fa43ddc59..c05d15e3a 100644
 --- a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
 +++ b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Verify Owner on SSH Server config file'
  
 diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
-index bcaf46bd..7a0a13db 100644
+index 3d00dec4b..0d1ba1620 100644
 --- a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
 +++ b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Verify Permissions on SSH Server config file'
  
 diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml
-index 98d75350..20db20a0 100644
+index a788cbfbf..64b431417 100644
 --- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml
 +++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-040420
      stigid@ol8: OL08-00-010490
      stigid@rhel7: RHEL-07-040420
@@ -3532,11 +3777,44 @@ index 98d75350..20db20a0 100644
      stigid@sle12: SLES-12-030220
      stigid@sle15: SLES-15-040250
  
+diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh
+index 28325e1f7..d19148a0b 100644
+--- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh
++++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
+ chown root:ssh_keys "$FAKE_KEY"
+diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh
+index 63e2d8642..8a5a658b5 100644
+--- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh
++++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
+ chown root:ssh_keys "$FAKE_KEY"
+diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh
+index 48ecfbcac..c5a05db8b 100644
+--- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh
++++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
+ chown root:ssh_keys "$FAKE_KEY"
 diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
-index c0cad148..1d696656 100644
+index fc1d64b91..c08e8d3f9 100644
 --- a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
 +++ b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-040410
      stigid@ol8: OL08-00-010480
      stigid@rhel7: RHEL-07-040410
@@ -3546,7 +3824,7 @@ index c0cad148..1d696656 100644
      stigid@sle15: SLES-15-040240
  
 diff --git a/linux_os/guide/services/ssh/firewalld_sshd_disabled/rule.yml b/linux_os/guide/services/ssh/firewalld_sshd_disabled/rule.yml
-index d49b5e58..a948b56c 100644
+index d49b5e58c..a948b56cd 100644
 --- a/linux_os/guide/services/ssh/firewalld_sshd_disabled/rule.yml
 +++ b/linux_os/guide/services/ssh/firewalld_sshd_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -3558,19 +3836,19 @@ index d49b5e58..a948b56c 100644
  title: 'Remove SSH Server firewalld Firewall exception (Unusual)'
  
 diff --git a/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml b/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml
-index d90a6482..791df38c 100644
+index 36ac1f29d..604658671 100644
 --- a/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml
 +++ b/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhel8,rhel9
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Install OpenSSH client software'
  
 diff --git a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml
-index 6ce8ee1f..f748ee64 100644
+index 984773361..e088ea707 100644
 --- a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml
 +++ b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml
 @@ -31,7 +31,7 @@ references:
@@ -3583,14 +3861,14 @@ index 6ce8ee1f..f748ee64 100644
  
  ocil_clause: 'the package is not installed'
 diff --git a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
-index 88215418..0b4e2d70 100644
+index 158df38e1..f9a51aa7c 100644
 --- a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
 +++ b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Enable the OpenSSH Service'
  
@@ -3604,19 +3882,19 @@ index 88215418..0b4e2d70 100644
      stigid@sle15: SLES-15-010530
      stigid@ubuntu2004: UBTU-20-010042
 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml
-index 41e7a9a8..106fb84b 100644
+index afc6d539c..25b19221f 100644
 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure session renegotiation for SSH client'
  
 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/ansible/shared.yml
-index 1c878701..be1bff4c 100644
+index 1c878701e..be1bff4cf 100644
 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/ansible/shared.yml
 +++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -3626,7 +3904,7 @@ index 1c878701..be1bff4c 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/bash/shared.sh b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/bash/shared.sh
-index 3df859f3..e2ab1886 100644
+index 3df859f35..e2ab18861 100644
 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/bash/shared.sh
 +++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -3636,7 +3914,7 @@ index 3df859f3..e2ab1886 100644
  # put line into the file
  echo "setenv SSH_USE_STRONG_RNG 32" > /etc/profile.d/cc-ssh-strong-rng.csh
 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml
-index cbd17bf0..6b50d0a8 100644
+index cbd17bf07..6b50d0a8c 100644
 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml
 @@ -1,6 +1,6 @@
@@ -3648,7 +3926,7 @@ index cbd17bf0..6b50d0a8 100644
  title: 'SSH client uses strong entropy to seed (for CSH like shells)'
  
 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/ansible/shared.yml
-index 29c64602..1be957f9 100644
+index 29c646020..1be957f95 100644
 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/ansible/shared.yml
 +++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -3658,7 +3936,7 @@ index 29c64602..1be957f9 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/bash/shared.sh b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/bash/shared.sh
-index 13306db4..7a5ca21f 100644
+index 13306db45..7a5ca21fc 100644
 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/bash/shared.sh
 +++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -3668,7 +3946,7 @@ index 13306db4..7a5ca21f 100644
  # put line into the file
  echo "export SSH_USE_STRONG_RNG=32" > /etc/profile.d/cc-ssh-strong-rng.sh
 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml
-index 53728a2b..6021e093 100644
+index 53728a2b3..6021e093e 100644
 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml
 @@ -1,6 +1,6 @@
@@ -3680,7 +3958,7 @@ index 53728a2b..6021e093 100644
  title: 'SSH client uses strong entropy to seed (Bash-like shells)'
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
-index 5a97f74d..104b27f3 100644
+index 5a97f74df..104b27f3f 100644
 --- a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -3690,30 +3968,20 @@ index 5a97f74d..104b27f3 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/ansible/shared.yml
-index 2553a4d2..034183d2 100644
---- a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/ansible/shared.yml
-+++ b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # complexity = low
- # strategy = configure
 diff --git a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
-index 4945d060..050ce57c 100644
+index 7446a6237..79fb20432 100644
 --- a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable SSH Server firewalld Firewall Exception'
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml
-index 39102e5d..2dcfeeb0 100644
+index 39102e5d7..2dcfeeb0f 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -3723,7 +3991,7 @@ index 39102e5d..2dcfeeb0 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh
-index ba598762..d972650e 100644
+index ba5987621..d972650ea 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -3733,7 +4001,7 @@ index ba598762..d972650e 100644
  
  {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^Protocol', '2', '%s %s') }}}
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml
-index f8d422c6..aafcd046 100644
+index f8d422c6c..aafcd046f 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -3743,33 +4011,20 @@ index f8d422c6..aafcd046 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh
-index 397e9994..bdaced02 100644
+index 7c01208c4..8e6c9a53a 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
  {{{ bash_instantiate_variables("var_sshd_disable_compression") }}}
  
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml
-index b708373c..d38ad9c2 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml
-@@ -40,7 +40,7 @@ references:
-     stigid@ol7: OL07-00-040470
-     stigid@ol8: OL08-00-010510
-     stigid@rhel7: RHEL-07-040470
--    stigid@rhel8: RHEL-08-010510
-+    stigid@almalinux8: RHEL-08-010510
-     stigid@sle12: SLES-12-030250
-     stigid@sle15: SLES-15-040280
-     vmmsrg: SRG-OS-000480-VMM-002000
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
-index fa2f4b4d..281c24c4 100644
+index 21129b0e8..285b4ae6f 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
-@@ -53,7 +53,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-010300
      stigid@ol8: OL08-00-020330
      stigid@rhel7: RHEL-07-010300
@@ -3779,7 +4034,7 @@ index fa2f4b4d..281c24c4 100644
      stigid@sle15: SLES-15-040440
      stigid@ubuntu2004: UBTU-20-010047
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
-index 50eb3cab..c880fbf7 100644
+index 60a2133f5..fcad3e02f 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
 @@ -43,7 +43,7 @@ references:
@@ -3792,7 +4047,7 @@ index 50eb3cab..c880fbf7 100644
  
  {{{ complete_ocil_entry_sshd_option(default="yes", option="GSSAPIAuthentication", value="no") }}}
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
-index ac869505..9483f4a0 100644
+index 74e47d13a..21bae6ff4 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
 @@ -44,7 +44,7 @@ references:
@@ -3805,7 +4060,7 @@ index ac869505..9483f4a0 100644
  
  {{{ complete_ocil_entry_sshd_option(default="yes", option="KerberosAuthentication", value="no") }}}
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml
-index 228a1166..6ba91af4 100644
+index 228a1166a..6ba91af43 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -3815,20 +4070,20 @@ index 228a1166..6ba91af4 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh
-index a6b70585..a11860b5 100644
+index 5a1ec5cf7..d240b4711 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
  
  
  {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^RhostsRSAAuthentication', 'no', '%s %s') }}}
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
-index b13e175c..96925bf7 100644
+index f3f3020b3..95b3b9ea4 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
-@@ -49,7 +49,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      stigid@ol7: OL07-00-040370
      stigid@ol8: OL08-00-010550
      stigid@rhel7: RHEL-07-040370
@@ -3838,7 +4093,7 @@ index b13e175c..96925bf7 100644
      stigid@sle15: SLES-15-020040
      vmmsrg: SRG-OS-000480-VMM-002000
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
-index 0987d4cc..4e8c5b2f 100644
+index 0bb62b7c9..abd0e26ca 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
 @@ -40,7 +40,7 @@ references:
@@ -3851,10 +4106,10 @@ index 0987d4cc..4e8c5b2f 100644
      stigid@sle15: SLES-15-040230
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
-index f92a9042..0cddb5d0 100644
+index 5c6d5c80a..48fe05bf2 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-040710
      stigid@ol8: OL08-00-040340
      stigid@rhel7: RHEL-07-040710
@@ -3864,10 +4119,10 @@ index f92a9042..0cddb5d0 100644
      stigid@ubuntu2004: UBTU-20-010048
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
-index 44482458..299a93fc 100644
+index 1c4acb931..a65b524ce 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      stigid@ol7: OL07-00-010460
      stigid@ol8: OL08-00-010830
      stigid@rhel7: RHEL-07-010460
@@ -3877,7 +4132,7 @@ index 44482458..299a93fc 100644
      stigid@sle15: SLES-15-040440
      stigid@ubuntu2004: UBTU-20-010047
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
-index f1232556..3b61d5f1 100644
+index 7c1c1591e..b17dc34f9 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
 @@ -43,7 +43,7 @@ references:
@@ -3890,10 +4145,10 @@ index f1232556..3b61d5f1 100644
      stigid@sle15: SLES-15-040260
      vmmsrg: SRG-OS-000480-VMM-002000
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
-index 5db8d82a..c1c82609 100644
+index 43e59e3ea..ba0acff7d 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-040170
      stigid@ol8: OL08-00-010040
      stigid@rhel7: RHEL-07-040170
@@ -3903,7 +4158,7 @@ index 5db8d82a..c1c82609 100644
      stigid@sle15: SLES-15-010040
      vmmsrg: SRG-OS-000023-VMM-000060,SRG-OS-000024-VMM-000070
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml
-index be9c7847..c58de35f 100644
+index 685504061..7ff5fd566 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml
 @@ -38,7 +38,7 @@ references:
@@ -3916,11 +4171,11 @@ index be9c7847..c58de35f 100644
      stigid@sle15: SLES-15-020120
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml
-index 450f244d..7152ffe2 100644
+index 9b1f144d7..0711b2bcd 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml
-@@ -25,7 +25,7 @@ references:
-     ospp: FCS_SSHS_EXT.1
+@@ -27,7 +27,7 @@ references:
+     ospp: FCS_SSH_EXT.1.8
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000033-GPOS-00014
      stigid@ol8: OL08-00-040161
 -    stigid@rhel8: RHEL-08-040161
@@ -3928,18 +4183,18 @@ index 450f244d..7152ffe2 100644
  
  ocil_clause: 'it is commented out or is not set'
  
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ok.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ok.pass.sh
-index b9834e6d..8b86e146 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ok.pass.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ok.pass.sh
+diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
+index a31a14f8a..08ad17d7b 100644
+--- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
++++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  
- sed -e '/RekeyLimit/d' /etc/ssh/sshd_config
+ mkdir -p /etc/ssh/sshd_config.d
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/ansible/shared.yml
-index 5b54ab89..4213bc15 100644
+index 5b54ab892..4213bc152 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/ansible/shared.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -3949,10 +4204,10 @@ index 5b54ab89..4213bc15 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
-index 0b5b7e1a..86f739bf 100644
+index abfed89d1..da0f2bd40 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
-@@ -55,7 +55,7 @@ references:
+@@ -64,7 +64,7 @@ references:
      stigid@ol7: OL07-00-040320
      stigid@ol8: OL08-00-010201
      stigid@rhel7: RHEL-07-040320
@@ -3962,7 +4217,7 @@ index 0b5b7e1a..86f739bf 100644
      stigid@sle15: SLES-15-010280
      stigid@ubuntu2004: UBTU-20-010037
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml
-index b280e21e..8e1c1810 100644
+index b280e21eb..8e1c18100 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -3972,50 +4227,50 @@ index b280e21e..8e1c1810 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh
-index fcd61646..8143f533 100644
+index 3cfe760fb..cba9bf0c4 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_sshd_set_keepalive") }}}
  
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml
-index 9c41c227..e59290a5 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml
-@@ -53,7 +53,7 @@ references:
+diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
+index 443356682..2c453eea7 100644
+--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
++++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
+@@ -57,7 +57,7 @@ references:
+     pcidss: Req-8.1.8
+     srg: SRG-OS-000163-GPOS-00072,SRG-OS-000279-GPOS-00109
      stigid@ol7: OL07-00-040340
-     stigid@ol8: OL08-00-010200
-     stigid@rhel7: RHEL-07-040340
 -    stigid@rhel8: RHEL-08-010200
 +    stigid@almalinux8: RHEL-08-010200
      stigid@sle12: SLES-12-030191
-     stigid@sle15: SLES-15-010320
+     stigid@ubuntu2004: UBTU-20-010036
      vmmsrg: SRG-OS-000480-VMM-002000
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml
-index 16e31302..71125a8d 100644
+index a7a2ed3d6..f4ba85ff9 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh
-index be4fce16..f17dfb14 100644
+index 2920273f9..32fba975e 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("sshd_max_auth_tries_value") }}}
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/correct_value.pass.sh
-index 4cc6d659..5e911b46 100644
+index 4cc6d6598..5e911b469 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/correct_value.pass.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/correct_value.pass.sh
 @@ -1,5 +1,5 @@
@@ -4026,7 +4281,7 @@ index 4cc6d659..5e911b46 100644
  #!/bin/bash
  SSHD_CONFIG="/etc/ssh/sshd_config"
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh
-index fcdb800c..77c3e82d 100644
+index fcdb800c2..77c3e82da 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh
 @@ -1,4 +1,4 @@
@@ -4036,87 +4291,87 @@ index fcdb800c..77c3e82d 100644
  #!/bin/bash
  SSHD_CONFIG="/etc/ssh/sshd_config"
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml
-index 0254221f..4d6c18f9 100644
+index 9b5ceb388..5f15749f5 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15,ubuntu2004,wrlinux1019,wrlinux8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2004,wrlinux1019,wrlinux8
+-prodtype: alinux2,ol7,ol8,rhel7,rhel8,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Use Only FIPS 140-2 Validated Ciphers'
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml
-index ebaf8525..99e2977f 100644
+index 6eaea80d8..8cb79f3a0 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,ol7,ol8,rhel7,rhel8,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Use Only FIPS 140-2 Validated MACs'
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh
-index 0e08a36d..da95aab4 100644
+index edb2553d2..2bfd42c86 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh
 @@ -1,3 +1,3 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^MACs', "hmac-sha2-512,hmac-sha2-256,hmac-sha1,hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com", '%s %s') }}}
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh
-index 1ac74ed4..aad9b777 100644
+index b903a7a08..cd6f95db4 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh
 @@ -1,3 +1,3 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^MACs', "wrong_value_expected_to_fail.com", '%s %s') }}}
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh
-index 798c4043..322c83cd 100644
+index ba493f99f..dad0a61e3 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  sed -i 's/^\s*Ciphers\s.*//i' /etc/ssh/sshd_config
  echo "Ciphers aes256-ctr" >> /etc/ssh/sshd_config
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh
-index 19faca73..22bf6bdc 100644
+index 27a2e37ac..3e678dccb 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh
 @@ -1,3 +1,3 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  sed -i 's/^\s*Ciphers\s/# &/i' /etc/ssh/sshd_config
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh
-index 77330241..c5adffff 100644
+index ca08e633a..f90fa48d6 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  sed -i 's/^\s*MACs\s.*//i' /etc/ssh/sshd_config
  echo "MACs hmac-sha2-512" >> /etc/ssh/sshd_config
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh
-index 8d33596e..beafbd6d 100644
+index 5a98fc0eb..846cdd444 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh
 @@ -1,3 +1,3 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  sed -i 's/^\s*MACs\s/# &/i' /etc/ssh/sshd_config
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
-index b6fd81fa..d1f21b26 100644
+index 69f4b7c74..f4544cb69 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
 @@ -2,7 +2,7 @@ documentation_complete: true
@@ -4128,60 +4383,24 @@ index b6fd81fa..d1f21b26 100644
  
  title: 'SSH server uses strong entropy to seed'
  
-@@ -29,7 +29,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      ospp: FCS_RBG_EXT.1.2
-     srg: SRG-OS-000480-GPOS-00227
+     srg: SRG-OS-000480-GPOS-00232,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010292
 -    stigid@rhel8: RHEL-08-010292
 +    stigid@almalinux8: RHEL-08-010292
  
  ocil: |-
      To determine whether the SSH service is configured to use strong entropy seed,
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/bad_config.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/bad_config.fail.sh
-index f4f8c22f..1884e87d 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/bad_config.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/bad_config.fail.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- 
- echo 'SSH_USE_STRONG_RNG=1' > /etc/sysconfig/sshd
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/good_config.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/good_config.pass.sh
-index 70f53ac2..54420303 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/good_config.pass.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/good_config.pass.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- 
- echo 'SSH_USE_STRONG_RNG=32' > /etc/sysconfig/sshd
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/no_config.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/no_config.fail.sh
-index 1e5f0b29..bb5137b2 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/no_config.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/no_config.fail.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- 
- rm -f /etc/sysconfig/sshd
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/quoted.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/quoted.fail.sh
-index a10d24a7..d0b4e3a9 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/quoted.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/tests/quoted.fail.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- 
- echo 'SSH_USE_STRONG_RNG="32"' > /etc/sysconfig/sshd
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
-index 0f693cdf..3a359728 100644
+index 8aac236b7..f481f8a53 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,ubuntu2004,ubuntu2204
  
  title: 'Prevent remote hosts from connecting to the proxy display'
  
@@ -4195,7 +4414,7 @@ index 0f693cdf..3a359728 100644
      stigid@ubuntu2004: UBTU-20-010049
  
 diff --git a/linux_os/guide/services/sssd/package_sssd-ipa_installed/rule.yml b/linux_os/guide/services/sssd/package_sssd-ipa_installed/rule.yml
-index ec0cf86d..dce874ce 100644
+index ec0cf86d1..dce874ce5 100644
 --- a/linux_os/guide/services/sssd/package_sssd-ipa_installed/rule.yml
 +++ b/linux_os/guide/services/sssd/package_sssd-ipa_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -4207,7 +4426,7 @@ index ec0cf86d..dce874ce 100644
  title: 'Install sssd-ipa Package'
  
 diff --git a/linux_os/guide/services/sssd/package_sssd_installed/rule.yml b/linux_os/guide/services/sssd/package_sssd_installed/rule.yml
-index 0b683c07..8ab70a39 100644
+index 0b683c070..8ab70a395 100644
 --- a/linux_os/guide/services/sssd/package_sssd_installed/rule.yml
 +++ b/linux_os/guide/services/sssd/package_sssd_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -4219,31 +4438,31 @@ index 0b683c07..8ab70a39 100644
  title: 'Install the SSSD Package'
  
 diff --git a/linux_os/guide/services/sssd/service_sssd_enabled/rule.yml b/linux_os/guide/services/sssd/service_sssd_enabled/rule.yml
-index 123d5ee0..8806239f 100644
+index 39c32095b..3f403df47 100644
 --- a/linux_os/guide/services/sssd/service_sssd_enabled/rule.yml
 +++ b/linux_os/guide/services/sssd/service_sssd_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
+-prodtype: fedora,ol7,ol8,rhel7,rhel8
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
+ 
+ title: 'Enable the SSSD Service'
+ 
+diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml
+index c21b1e612..97d820689 100644
+--- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml
++++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
 -prodtype: ol7,ol8,rhel7,rhel8
 +prodtype: ol7,ol8,rhel7,rhel8,almalinux8
  
- title: 'Enable the SSSD Service'
- 
-diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml
-index 01a2cdb1..c2cb1cbf 100644
---- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml
-+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhel7,rhel8,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,wrlinux1019
- 
  title: 'Configure SSSD LDAP Backend Client CA Certificate'
  
 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml
-index 202fc7f4..711cc57c 100644
+index 202fc7f44..711cc57c6 100644
 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml
 +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -4253,29 +4472,29 @@ index 202fc7f4..711cc57c 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh
-index 631f9551..c77ea76d 100644
+index 68a6a1291..740c94e10 100644
 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
  
  {{{ bash_instantiate_variables("var_sssd_ldap_tls_ca_dir") }}}
  
 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml
-index 430f0e65..c78b10d6 100644
+index c5ef25261..110dd8287 100644
 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,wrlinux1019
+-prodtype: ol7,ol8,rhel7,rhel8
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8
  
  title: 'Configure SSSD LDAP Backend Client CA Certificate Location'
  
 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml
-index 891b3e2f..6cb0bce2 100644
+index 891b3e2f9..6cb0bce26 100644
 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml
 +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -4285,28 +4504,28 @@ index 891b3e2f..6cb0bce2 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh
-index 6aada6d0..61fde625 100644
+index 5c83263bc..91e28ba16 100644
 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh
 @@ -1,3 +1,3 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
  
  {{{ bash_sssd_ldap_config(parameter="ldap_tls_reqcert", value="demand") }}}
 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/rule.yml
-index 4b9636fb..46b8d977 100644
+index 5a69c77ce..4f6f66f43 100644
 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,wrlinux1019
+-prodtype: ol7,ol8,rhel7,rhel8
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8
  
  title: 'Configure SSSD LDAP Backend Client to Demand a Valid Certificate from the Server'
  
 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml
-index b38bc41f..33c5c903 100644
+index b38bc41fe..33c5c9034 100644
 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml
 +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -4316,29 +4535,29 @@ index b38bc41f..33c5c903 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh
-index f6224484..054ba74b 100644
+index 564e32815..02bed6db8 100644
 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
  
  {{{ bash_sssd_ldap_config(parameter="ldap_id_use_start_tls", value="true") }}}
  
 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/rule.yml
-index 1f48dc7e..4872f285 100644
+index 44878eb57..473279288 100644
 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,wrlinux1019
+-prodtype: ol7,ol8,rhel7,rhel8
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8
  
  title: 'Configure SSSD LDAP Backend to Use TLS For All Transactions'
  
 diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml
-index 823c0f55..9f6ad853 100644
+index 0e2eefedf..5d4c828e0 100644
 --- a/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml
 +++ b/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -4348,7 +4567,7 @@ index 823c0f55..9f6ad853 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh b/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh
-index 3d852610..2868107d 100644
+index c3ad7e882..dcee45546 100644
 --- a/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -4358,16 +4577,16 @@ index 3d852610..2868107d 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
-index 1d79939f..de72f015 100644
+index cd24ded03..1e7fad032 100644
 --- a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
  
- title: 'Certificate certificate status checking in SSSD'
+ title: 'Certificate status checking in SSSD'
  
 @@ -25,7 +25,7 @@ references:
      nist: IA-2(11)
@@ -4379,14 +4598,14 @@ index 1d79939f..de72f015 100644
  
  ocil_clause: 'certificate_verification in sssd is not configured'
 diff --git a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
-index f45bcd21..4a62e022 100644
+index ed8b1c4e1..bd14c9954 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Enable Certmap in SSSD'
  
@@ -4400,7 +4619,7 @@ index f45bcd21..4a62e022 100644
  warnings:
      - general: |-
 diff --git a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh
-index 86f55171..b3f325e7 100644
+index d233bc61d..9e2c7d3bf 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -4410,7 +4629,7 @@ index 86f55171..b3f325e7 100644
  SSSD_CONF="/etc/sssd/sssd.conf"
  SSSD_CONF_DIR="/etc/sssd/conf.d/*.conf"
 diff --git a/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml b/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml
-index 984ee37a..dcc31030 100644
+index 984ee37a0..dcc310307 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml
 @@ -1,6 +1,6 @@
@@ -4422,38 +4641,200 @@ index 984ee37a..dcc31030 100644
  title: 'Configure PAM in SSSD Services'
  
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml
-index ae5e6a67..e2793477 100644
+index f82c9e386..e57bdf163 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
+@@ -34,7 +34,7 @@
+     create: yes
+     mode: 0600
+ 
+-{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
++{{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
+ - name: '{{{ rule_title }}} - Check if system relies on authselect'
+   ansible.builtin.stat:
+     path: /usr/bin/authselect
+diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
+index 487b11b6b..e88f2c7a4 100644
+--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
++++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
+@@ -6,7 +6,7 @@
+ 
+ {{{ bash_ensure_ini_config("/etc/sssd/sssd.conf", "pam", "pam_cert_auth", "True") }}}
+ 
+-{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
++{{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
+ if [ -f /usr/bin/authselect ]; then
+     if authselect check; then
+         {{{ bash_enable_authselect_feature('with-smartcard') | indent(8) }}}
+diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml b/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
+index c2ae4d39a..010ff0410 100644
+--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
++++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
+@@ -5,7 +5,7 @@
+     
+       
+-      {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
++      {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
+       
+       1
+   
+ 
+-  {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
++  {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
+   
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
-index 0ff0bf03..7bebac5d 100644
+index eb3a99fb0..2420470bd 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Enable Smartcards in SSSD'
  
-@@ -40,7 +40,7 @@ references:
-     ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561
-     srg: SRG-OS-000375-GPOS-00160,SRG-OS-000105-GPOS-00052
+@@ -11,7 +11,7 @@ description: |-
+     
[pam]
+     pam_cert_auth = True
+     

+-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
++    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
+     Add or update "pam_sss.so" line in auth section of "/etc/pam.d/system-auth" file to include
+     "try_cert_auth" or "require_cert_auth" option, like in the following example:
+     
+@@ -51,7 +51,7 @@ references:
+     pcidss: Req-8.3
+     srg: SRG-OS-000375-GPOS-00160,SRG-OS-000105-GPOS-00052,SRG-OS-000106-GPOS-00053,SRG-OS-000107-GPOS-00054,SRG-OS-000108-GPOS-00055
      stigid@ol8: OL08-00-020250
 -    stigid@rhel8: RHEL-08-020250
 +    stigid@almalinux8: RHEL-08-020250
      vmmsrg: SRG-OS-000107-VMM-000530
  
  ocil_clause: 'smart cards are not enabled in SSSD'
+@@ -62,7 +62,7 @@ ocil: |-
+     If configured properly, output should be
+     
pam_cert_auth = True

+ 
+-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
++    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
+     To verify that smart cards are enabled in PAM files, run the following command:
+     
$ sudo grep -e "auth.*pam_sss\.so.*\(allow_missing_name\|try_cert_auth\)" /etc/pam.d/smartcard-auth /etc/pam.d/system-auth

+     If configured properly, output should be
+@@ -77,7 +77,7 @@ fixtext: |-
+ 
+     pam_cert_auth = True
+ 
+-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
++    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
+     Enable the with-smartcard feature using the authselect command:
+     sudo authselect enable-feature with-smartcard
+     sudo authselect apply-changes -b
+diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
+index bcaae2a60..53947d224 100644
+--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
++++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,sssd
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # remediation = none
+ 
+ SSSD_FILE="/etc/sssd/sssd.conf"
+diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
+index 5f4aaa725..be9cee3f3 100644
+--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
++++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,sssd
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ SSSD_FILE="/etc/sssd/sssd.conf"
+ echo "[pam]" > $SSSD_FILE
+diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
+index 860e0bb6c..b1763e438 100644
+--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
++++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,sssd
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ SSSD_FILE="/etc/sssd/sssd.conf"
+ echo "[pam]" > $SSSD_FILE
+diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
+index 78b79752a..2f436c9e9 100644
+--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
++++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,sssd
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ SSSD_FILE="/etc/sssd/sssd.conf"
+ echo "[pam]" > $SSSD_FILE
+diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
+index aaf33d7b0..a20a8c190 100644
+--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
++++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,sssd
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ SSSD_FILE="/etc/sssd/sssd.conf"
+ echo "[pam]" > $SSSD_FILE
+diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
+index 85bb1de67..a1ef34292 100644
+--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
++++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,sssd
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ SSSD_FILE="/etc/sssd/sssd.conf"
+ echo "[pam]" > $SSSD_FILE
+diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
+index 43e19d382..2848e2072 100644
+--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
++++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,sssd
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ SSSD_FILE="/etc/sssd/sssd.conf"
+ rm -f $SSSD_FILE
+diff --git a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
+index 4733dae80..aedf9c9b4 100644
+--- a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
++++ b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
+@@ -36,7 +36,7 @@ references:
+   nist: IA-5 (2) (a)
+   srg: SRG-OS-000066-GPOS-00034,SRG-OS-000384-GPOS-00167
+   stigid@ol8: OL08-00-010090
+-  stigid@rhel8: RHEL-08-010090
++  stigid@almalinux8: RHEL-08-010090
+ 
+ warnings:
+     - general: |-
 diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
-index 7cfba003..fb36bb09 100644
+index 7cfba003b..fb36bb099 100644
 --- a/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
 +++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -4463,7 +4844,7 @@ index 7cfba003..fb36bb09 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh b/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
-index fc84083f..39f99c91 100644
+index d749de10e..9ee217470 100644
 --- a/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -4473,7 +4854,7 @@ index fc84083f..39f99c91 100644
  {{{ bash_instantiate_variables("var_sssd_memcache_timeout") }}}
  
 diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml b/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml
-index ae98eb6e..ef2e1802 100644
+index ae98eb6ea..ef2e1802f 100644
 --- a/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml
 @@ -1,6 +1,6 @@
@@ -4485,7 +4866,7 @@ index ae98eb6e..ef2e1802 100644
  title: 'Configure SSSD''s Memory Cache to Expire'
  
 diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/ansible/shared.yml
-index ebdf0136..73916d8d 100644
+index ebdf0136b..73916d8d1 100644
 --- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/ansible/shared.yml
 +++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -4495,7 +4876,7 @@ index ebdf0136..73916d8d 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/bash/shared.sh b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/bash/shared.sh
-index 8a20f0c5..42987796 100644
+index a7c8bedc0..f255d3dd9 100644
 --- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -4504,19 +4885,48 @@ index 8a20f0c5..42987796 100644
  # reboot = false
  # strategy = configure
  # complexity = low
+diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
+index 9741e2e56..6bcb1102d 100644
+--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
++++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
+@@ -4,7 +4,7 @@
+     
+       
+-      {{% if product in ["ol8", "rhel8"] %}}
++      {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
+       
+       {{% endif %}}
+@@ -20,7 +20,7 @@
+     ^[\s]*\[pam](?:[^\n\[]*\n+)+?[\s]*offline_credentials_expiration[\s]*=[\s]*1\s*(?:#.*)?$
+     1
+   
+-  {{% if product in ["ol8", "rhel8"] %}}
++  {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
+   
 diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
-index 2be813d2..1775e218 100644
+index 34d0ea06b..9db295312 100644
 --- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
-@@ -1,6 +1,6 @@
+@@ -1,12 +1,12 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Configure SSSD to Expire Offline Credentials'
  
-@@ -39,7 +39,7 @@ references:
+ description: |-
+     SSSD should be configured to expire offline credentials after 1 day.
+-    {{% if product in ["ol8", "rhel8"] %}}
++    {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
+     Check if SSSD allows cached authentications with the following command:
+     
+     $ sudo grep cache_credentials /etc/sssd/sssd.conf
+@@ -47,7 +47,7 @@ references:
      nist-csf: PR.AC-1,PR.AC-6,PR.AC-7
      srg: SRG-OS-000383-GPOS-00166
      stigid@ol8: OL08-00-020290
@@ -4525,18 +4935,39 @@ index 2be813d2..1775e218 100644
      stigid@sle12: SLES-12-010680
      stigid@sle15: SLES-15-010500
      stigid@ubuntu2004: UBTU-20-010441
+@@ -56,7 +56,7 @@ references:
+ ocil_clause: 'it does not exist or is not configured properly'
+ 
+ ocil: |-
+-    {{% if product in ["ol8", "rhel8"] %}}
++    {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
+     Check if SSSD allows cached authentications with the following command:
+     
+     $ sudo grep cache_credentials /etc/sssd/sssd.conf
+diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/cache_credentials_false.pass.sh b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/cache_credentials_false.pass.sh
+index b2d1fe155..93d7ed93e 100644
+--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/cache_credentials_false.pass.sh
++++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/cache_credentials_false.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ source common.sh
+ 
+ echo -e "[pam]\noffline_credentials_expiration = 2" >> $SSSD_CONF
 diff --git a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh
-index a99fb4dc..44d4423c 100644
+index ffb443d70..4444d8afd 100644
 --- a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh
 @@ -1,4 +1,4 @@
 -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
  
- found=false
- for f in /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf; do
+ MAIN_CONF="/etc/sssd/conf.d/ospp.conf"
+ 
 diff --git a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml
-index 87d8b19f..f10f4648 100644
+index 87d8b19f4..f10f46485 100644
 --- a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml
 @@ -1,6 +1,6 @@
@@ -4548,17 +4979,17 @@ index 87d8b19f..f10f4648 100644
  title: 'Configure SSSD to run as user sssd'
  
 diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
-index 5bbe0ece..58a41ada 100644
+index 599683567..8fa06fa65 100644
 --- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
 +++ b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
  # reboot = false
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh
-index d8a22280..3d98176e 100644
+index 21e0b485b..9658e047e 100644
 --- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -4568,67 +4999,67 @@ index d8a22280..3d98176e 100644
  {{{ bash_instantiate_variables("var_sssd_ssh_known_hosts_timeout") }}}
  
 diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/rule.yml b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/rule.yml
-index 9390dfd4..18970027 100644
+index 0e2898a5b..6ef9217e2 100644
 --- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhv4
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhv4
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
  
  title: 'Configure SSSD to Expire SSH Known Hosts'
  
 diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
-index a1e83870..e097b6be 100644
+index 331627492..72a361b30 100644
 --- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
 +++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
 @@ -1,3 +1,3 @@
  ---
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
  {{{ kubernetes_usbguard_set(["xccdf_org.ssgproject.content_rule_package_usbguard_installed"]) }}}
 diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
-index b7f08b1a..191edb28 100644
+index 28780fb33..5ba53cf53 100644
 --- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
 +++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Log USBGuard daemon audit events using Linux Audit'
  
 @@ -27,7 +27,7 @@ references:
      ospp: FMT_SMF_EXT.1
-     srg: SRG-OS-000062-GPOS-00031
+     srg: SRG-OS-000062-GPOS-00031,SRG-OS-000471-GPOS-00215
      stigid@ol8: OL08-00-030603
 -    stigid@rhel8: RHEL-08-030603
 +    stigid@almalinux8: RHEL-08-030603
  
- ocil_clause: 'AuditBackend is not set to LinuxAudit'
+ platform: package[usbguard]
  
 diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
-index d9ea0648..03256e44 100644
+index 9f18591b3..b49d5217a 100644
 --- a/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
 +++ b/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
  ---
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
-index 0d5f3be9..38322ba6 100644
+index 5b903676c..983dbebd8 100644
 --- a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
 +++ b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Install usbguard Package'
  
@@ -4642,25 +5073,25 @@ index 0d5f3be9..38322ba6 100644
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
-index 9f1c7879..de556cd5 100644
+index e9c55dfb0..9be805c13 100644
 --- a/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
 +++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
  ---
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  metadata:
 diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
-index aa3799de..c4a4ba6e 100644
+index 6bae6e0fa..bc4225a64 100644
 --- a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
 +++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Enable the USBGuard Service'
  
@@ -4674,7 +5105,7 @@ index aa3799de..c4a4ba6e 100644
  ocil_clause: 'the service is not enabled'
  
 diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml
-index 35039ee7..d04b9090 100644
+index 095c6f0b5..0767ec9e3 100644
 --- a/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml
 +++ b/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml
 @@ -1,6 +1,6 @@
@@ -4686,30 +5117,30 @@ index 35039ee7..d04b9090 100644
  title: 'Authorize Human Interface Devices in USBGuard daemon'
  
 diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
-index 03825010..b072e299 100644
+index 5ef460be8..8a12559f6 100644
 --- a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
 +++ b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
  ---
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos 
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos 
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
  {{% macro usbguard_hid_and_hub_config_source() %}}
  allow with-interface match-all { 03:*:* 09:00:* }
  {{%- endmacro -%}}
 diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml
-index 4d3114e0..ae0ce85d 100644
+index be1a2d2de..a5e43efa9 100644
 --- a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml
 +++ b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Authorize Human Interface Devices and USB hubs in USBGuard daemon'
  
 diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml b/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml
-index d0e11ad2..31033934 100644
+index a5ff52550..324a058b1 100644
 --- a/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml
 +++ b/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml
 @@ -1,6 +1,6 @@
@@ -4721,7 +5152,7 @@ index d0e11ad2..31033934 100644
  title: 'Authorize USB hubs in USBGuard daemon'
  
 diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
-index c51c4be6..ff043532 100644
+index aa7a3aa3f..099e3f475 100644
 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
 +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -4731,7 +5162,7 @@ index c51c4be6..ff043532 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh b/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh
-index e164fe0d..e59b5555 100644
+index 88d55f160..f2f336700 100644
 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh
 +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -4741,14 +5172,14 @@ index e164fe0d..e59b5555 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
-index 28360202..c95b3cff 100644
+index 9e2e0102b..156f699b8 100644
 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
 +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhel8,rhel9
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Generate USBGuard Policy'
  
@@ -4759,43 +5190,43 @@ index 28360202..c95b3cff 100644
 -    stigid@rhel8: RHEL-08-040140
 +    stigid@almalinux8: RHEL-08-040140
  
- ocil_clause: '/etc/usbguard/rules.conf does not exist or is empty'
+ ocil_clause: 'there is no evidence that unauthorized peripherals are being blocked before establishing a connection'
  
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml
-index 3e80fcba..8ec4c4be 100644
+index 360c61a3d..2714404d6 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Remove the X Windows Package Group'
  
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
-index 67d6836e..98357e4c 100644
+index a5ff9b07b..71f4bc705 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol
+-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Oracle Linux 7,Oracle Linux 8
++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 7,Oracle Linux 8
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
-index 6ceb07bd..ca2425af 100644
+index 607ed945c..ce7c05668 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
+-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Disable graphical user interface'
  
-@@ -42,7 +42,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      stigid@ol7: OL07-00-040730
      stigid@ol8: OL08-00-040320
      stigid@rhel7: RHEL-07-040730
@@ -4805,7 +5236,7 @@ index 6ceb07bd..ca2425af 100644
  ocil_clause: 'xorg related packages are not removed and run level is not correctly configured'
  
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/ansible/shared.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/ansible/shared.yml
-index 7c3ef557..fbf7bcec 100644
+index 7c3ef5570..fbf7bcece 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/ansible/shared.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -4815,7 +5246,7 @@ index 7c3ef557..fbf7bcec 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
-index df56a30b..bd084a90 100644
+index 2e32d3e90..61eee84a3 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
 @@ -1,6 +1,6 @@
@@ -4826,57 +5257,57 @@ index df56a30b..bd084a90 100644
  
  title: 'Disable X Windows Startup By Setting Default Target'
  
-@@ -39,7 +39,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a)
+@@ -40,7 +40,7 @@ references:
      nist-csf: PR.AC-3,PR.PT-4
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040321
 -    stigid@rhel8: RHEL-08-040321
 +    stigid@almalinux8: RHEL-08-040321
  
- ocil_clause: 'the X windows display server is running and/or has not been disabled'
+ ocil_clause: 'the system default target is not set to "multi-user.target" and the Information System Security Officer (ISSO) lacks a documented requirement for a graphical user interface'
  
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
-index f7837a25..232f3740 100644
+index 33bb72648..0242c8c28 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = multi_platform_sle,multi_platform_rhv,multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = multi_platform_sle,multi_platform_rhv,multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
  
  systemctl set-default multi-user.target
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh
-index dc698edc..bd52c73a 100644
+index 24c31a0dc..fd9a7b988 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = multi_platform_sle,multi_platform_rhv,multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = multi_platform_sle,multi_platform_rhv,multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
  
  ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh
-index 5a20e8ce..5c80ef64 100644
+index 57c1de2de..2d5eb503c 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = multi_platform_sle,multi_platform_rhv,multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = multi_platform_sle,multi_platform_rhv,multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
  
  systemctl set-default graphical.target
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh
-index 408409b9..3cc5a7b9 100644
+index 83f849522..c7be9f867 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = multi_platform_sle,multi_platform_rhv,multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = multi_platform_sle,multi_platform_rhv,multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
  
  ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
-index 4f6d64fd..3c980eea 100644
+index 4f6d64fd7..3c980eea0 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -4886,28 +5317,28 @@ index 4f6d64fd..3c980eea 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
-index 3aaa9140..b9490912 100644
+index cdfd9b994..b577881c9 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("login_banner_text") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
-index d5ecd700..6fcb28ec 100644
+index 7585823b6..87565c306 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2204
  
  title: 'Modify the System Login Banner'
  
-@@ -114,7 +114,7 @@ references:
+@@ -118,7 +118,7 @@ references:
      stigid@ol7: OL07-00-010050
      stigid@ol8: OL08-00-010060
      stigid@rhel7: RHEL-07-010050
@@ -4916,112 +5347,160 @@ index d5ecd700..6fcb28ec 100644
      stigid@sle12: SLES-12-010030
      stigid@sle15: SLES-15-010020
      vmmsrg: SRG-OS-000023-VMM-000060,SRG-OS-000024-VMM-000070
+diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml
+index 19c03e6db..ca41e241d 100644
+--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+ 
+ title: 'Modify the System Login Banner for Remote Connections'
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
-index 2c645889..ab68929b 100644
+index d804a28c5..d2a1f1bc4 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  # reboot = false
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
-index c8267a96..03f6e6ae 100644
+index 1d9f92517..08b999cf4 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
  {{{ bash_instantiate_variables("login_banner_text") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml
-index d8d116b5..f19df990 100644
+index 08fbad430..abb71f5fc 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Modify the System Message of the Day Banner'
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml
-index 856b4477..12dd6c8c 100644
+index 5e6d02fcf..6bd1b9101 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Verify Group Ownership of System Login Banner'
  
+diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
+index f11e5b47d..ad9257782 100644
+--- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2204
+ 
+ title: 'Verify Group Ownership of System Login Banner for Remote Connections'
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
-index 67ded673..3a8e93c1 100644
+index 2e796ee3f..e7926710d 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Verify Group Ownership of Message of the Day Banner'
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml
-index 2ff9b03e..3966251a 100644
+index 70b4f392c..fe0b22229 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Verify ownership of System Login Banner'
  
+diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
+index 1deff5952..bb67f3ca2 100644
+--- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2204
+ 
+ title: 'Verify ownership of System Login Banner for Remote Connections'
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
-index 279fad53..9dc1dce7 100644
+index 16011b194..43e538f37 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Verify ownership of Message of the Day Banner'
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml
-index 7e833828..b9de8d32 100644
+index 9968c5cbf..6525ee5fb 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Verify permissions on System Login Banner'
  
+diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
+index dd4bbeb9f..48eb9b3b7 100644
+--- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2204
+ 
+ title: 'Verify permissions on System Login Banner for Remote Connections'
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
-index 71c9d5b0..55d7079a 100644
+index 339274bcf..057321b93 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Verify permissions on Message of the Day Banner'
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
-index 5814a30b..aa4aa4c5 100644
+index 5814a30bd..aa4aa4c5c 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5031,18 +5510,18 @@ index 5814a30b..aa4aa4c5 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
-index c9bf3fb1..6a77807d 100644
+index 600cca3b1..92c5a3d2a 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Enable GNOME3 Login Warning Banner'
  
-@@ -57,7 +57,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-010030
      stigid@ol8: OL08-00-010049
      stigid@rhel7: RHEL-07-010030
@@ -5052,7 +5531,7 @@ index c9bf3fb1..6a77807d 100644
      stigid@sle15: SLES-15-010080
      stigid@ubuntu2004: UBTU-20-010002
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
-index 86aff54f..b295782b 100644
+index 86aff54f9..b295782b0 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5062,18 +5541,18 @@ index 86aff54f..b295782b 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
-index 9ba8310e..53f61be4 100644
+index 513cdba67..8f1ef9c76 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Set the GNOME3 Login Warning Banner Text'
  
-@@ -55,7 +55,7 @@ references:
+@@ -64,7 +64,7 @@ references:
      stigid@ol7: OL07-00-010040
      stigid@ol8: OL08-00-010050
      stigid@rhel7: RHEL-07-010040
@@ -5082,42 +5561,75 @@ index 9ba8310e..53f61be4 100644
      stigid@sle12: SLES-12-010050
      stigid@sle15: SLES-15-010090
      stigid@ubuntu2004: UBTU-20-010003
+diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
+index fd8e2c157..8e0462cbc 100644
+--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # profiles = xccdf_org.ssgproject.content_profile_ncp
+ # packages = dconf,gdm
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
-index 4f31757c..0ed60e11 100644
+index 2f9826489..863f56cc5 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # profiles = xccdf_org.ssgproject.content_profile_stig
+ # packages = dconf,gdm
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
+index 555e05c31..12c776b8b 100644
+--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # profiles = xccdf_org.ssgproject.content_profile_stig
+ # packages = dconf,gdm
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
+index a9def9bfb..e1627ffc6 100644
+--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  # profiles = xccdf_org.ssgproject.content_profile_stig
  # packages = dconf,gdm
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
-index ad3f0771..be0b1bef 100644
+index c5b62c257..66d3473b3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,Red Hat Virtualization 4
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,Red Hat Virtualization 4
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
-index 138c7e0f..c0ee609d 100644
+index cde0bd136..786aa4402 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ubuntu
-+# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ubuntu
+-# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
  
- if [ -f /usr/bin/authselect ]; then
-     if authselect check; then
+ {{% if product in ["sle12", "sle15"] or "ubuntu" in product %}}
+ {{{ bash_ensure_pam_module_configuration('/etc/pam.d/login', 'session', 'required', 'pam_lastlog.so', 'showfailed', '', 'BOF') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
-index a8963c8c..aec18abe 100644
+index ba4de2aba..eb9ad93f8 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-040530
      stigid@ol8: OL08-00-020340
      stigid@rhel7: RHEL-07-040530
@@ -5127,87 +5639,231 @@ index a8963c8c..aec18abe 100644
      stigid@sle15: SLES-15-020080
      stigid@ubuntu2004: UBTU-20-010453
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh
-index 745560a8..1a01cc0c 100644
+index 1b490cdbd..5bd97bbe2 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh
-index c8e492a9..49d4d99a 100644
+index 3a6c8734a..0b4f5b1fa 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
-index 84b10027..4425caae 100644
+index 1dd45236b..6766ce732 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh
-index 31973526..a4818191 100644
+index 4dff706d4..6c0f4c49e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ 
+ authselect create-profile hardening -b sssd
+ CUSTOM_PROFILE="custom/hardening"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_wrong_control.fail.sh
+index 921c44ce9..c5a037153 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_wrong_control.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_wrong_control.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ 
+ authselect create-profile hardening -b sssd
+ CUSTOM_PROFILE="custom/hardening"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_showfailed.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_showfailed.fail.sh
+index 2a8782c30..e2c21bd90 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_showfailed.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_showfailed.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ 
+ authselect create-profile hardening -b sssd
+ CUSTOM_PROFILE="custom/hardening"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_silent.pass.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_silent.pass.sh
+index 510813790..dd9eb36e7 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_silent.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_silent.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
-index bd7ad0c9..b11a08e0 100644
+index 7144a4e52..525180f6b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_ol
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/bash/shared.sh
-index b1d8a452..ed798c23 100644
+index 9c752e052..c38f0caf3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_ol
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol,multi_platform_sle
  if ! grep -Eq '^\s*session\s+required\s+pam_namespace.so\s*$' '/etc/pam.d/login' ; then
      echo "session    required     pam_namespace.so" >> "/etc/pam.d/login"
  fi
 diff --git a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/rule.yml b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/rule.yml
-index c21c1cb8..e663f820 100644
+index 776847ee6..fc09a25bc 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,sle12,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
  
  title: Set Up a Private Namespace in PAM Configuration
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
+index d34f78c56..b27a39b28 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel8,rhel9
++prodtype: rhel8,almalinux8,rhel9
+ 
+ title: 'Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.'
+ 
+@@ -21,7 +21,7 @@ references:
+     disa: CCI-000044
+     nist: AC-7 (a)
+     srg: SRG-OS-000021-GPOS-00005
+-    stigid@rhel8: RHEL-08-020026
++    stigid@almalinux8: RHEL-08-020026
+ 
+ ocil_clause: 'the pam_faillock.so module is not present in the "/etc/pam.d/password-auth" file with the "preauth" line listed before pam_unix.so'
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
+index a2e72e0de..1ff3c75e9 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel8,rhel9
++prodtype: rhel8,almalinux8,rhel9
+ 
+ title: 'Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.'
+ 
+@@ -21,7 +21,7 @@ references:
+     disa: CCI-000044
+     nist: AC-7 (a)
+     srg: SRG-OS-000021-GPOS-00005
+-    stigid@rhel8: RHEL-08-020025
++    stigid@almalinux8: RHEL-08-020025
+ 
+ ocil_clause: 'the pam_faillock.so module is not present in the "/etc/pam.d/system-auth" file with the "preauth" line listed before pam_unix.so'
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
+index 4ef1e17f9..29b210c58 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: ol8,ol9,rhel8,rhel9
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9
+ 
+ title: 'An SELinux Context must be configured for the pam_faillock.so records directory'
+ 
+@@ -23,7 +23,7 @@ references:
+     nist: AC-7 (a)
+     srg: SRG-OS-000021-GPOS-00005
+     stigid@ol8: OL08-00-020027
+-    stigid@rhel8: RHEL-08-020027
++    stigid@almalinux8: RHEL-08-020027
+ 
+ platform: machine
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
+index e9ecd879f..74e4c0b09 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh
+index 63d03f08d..e0eae4498 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ 
+ {{{ bash_pam_faillock_enable() }}}
+ {{{ bash_pam_faillock_parameter_value("audit", authfail=False)}}}
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
+index 5e75c996c..ca16cf405 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
+@@ -1,7 +1,7 @@
+ 
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
+index e1eb0a970..79ba23b4a 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml
-index f3475f56..3795e5ea 100644
+index 95c3a04db..37caefc2f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5217,98 +5873,146 @@ index f3475f56..3795e5ea 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh
-index f9d341f0..882ee40d 100644
+index 365006509..2a10d041b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
  
  {{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
-index 69a36c49..fd8355a5 100644
+index d2b220ef9..deb0c6e4b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Limit Password Reuse: password-auth'
  
-@@ -43,7 +43,7 @@ references:
+@@ -64,7 +64,7 @@ references:
      stigid@ol7: OL07-00-010270
      stigid@ol8: OL08-00-020220
      stigid@rhel7: RHEL-07-010270
--    stigid@rhel8: RHEL-08-020221
-+    stigid@almalinux8: RHEL-08-020221
+-    stigid@rhel8: RHEL-08-020220
++    stigid@almalinux8: RHEL-08-020220
      vmmsrg: SRG-OS-000077-VMM-000440
  
  ocil_clause: |-
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_argument_missing.fail.sh
-index 70ffeb21..3daa780d 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_argument_missing.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_argument_missing.fail.sh
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
+index bef6bbcea..8263dd4a0 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value.pass.sh
-index 601400d7..aa768167 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=5
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh
+index 111ed3df6..01534eda1 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ remember_cnt=5
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh
+index cc133d939..7e6f01471 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ remember_cnt=5
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh
+index 006ff25ae..4239093a8 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ if authselect list-features minimal | grep -q with-pwhistory; then
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh
+index e16e7434b..6c362a5ac 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ if authselect list-features minimal | grep -q with-pwhistory; then
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh
-index 84b10027..4425caae 100644
+index e5af75fdc..6bb8994e3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh
-index a1f7ed3c..6a03cccd 100644
+index aef7595c6..041ed743f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
- remember_cnt=5
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value.fail.sh
-index 91953352..36ae78c6 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value.fail.sh
+ if authselect list-features minimal | grep -q with-pwhistory; then
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh
+index f16643985..157d8c8f9 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ remember_cnt=3
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh
+index debcc53ca..a86b0a1d1 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=3
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml
-index 63ac7db7..52177dff 100644
+index e4be20de0..a9d7e2ec1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5318,98 +6022,146 @@ index 63ac7db7..52177dff 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh
-index 2fa41c88..17e1175c 100644
+index a55f86dc3..5506f8c40 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
  
  {{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
-index e30d9f6a..27c416a2 100644
+index 97f05f5a3..e36b485a9 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Limit Password Reuse: system-auth'
  
-@@ -43,7 +43,7 @@ references:
+@@ -64,7 +64,7 @@ references:
      stigid@ol7: OL07-00-010270
-     stigid@ol8: OL08-00-020220
+     stigid@ol8: OL08-00-020221
      stigid@rhel7: RHEL-07-010270
--    stigid@rhel8: RHEL-08-020220
-+    stigid@almalinux8: RHEL-08-020220
+-    stigid@rhel8: RHEL-08-020221
++    stigid@almalinux8: RHEL-08-020221
      vmmsrg: SRG-OS-000077-VMM-000440
  
  ocil_clause: |-
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_argument_missing.fail.sh
-index 3acc798e..23ebf802 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_argument_missing.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_argument_missing.fail.sh
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
+index fe238b41b..84c181749 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value.pass.sh
-index d0e5ea66..26c5a3e1 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=5
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
+index bc6d5ab7f..c3c002885 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ remember_cnt=5
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
+index dd12efbc1..349a46b94 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ remember_cnt=5
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
+index 21a16e3f7..a047688c8 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ if authselect list-features minimal | grep -q with-pwhistory; then
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
+index 678ea16f7..59b70ce6c 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ if authselect list-features minimal | grep -q with-pwhistory; then
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
-index 84b10027..4425caae 100644
+index e5af75fdc..6bb8994e3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
-index 4891c441..314a2fad 100644
+index 26cc946a1..b02926809 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
- remember_cnt=5
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value.fail.sh
-index 1523a9aa..53261854 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value.fail.sh
+ if authselect list-features minimal | grep -q with-pwhistory; then
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
+index e25a158f7..dcd7e77b1 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ remember_cnt=3
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
+index 253d50de1..6665b7b06 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=3
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/ansible/shared.yml
-index 2bdc7fab..d3a5f0d9 100644
+index 658f8a3e4..de28cf579 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5419,77 +6171,207 @@ index 2bdc7fab..d3a5f0d9 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/bash/shared.sh
-index f3d2d4c9..db12348e 100644
+index c830c07aa..3548b0341 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- {{{ bash_instantiate_variables("var_password_pam_unix_remember") }}}
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
+ {{% if product in [ "sle12", "sle15" ] %}}
+ {{%- set accounts_password_pam_unix_remember_file = '/etc/pam.d/common-password' -%}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml
-index 8228339c..e1a4b4f4 100644
+index 6f5f90fe0..7e538071f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Limit Password Reuse'
  
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_argument_missing.fail.sh
-index 9d150e25..f93697d4 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_argument_missing.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_argument_missing.fail.sh
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
+index a18fa3d6c..41fe931e0 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- # variables = var_password_pam_unix_remember=5
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value.pass.sh
-index 520ce05a..38816afe 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- # variables = var_password_pam_unix_remember=5
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=5
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh
+index bc6d5ab7f..c3c002885 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ remember_cnt=5
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh
+index dd12efbc1..349a46b94 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ remember_cnt=5
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh
+index d774ac79a..668aa4bf0 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_unix_remember=5
+ 
+ if authselect list-features minimal | grep -q with-pwhistory; then
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh
+index 4ef7a3f61..8d3a28224 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_unix_remember=5
+ 
+ if authselect list-features minimal | grep -q with-pwhistory; then
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh
-index 84b10027..4425caae 100644
+index 02d30f17a..0463e6008 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value.fail.sh
-index 48138ce3..bcb790e6 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value.fail.sh
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh
+index 7f6215029..5088ca82d 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_unix_remember=5
+ 
+ remember_cnt=5
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh
+index 3c1cea1d5..b622c4cc2 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_unix_remember=5
  
  remember_cnt=3
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh
+index e25a158f7..dcd7e77b1 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ remember_cnt=3
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh
+index 253d50de1..6665b7b06 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
+ 
+ remember_cnt=3
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
+index e9ecd879f..74e4c0b09 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
+index 63d03f08d..e0eae4498 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ 
+ {{{ bash_pam_faillock_enable() }}}
+ {{{ bash_pam_faillock_parameter_value("audit", authfail=False)}}}
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml
+index 038f8486c..375038872 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml
+@@ -19,7 +19,7 @@ references:
+     nist: AC-7 (a)
+     srg: SRG-OS-000021-GPOS-00005
+     stigid@ol8: OL08-00-020021
+-    stigid@rhel8: RHEL-08-020021
++    stigid@almalinux8: RHEL-08-020021
+ 
+ ocil_clause: 'the "audit" option is not set, is missing or commented out'
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
+index 5e75c996c..ca16cf405 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
+@@ -1,7 +1,7 @@
+ 
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
+index e1eb0a970..79ba23b4a 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml
-index d7344bd3..f5acfc8f 100644
+index fed1dea10..0c6a8c9be 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5499,109 +6381,121 @@ index d7344bd3..f5acfc8f 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/bash/shared.sh
-index 1ec0b35f..36e16a61 100644
+index 449d912d0..22f5dc375 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_deny") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
-index 7116c61a..1cc2da48 100644
+index 06f9cd2de..19cac1ab3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2204
  
  title: 'Lock Accounts After Failed Password Attempts'
  
-@@ -47,7 +47,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      stigid@ol7: OL07-00-010320
      stigid@ol8: OL08-00-020010
      stigid@rhel7: RHEL-07-010320
--    stigid@rhel8: RHEL-08-020010
-+    stigid@almalinux8: RHEL-08-020010
+-    stigid@rhel8: RHEL-08-020011
++    stigid@almalinux8: RHEL-08-020011
      vmmsrg: SRG-OS-000021-VMM-000050
  
- ocil_clause: 'limiting the number of failed logon attempts for users is not configured'
+ platform: package[pam]
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
-index 1698c1c7..eefea7dc 100644
+index b3232cc93..ec32d65f7 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
+index 24f5731f6..c118c9be0 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ pam_files=("password-auth" "system-auth")
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
-index 3ace8942..892d2841 100644
+index aa3ca061d..6d383b228 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # remediation = none
  # variables = var_accounts_passwords_pam_faillock_deny=3
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
-index 1f3098d5..e7908d00 100644
+index e770e300f..ceffa12a0 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # variables = var_accounts_passwords_pam_faillock_deny=3
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
-index fd3ef218..be2476a9 100644
+index fd57152b8..0ee33185e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # variables = var_accounts_passwords_pam_faillock_deny=3
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index 7cc53fce..fe906797 100644
+index efb57601c..4127e7265 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # remediation = none
  # variables = var_accounts_passwords_pam_faillock_deny=3
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
-index fa81b645..f05ad984 100644
+index 595b85192..392d025a0 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # variables = var_accounts_passwords_pam_faillock_deny=3
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml
-index 8ebe5179..a6e53a36 100644
+index 18f1a23f6..41d87be94 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5611,85 +6505,154 @@ index 8ebe5179..a6e53a36 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh
-index 1dc8548b..1002d32c 100644
+index bf4938721..8c845063c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
- if [ -f /usr/sbin/authconfig ]; then
-     authconfig --enablefaillock --update
+ {{{ bash_pam_faillock_enable() }}}
+ {{{ bash_pam_faillock_parameter_value("even_deny_root", "") }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
-index 6004aa8b..b7794d81 100644
+index 2c28f825f..1146001fd 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Configure the root Account for Failed Password Attempts'
  
-@@ -41,7 +41,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      stigid@ol7: OL07-00-010330
      stigid@ol8: OL08-00-020022
      stigid@rhel7: RHEL-07-010330
 -    stigid@rhel8: RHEL-08-020022
 +    stigid@almalinux8: RHEL-08-020022
  
- ocil_clause: 'limiting the number of failed logon attempts for the root user is not configured'
+ ocil_clause: 'the "even_deny_root" option is not set, is missing or commented out'
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
-index 1698c1c7..eefea7dc 100644
+index b3232cc93..ec32d65f7 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
+index 99025443d..850740db2 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ pam_files=("password-auth" "system-auth")
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
-index cc8c766a..b5274885 100644
+index 476c4e77e..2152306fe 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # remediation = none
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
-index ce8ab690..4ef28d9b 100644
+index 87bca6919..f2957144e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  
  authselect select sssd --force
  authselect enable-feature with-faillock
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index d055d651..bab42079 100644
+index 7c702d669..06c0d31e2 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # remediation = none
  
  authselect select sssd --force
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
+index c87107985..927160f58 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol8,ol9,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
+ 
+ title: 'Lock Accounts Must Persist'
+ 
+@@ -32,7 +32,7 @@ references:
+     nist: AC-7(b),AC-7(a),AC-7.1(ii)
+     srg: SRG-OS-000021-GPOS-00005,SRG-OS-000329-GPOS-00128
+     stigid@ol8: OL08-00-020016
+-    stigid@rhel8: RHEL-08-020017
++    stigid@almalinux8: RHEL-08-020017
+ 
+ ocil_clause: 'the "dir" option is not set to a non-default documented tally log directory, is missing or commented out'
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
+index 679e47bcc..4f798d486 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh
+index 6bb763cf5..9562ea10f 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
+index 2f08a7d47..19ae579cf 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
-index f7720460..97f584f6 100644
+index fd8e44443..9240e6cf3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5699,17 +6662,17 @@ index f7720460..97f584f6 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh
-index 937c54e1..54190884 100644
+index e9c09b713..9fc45f3d1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh
 @@ -1,4 +1,4 @@
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
- if authselect check; then
-     authselect enable-feature with-faillock
+ {{{ bash_pam_faillock_enable() }}}
+ {{{ bash_pam_faillock_parameter_value("local_users_only", "") }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml
-index 78ca3bef..35c07ad4 100644
+index fc85c1c4e..2f91deb0a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml
 @@ -1,6 +1,6 @@
@@ -5721,7 +6684,7 @@ index 78ca3bef..35c07ad4 100644
  title: 'Enforce pam_faillock for Local Accounts Only'
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
-index 856bd56e..71194a32 100644
+index 856bd56ea..71194a32f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
 @@ -1,6 +1,6 @@
@@ -5733,7 +6696,7 @@ index 856bd56e..71194a32 100644
  authselect select sssd --force
  authselect disable-feature with-faillock
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh
-index 075791de..1ccb03db 100644
+index 075791de6..1ccb03dbd 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
@@ -5745,7 +6708,7 @@ index 075791de..1ccb03db 100644
  authselect select sssd --force
  authselect enable-feature with-faillock
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index 978cccce..8cc6c0b5 100644
+index 978cccce6..8cc6c0b53 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
@@ -5757,7 +6720,7 @@ index 978cccce..8cc6c0b5 100644
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh
-index 053f9110..04f36271 100644
+index 053f91100..04f362717 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh
 @@ -1,6 +1,6 @@
@@ -5769,7 +6732,7 @@ index 053f9110..04f36271 100644
  
  # This test scenario manually modify the pam_faillock.so entries in auth section from
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml
-index 5e10863a..504681e8 100644
+index ac3b9789e..bf2620ccd 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5779,28 +6742,28 @@ index 5e10863a..504681e8 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh
-index 2d074ac8..1f288aba 100644
+index a49ddf559..41dc70b88 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_fail_interval") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
-index 28c02b16..3f5be3c3 100644
+index 7bcb4a51d..759863106 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2204
  
  title: 'Set Interval For Counting Failed Password Attempts'
  
-@@ -68,7 +68,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      stigid@ol7: OL07-00-010320
      stigid@ol8: OL08-00-020012
      stigid@rhel7: RHEL-07-010320
@@ -5808,80 +6771,149 @@ index 28c02b16..3f5be3c3 100644
 +    stigid@almalinux8: RHEL-08-020012
      vmmsrg: SRG-OS-000021-VMM-000050
  
- ocil_clause: 'fail_interval is less than the required value'
+ platform: package[pam]
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
-index 1698c1c7..eefea7dc 100644
+index b3232cc93..ec32d65f7 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
+index 9a553893c..239179515 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ pam_files=("password-auth" "system-auth")
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
-index 03aa084e..69025637 100644
+index 0b67e0e02..f4ab6a731 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # remediation = none
  # variables = var_accounts_passwords_pam_faillock_fail_interval=900
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
-index 33d3847d..6c6ff204 100644
+index 82bf9fa75..5ab933ad8 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # variables = var_accounts_passwords_pam_faillock_fail_interval=900
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
-index 9ff681e5..c46804ea 100644
+index 74236e2fb..6341829be 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # variables = var_accounts_passwords_pam_faillock_fail_interval=900
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index 29f65d50..fe3dbe7a 100644
+index ef2461160..c47470ab4 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # remediation = none
  # variables = var_accounts_passwords_pam_faillock_fail_interval=900
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
-index bcd46e74..6cd56ad2 100644
+index c71a12afe..6dd3f50d6 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # variables = var_accounts_passwords_pam_faillock_fail_interval=900
  
  authselect select sssd --force
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
+index e62d54321..92df8c50e 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: ol8,rhel8,rhel9
++prodtype: ol8,rhel8,almalinux8,rhel9
+ 
+ title: 'Do Not Show System Messages When Unsuccessful Logon Attempts Occur'
+ 
+@@ -30,7 +30,7 @@ references:
+     disa: CCI-002238,CCI-000044
+     srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
+     stigid@ol8: OL08-00-020019
+-    stigid@rhel8: RHEL-08-020019
++    stigid@almalinux8: RHEL-08-020019
+ 
+ ocil_clause: 'the system shows messages when three unsuccessful logon attempts occur'
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
+index fdd0c4c06..ec8195db8 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
+index f73c751f5..146acc847 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh
+index 514b2bb37..79374ea78 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/ansible/shared.yml
-index 938ad04e..ce74f754 100644
+index 32bf2c480..63d101b61 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5891,28 +6923,28 @@ index 938ad04e..ce74f754 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/bash/shared.sh
-index 6b55cea5..56b4e403 100644
+index 1587abf1d..e2f8c52a1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_unlock_time") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
-index 1c8b500f..3d82041e 100644
+index 3f198e746..a60a00808 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2204
  
  title: 'Set Lockout Time for Failed Password Attempts'
  
-@@ -47,7 +47,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      stigid@ol7: OL07-00-010320
      stigid@ol8: OL08-00-020014
      stigid@rhel7: RHEL-07-010320
@@ -5920,91 +6952,115 @@ index 1c8b500f..3d82041e 100644
 +    stigid@almalinux8: RHEL-08-020016
      vmmsrg: SRG-OS-000329-VMM-001180
  
- ocil_clause: 'unlock_time is less than the expected value'
+ platform: package[pam]
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
-index 1698c1c7..eefea7dc 100644
+index b3232cc93..ec32d65f7 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
+index d547b0e35..925fc0dbe 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ pam_files=("password-auth" "system-auth")
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
-index d68ebfad..9e3f6a72 100644
+index 057348eb4..0b2000ba3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # remediation = none
  # variables = var_accounts_passwords_pam_faillock_unlock_time=600
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
-index 2dc848cb..f2dce610 100644
+index 1840cae45..953ba3353 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # variables = var_accounts_passwords_pam_faillock_unlock_time=600
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
-index 38d95831..c4205265 100644
+index 838ab7c53..4f717ef5a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # variables = var_accounts_passwords_pam_faillock_unlock_time=600
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index a4e91c71..fddde09a 100644
+index b7b1532bb..5b8279841 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # remediation = none
  # variables = var_accounts_passwords_pam_faillock_unlock_time=600
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
-index 5c59de7c..35ad23e6 100644
+index a57645eb1..a7e7b8e9c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # variables = var_accounts_passwords_pam_faillock_unlock_time=600
  
  authselect select sssd --force
+diff --git a/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/rule.yml b/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/rule.yml
+index 573b2b1a8..3e0b6c81f 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
+ 
+ title: 'Install pam_pwquality Package'
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
-index 8fa303fd..fabf9fae 100644
+index 88b8c7ca9..9963c1cd4 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure PAM Enforces Password Requirements - Minimum Digit Characters'
  
-@@ -52,7 +52,7 @@ references:
+@@ -55,7 +55,7 @@ references:
      stigid@ol7: OL07-00-010140
      stigid@ol8: OL08-00-020130
      stigid@rhel7: RHEL-07-010140
@@ -6014,14 +7070,14 @@ index 8fa303fd..fabf9fae 100644
      vmmsrg: SRG-OS-000071-VMM-000380
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
-index f70dbc38..7385655e 100644
+index d7e13fb53..baf975dab 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9,ubuntu2004
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words'
  
@@ -6033,16 +7089,16 @@ index f70dbc38..7385655e 100644
 +    stigid@almalinux8: RHEL-08-020300
      stigid@ubuntu2004: UBTU-20-010056
  
- ocil_clause: 'dictcheck is not found or not equal to the required value'
+ ocil_clause: '"dictcheck" does not have a value other than "0", or is commented out'
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
-index 6ec7dddb..b3a80208 100644
+index 545079b59..df200633c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,ubuntu2204
  
  title: 'Ensure PAM Enforces Password Requirements - Minimum Different Characters'
  
@@ -6056,7 +7112,7 @@ index 6ec7dddb..b3a80208 100644
      vmmsrg: SRG-OS-000072-VMM-000390
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_local/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_local/rule.yml
-index ae762335..9fb6286e 100644
+index d94ecedae..24f256189 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_local/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_local/rule.yml
 @@ -1,6 +1,6 @@
@@ -6068,7 +7124,7 @@ index ae762335..9fb6286e 100644
  title: 'Ensure PAM Enforces Password Requirements - Enforce for Local Accounts Only'
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml
-index 33dcaf08..7fe6101a 100644
+index 5b2a62342..2633424d4 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml
 @@ -1,6 +1,6 @@
@@ -6080,18 +7136,18 @@ index 33dcaf08..7fe6101a 100644
  title: 'Ensure PAM Enforces Password Requirements - Enforce for root User'
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
-index ecc5aa5b..c7ab88cf 100644
+index cdd2ed505..aae2559c0 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters'
  
-@@ -52,7 +52,7 @@ references:
+@@ -55,7 +55,7 @@ references:
      stigid@ol7: OL07-00-010130
      stigid@ol8: OL08-00-020120
      stigid@rhel7: RHEL-07-010130
@@ -6101,14 +7157,14 @@ index ecc5aa5b..c7ab88cf 100644
      vmmsrg: SRG-OS-000070-VMM-000370
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
-index 9a829ac5..4d10c97f 100644
+index 5f812e16f..9a0aa8e56 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Ensure PAM Enforces Password Requirements - Maximum Consecutive Repeating Characters from Same Character Class'
  
@@ -6119,17 +7175,17 @@ index 9a829ac5..4d10c97f 100644
 -    stigid@rhel8: RHEL-08-020140
 +    stigid@almalinux8: RHEL-08-020140
  
- ocil_clause: 'that is not the case'
+ ocil_clause: the value of "maxclassrepeat" is set to "0", more than "{{{ xccdf_value("var_password_pam_maxclassrepeat") }}}" or is commented out
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
-index d66cd6c1..341d60e4 100644
+index 8984b63d9..a9ab2459f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Set Password Maximum Consecutive Repeating Characters'
  
@@ -6140,42 +7196,42 @@ index d66cd6c1..341d60e4 100644
 -    stigid@rhel8: RHEL-08-020150
 +    stigid@almalinux8: RHEL-08-020150
  
- ocil_clause: 'maxrepeat is not found or not greater than or equal to the required value'
+ ocil_clause: the value of "maxrepeat" is set to more than "{{{ xccdf_value("var_password_pam_maxrepeat") }}}" or is commented out
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
-index 80271080..4362ce4d 100644
+index 45a8dfa01..f9d559340 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,ubuntu2204
  
  title: 'Ensure PAM Enforces Password Requirements - Minimum Different Categories'
  
-@@ -58,7 +58,7 @@ references:
+@@ -62,7 +62,7 @@ references:
      stigid@ol7: OL07-00-010170
      stigid@ol8: OL08-00-020160
      stigid@rhel7: RHEL-07-010170
 -    stigid@rhel8: RHEL-08-020160
 +    stigid@almalinux8: RHEL-08-020160
  
- ocil_clause: 'minclass is not found or not set equal to or greater than the required value'
+ ocil_clause: the value of "minclass" is set to less than "{{{ xccdf_value("var_password_pam_minclass") }}}" or is commented out
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
-index 1dacca4f..32074440 100644
+index bdd681de5..045e2daa8 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure PAM Enforces Password Requirements - Minimum Length'
  
-@@ -51,7 +51,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-010280
      stigid@ol8: OL08-00-020230
      stigid@rhel7: RHEL-07-010280
@@ -6185,18 +7241,18 @@ index 1dacca4f..32074440 100644
      vmmsrg: SRG-OS-000072-VMM-000390,SRG-OS-000078-VMM-000450
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
-index 5ea25228..f696b791 100644
+index e90fe9fe9..15bbf67a7 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure PAM Enforces Password Requirements - Minimum Special Characters'
  
-@@ -52,7 +52,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-010150
      stigid@ol8: OL08-00-020280
      stigid@rhel7: RHEL-07-010150
@@ -6206,185 +7262,207 @@ index 5ea25228..f696b791 100644
      vmmsrg: SRG-OS-000266-VMM-000940
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
-index b44c91cb..ddab1b11 100644
+index 06f7962fd..dc6eea20d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh
-index d2fca2a7..54ba9638 100644
+index a55859203..377efc82e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
- 
- PAM_FILE="password-auth"
+@@ -1,3 +1,3 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
  
+ {{{ bash_ensure_pam_module_configuration('/etc/pam.d/password-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
-index 34dd6e2f..4f884cdc 100644
+index 24b8bb7b8..0bf696460 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Ensure PAM password complexity module is enabled in password-auth'
  
-@@ -24,7 +24,7 @@ identifiers:
- references:
+@@ -25,7 +25,7 @@ references:
      disa: CCI-000366
-     srg: SRG-OS-000480-GPOS-00227
+     srg: SRG-OS-000069-GPOS-00037,SRG-OS-000070-GPOS-00038,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-020100
 -    stigid@rhel8: RHEL-08-020100
 +    stigid@almalinux8: RHEL-08-020100
  
  ocil_clause: 'pam_pwquality.so is not enabled in password-auth'
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
-index 3d696c36..e61d1861 100644
+index 81d2955d3..8c9b1d1f2 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh
-index 04358992..761dd879 100644
+index 4bb7a4872..f73dd8b0f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh
-index 472616a5..40fada43 100644
+index 32ce46407..168ca249a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh
-index 59f9d6f7..f5217b7e 100644
+index 0f9b75cec..75ac241d9 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/password-auth"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh
+index 61c28f2d6..30166c800 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ 
+ authselect create-profile hardening -b sssd
+ CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml
-index 13cd2045..22a155a2 100644
+index 90484d66f..81664de52 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh
-index 9a7972a3..7bb7e02c 100644
+index 4ea10f4c4..6c1de4e4c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
- 
- PAM_FILE="system-auth"
+@@ -1,3 +1,3 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
  
+ {{{ bash_ensure_pam_module_configuration('/etc/pam.d/system-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
-index a5189c61..05a02b7c 100644
+index 7d123e736..75f849dea 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Ensure PAM password complexity module is enabled in system-auth'
  
-@@ -24,7 +24,7 @@ identifiers:
- references:
+@@ -25,7 +25,7 @@ references:
      disa: CCI-000366
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-020101
 -    stigid@rhel8: RHEL-08-020101
 +    stigid@almalinux8: RHEL-08-020101
  
  ocil_clause: 'pam_pwquality.so is not enabled in system-auth'
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
-index 849f16d0..72680589 100644
+index f68622be4..c8e13631a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh
-index 6a98c244..5cdd9203 100644
+index 0de6065a2..57e6c8bdb 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh
-index 6786f6c1..d2cbf886 100644
+index 03a4ef295..31b622c66 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh
-index b3d9e588..890c1cab 100644
+index ae0ed105d..cc1f3ca20 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh
+index 60ebfdeba..2b9d40cf6 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ 
+ authselect create-profile hardening -b sssd
+ CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml
-index 2ba2501d..d44ffffb 100644
+index 36e9a27b9..fe1b603ab 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -6394,83 +7472,110 @@ index 2ba2501d..d44ffffb 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
-index 6b2219a3..00695601 100644
+index 113701f5e..a32167f14 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure PAM Enforces Password Requirements - Authentication Retry Prompts Permitted Per-Session'
  
-@@ -51,7 +51,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      stigid@ol7: OL07-00-010119
-     stigid@ol8: OL08-00-020100
+     stigid@ol8: OL08-00-020104
      stigid@rhel7: RHEL-07-010119
 -    stigid@rhel8: RHEL-08-020104
 +    stigid@almalinux8: RHEL-08-020104
      stigid@ubuntu2004: UBTU-20-010057
  
- ocil_clause: 'it is not the required value'
+ ocil_clause: 'the value of "retry" is set to "0" or greater than "{{{ xccdf_value("var_password_pam_retry") }}}", or is missing'
+diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
+index 03723cd8c..1df4f1d61 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+ # variables = var_password_pam_retry=3
+ 
+ source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
-index cf3b3a70..c82c812f 100644
+index 19cac93f4..4a5b1142b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # variables = var_password_pam_retry=3
  
- CONF_FILE="/etc/security/pwquality.conf"
+ source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
-index c0d4fe6c..0fd1cf73 100644
+index ae605f717..db875782d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # variables = var_password_pam_retry=3
  
- CONF_FILE="/etc/security/pwquality.conf"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_missing.fail.sh
-index 3f6c22c5..67fdf9fd 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_missing.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_missing.fail.sh
-@@ -1,5 +1,5 @@
+ source common.sh
+diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
+index ce7f4b7a3..0aeb8535b 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
+@@ -1,6 +1,6 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # variables = var_password_pam_retry=3
  
- CONF_FILE="/etc/security/pwquality.conf"
+ source common.sh
+diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
+index 962112d6a..f0db47d5e 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # variables = var_password_pam_retry=3
  
+ source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
-index 008be5ba..63708206 100644
+index ea2eb57fe..033bbbceb 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # variables = var_password_pam_retry=3
  
- CONF_FILE="/etc/security/pwquality.conf"
+ source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
-index e1c2e35e..05c7be63 100644
+index c4a5e5b0c..a86c97009 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters'
  
-@@ -49,7 +49,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      stigid@ol7: OL07-00-010120
      stigid@ol8: OL08-00-020110
      stigid@rhel7: RHEL-07-010120
@@ -6480,7 +7585,7 @@ index e1c2e35e..05c7be63 100644
      vmmsrg: SRG-OS-000069-VMM-000360
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
-index b3e32aa3..547d137b 100644
+index b3e32aa31..547d137b1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -6490,29 +7595,29 @@ index b3e32aa3..547d137b 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh
-index f929a6e9..9145de3b 100644
+index 115273566..bd94d707c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
  LIBUSER_CONF="/etc/libuser.conf"
  CRYPT_STYLE_REGEX='[[:space:]]*\[defaults](.*(\n)+)+?[[:space:]]*crypt_style[[:space:]]*'
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
-index 29e6497f..25769aee 100644
+index c4aba679e..9af24d111 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Set Password Hashing Algorithm in /etc/libuser.conf'
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
-index 8dedf993..51c76b11 100644
+index 8dedf993c..51c76b11a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -6522,24 +7627,24 @@ index 8dedf993..51c76b11 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh
-index 9e3a37d5..706c78de 100644
+index fb856a113..a440dba9f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
  {{{ bash_instantiate_variables("var_password_hashing_algorithm") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
-index 3d9cd4fd..3b855832 100644
+index df3ba0466..096eb85fe 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Set Password Hashing Algorithm in /etc/login.defs'
  
@@ -6552,80 +7657,196 @@ index 3d9cd4fd..3b855832 100644
      stigid@sle12: SLES-12-010210
      stigid@sle15: SLES-15-010260
      stigid@ubuntu2004: UBTU-20-010404
+diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
+index 31c14211e..be9f04642 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
+ # reboot = false
+ # strategy = configure
+ # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh
-index 1c151a1e..5366f717 100644
+index 55f43ef98..2b993b52b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv
+@@ -1,3 +1,3 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
  
- if ! grep -q "^password.*sufficient.*pam_unix.so.*sha512" "/etc/pam.d/password-auth"; then
- 	sed -i --follow-symlinks "/^password.*sufficient.*pam_unix.so/ s/$/ sha512/" "/etc/pam.d/password-auth"
+ {{{ bash_ensure_pam_module_configuration('/etc/pam.d/password-auth', 'password', 'sufficient', 'pam_unix.so', 'sha512', '', '') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
-index 93752691..0e7e49f4 100644
+index dd8ba2c42..4ec786460 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
- title: "Set PAM's Password Hashing Algorithm - password-auth"
+ title: "Set PAM''s Password Hashing Algorithm - password-auth"
  
-@@ -58,7 +58,7 @@ references:
-     pcidss: Req-8.2.1
-     srg: SRG-OS-000073-GPOS-00041
+@@ -61,7 +61,7 @@ references:
+     stigid@ol7: OL07-00-010200
+     stigid@ol8: OL08-00-010160
      stigid@rhel7: RHEL-07-010200
 -    stigid@rhel8: RHEL-08-010160
 +    stigid@almalinux8: RHEL-08-010160
      vmmsrg: SRG-OS-000480-VMM-002000
  
  ocil_clause: 'it does not'
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/bash/shared.sh
-index e7503fee..7ef88148 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
+index 17a57e1e1..69875871e 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
- AUTH_FILES[0]="/etc/pam.d/system-auth"
- {{%- if product == "rhel7" %}}
+ authselect create-profile hardening -b sssd
+ CUSTOM_PROFILE="custom/hardening"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
+index b76a6118f..03d3c9c82 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ 
+ authselect create-profile hardening -b sssd
+ CUSTOM_PROFILE="custom/hardening"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
+index 0ca781181..ff6ba0c88 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # remediation = none
+ 
+ PASSWORD_AUTH_FILE="/etc/pam.d/password-auth"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
+index f72c7bde2..096a6a6a1 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ 
+ authselect create-profile hardening -b sssd
+ CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
-index 59fb48e9..a819d163 100644
+index 04854daa0..fc3aabfd2 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
- title: "Set PAM's Password Hashing Algorithm"
+ title: "Set PAM''s Password Hashing Algorithm"
  
-@@ -70,7 +70,7 @@ references:
+@@ -73,7 +73,7 @@ references:
      stigid@ol7: OL07-00-010200
-     stigid@ol8: OL08-00-010160
+     stigid@ol8: OL08-00-010159
      stigid@rhel7: RHEL-07-010200
 -    stigid@rhel8: RHEL-08-010159
 +    stigid@almalinux8: RHEL-08-010159
      stigid@sle12: SLES-12-010230
      stigid@sle15: SLES-15-020170
      vmmsrg: SRG-OS-000480-VMM-002000
+diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
+index 74ea0c265..13bf2f931 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ 
+ authselect create-profile hardening -b sssd
+ CUSTOM_PROFILE="custom/hardening"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
+index f74ccbd86..50be3f04b 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ 
+ authselect create-profile hardening -b sssd
+ CUSTOM_PROFILE="custom/hardening"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
+index 27be252bc..ee688c907 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # remediation = none
+ 
+ SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
+index d4b163f24..521579a20 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ 
+ authselect create-profile hardening -b sssd
+ CUSTOM_PROFILE="custom/hardening"
+diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
+index de303199d..3497c1831 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: ol8,ol9,rhel8,rhel9,sle12,sle15
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15
+ 
+ title: 'Set Password Hashing Rounds in /etc/login.defs'
+ 
+@@ -35,7 +35,7 @@ references:
+     nist@sle12: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1
+     srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
+     stigid@ol8: OL08-00-010130
+-    stigid@rhel8: RHEL-08-010130
++    stigid@almalinux8: RHEL-08-010130
+     stigid@sle12: SLES-12-010240
+     stigid@sle15: SLES-15-020190
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/ansible/shared.yml
-index f6888e51..cae502b8 100644
+index 991422f96..4a33fc093 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,multi_platform_sle
  # reboot = false
  # strategy = disable
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/bash/shared.sh
-index 23edb3c9..daae2463 100644
+index 23edb3c90..daae24630 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -6635,7 +7856,7 @@ index 23edb3c9..daae2463 100644
  
  {{{ bash_replace_or_append('/etc/systemd/system.conf', '^CtrlAltDelBurstAction=', 'none', '%s=%s') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
-index 3045574e..7ce6bb46 100644
+index 3045574e5..7ce6bb466 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -6646,19 +7867,19 @@ index 3045574e..7ce6bb46 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
-index c7a63006..2ecbf610 100644
+index 9c18a0c26..69674f26d 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
++prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Ctrl-Alt-Del Burst Action'
  
-@@ -71,7 +71,7 @@ references:
-     nist@sle15: CM-6(b),CM-6.1(iv)
+@@ -72,7 +72,7 @@ references:
+     ospp: FAU_GEN.1.2
      srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040172
 -    stigid@rhel8: RHEL-08-040172
@@ -6667,27 +7888,26 @@ index c7a63006..2ecbf610 100644
      stigid@ubuntu2004: UBTU-20-010460
  
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/ansible/shared.yml
-index 30f06a87..d1b625dd 100644
+index 8fb9a02cd..9f0a2ffdb 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,multi_platform_sle
  # reboot = false
  # strategy = disable
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/bash/shared.sh
-index b20c5e3b..44ba612a 100644
+index d919b9490..cdc902c52 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle,multi_platform_ubuntu
- {{% if init_system == "systemd" -%}}
+@@ -1,3 +1,3 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  systemctl disable --now ctrl-alt-del.target
  systemctl mask --now ctrl-alt-del.target
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
-index 517c83c6..041e9a29 100644
+index 517c83c6e..041e9a29c 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -6698,18 +7918,18 @@ index 517c83c6..041e9a29 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
-index e482731c..cfd3dd36 100644
+index d0479d8e5..ffe8ba09f 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Ctrl-Alt-Del Reboot Activation'
  
-@@ -76,7 +76,7 @@ references:
+@@ -77,7 +77,7 @@ references:
      stigid@ol7: OL07-00-020230
      stigid@ol8: OL08-00-040170
      stigid@rhel7: RHEL-07-020230
@@ -6719,86 +7939,86 @@ index e482731c..cfd3dd36 100644
      stigid@sle15: SLES-15-040060
      stigid@ubuntu2004: UBTU-20-010460
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
-index 8b440146..f53923e8 100644
+index df962ec25..fd5529e69 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
  
  systemctl disable --now ctrl-alt-del.target
  systemctl mask --now ctrl-alt-del.target
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh
-index 2279cb46..f4777104 100644
+index faf4c11dc..ddbab8acb 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
  
  systemctl unmask ctrl-alt-del.target
-diff --git a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/ansible/shared.yml
-index 9e69fdf4..9eabacb9 100644
---- a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = true
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
-index bc371853..ace64b71 100644
+index cf5da2ae1..329a994f2 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Verify that Interactive Boot is Disabled'
  
+diff --git a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
+index 5fb6d2262..44f4822d1 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel8,rhel9
++prodtype: rhel8,almalinux8,rhel9
+ 
+ title: "Configure Logind to terminate idle sessions after certain time of inactivity"
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml
-index 5d28cffd..cb1d56d8 100644
+index 133df4a25..63f6f46b4 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml
 @@ -9,7 +9,7 @@
        create: yes
        dest: /usr/lib/systemd/system/emergency.service
        regexp: "^#?ExecStart="
--      {{% if product in ["fedora", "rhel8", "rhel9", "ol8"] -%}}
-+      {{% if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8"] -%}}
+-      {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9","sle12", "sle15"] -%}}
++      {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9","sle12", "sle15"] -%}}
        line: "ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency"
        {{%- else -%}}
        line: 'ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"'
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh
-index 3e9c8eb0..9cc6f175 100644
+index 410d611cf..e52239f4d 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh
-@@ -1,8 +1,8 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+@@ -2,7 +2,7 @@
  
  service_file="/usr/lib/systemd/system/emergency.service"
  
--{{% if product in ["fedora", "rhel8", "rhel9", "ol8"] -%}}
-+{{% if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8"] -%}}
+-{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
++{{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
  sulogin="/usr/lib/systemd/systemd-sulogin-shell emergency"
  {{%- else -%}}
  sulogin='/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"'
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml
-index ef3e796b..7a912d9a 100644
+index a9c7188b6..923b31599 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml
 @@ -12,7 +12,7 @@
    
    
    
      /usr/lib/systemd/system/emergency.service
--    {{%- if product in ["fedora", "rhel8", "rhel9", "ol8"] -%}}
-+    {{%- if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8"] -%}}
+-    {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
++    {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
      ^ExecStart=\-/usr/lib/systemd/systemd-sulogin-shell[\s]+emergency
      {{%- else -%}}
      ^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
-index cc0a2c53..f088ded1 100644
+index e3b3c1876..4d3a6f4be 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Require Authentication for Emergency Systemd Target'
  
-@@ -45,7 +45,7 @@ references:
+@@ -48,7 +48,7 @@ references:
+     srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010481
      stigid@ol8: OL08-00-010152
-     stigid@rhel7: RHEL-07-010481
 -    stigid@rhel8: RHEL-08-010152
 +    stigid@almalinux8: RHEL-08-010152
  
  ocil_clause: 'the output is different'
  
-@@ -53,7 +53,7 @@ ocil: |-
+@@ -56,7 +56,7 @@ ocil: |-
      To check if authentication is required for emergency mode, run the following command:
      
$ grep sulogin /usr/lib/systemd/system/emergency.service

      The output should be similar to the following, and the line must begin with
--    {{% if product in ["fedora", "rhel8", "rhel9", "ol8"] -%}}
-+    {{% if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8"] -%}}
+-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
++    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
          ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
          
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency

      {{%- else -%}}
+@@ -86,7 +86,7 @@ fixtext: |-
+     Configure {{{ full_name }}} to require authentication for system emergency mode.
+ 
+     Add or edit the following line in "/usr/lib/systemd/system/emergency.service":
+-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
++    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
+     ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency
+     {{%- else -%}}
+     ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh
-index a8a5c8cc..53d62c68 100644
+index bce932b72..e446c7836 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
  service_file="/usr/lib/systemd/system/emergency.service"
  sulogin="/usr/lib/systemd/systemd-sulogin-shell"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
-index 96a0c842..048832a9 100644
+index d9fdc678f..a4f6ea6a9 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  service_file="/usr/lib/systemd/system/emergency.service"
  sulogin="/bin/bash"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml
-index 8173ffa6..79eb17b0 100644
+index 272fa2855..933d94e11 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml
-@@ -10,7 +10,7 @@
+@@ -9,7 +9,7 @@
        create: yes
        dest: /usr/lib/systemd/system/rescue.service
        regexp: "^#?ExecStart="
--      {{% if product in ["fedora", "rhel8", "rhel9", "ol8"] -%}}
-+      {{% if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8"] -%}}
+-      {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
++      {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
        line: "ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue"
        {{% elif product in ["rhel7"] %}}
        line: 'ExecStart=-/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"'
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/bash/shared.sh
-index 04c9e43c..e20b6d8c 100644
+index e4624e582..ee5d8b52c 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/bash/shared.sh
-@@ -1,10 +1,10 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- 
- {{% if init_system == "systemd" -%}}
+@@ -2,7 +2,7 @@
  
  service_file="/usr/lib/systemd/system/rescue.service"
  
--{{% if product in ["fedora", "rhel8", "rhel9", "ol8"] -%}}
-+{{% if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8"] -%}}
+-{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
++{{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
  sulogin="/usr/lib/systemd/systemd-sulogin-shell rescue"
  {{%- elif product in ["rhel7"] -%}}
  sulogin='/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"'
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml
-index 9a12b8f1..05ad73ff 100644
+index 62fd1a76a..bb8a6b6a7 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml
-@@ -20,7 +20,7 @@
-   {{%- if init_system == "systemd" -%}}
+@@ -14,7 +14,7 @@
+   
    
    
      /usr/lib/systemd/system/rescue.service
--    {{%- if product in ["fedora", "rhel8", "rhel9", "ol8", "rhcos4"] -%}}
-+    {{%- if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8", "rhcos4"] -%}}
+-    {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "rhcos4", "sle12", "sle15"] -%}}
++    {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhcos4", "sle12", "sle15"] -%}}
      ^ExecStart=\-.*/usr/lib/systemd/systemd-sulogin-shell[ ]+rescue
      {{%- else -%}}
      ^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
-index 8d7a4fa7..d5e8c095 100644
+index 6e4791236..9482f5384 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Require Authentication for Single User Mode'
  
-@@ -50,7 +50,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      stigid@ol7: OL07-00-010481
      stigid@ol8: OL08-00-010151
      stigid@rhel7: RHEL-07-010481
@@ -6936,60 +8161,91 @@ index 8d7a4fa7..d5e8c095 100644
  
  ocil_clause: 'the output is different'
  
-@@ -59,7 +59,7 @@ ocil: |-
+@@ -60,7 +60,7 @@ ocil: |-
      To check if authentication is required for single-user mode, run the following command:
      
$ grep sulogin /usr/lib/systemd/system/rescue.service

      The output should be similar to the following, and the line must begin with
--    {{% if product in ["fedora", "rhel8", "rhel9", "ol8", "rhcos4"] -%}}
-+    {{% if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8", "rhcos4"] -%}}
+-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "rhcos4"] -%}}
++    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhcos4"] -%}}
          ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
          
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue

      {{%- elif product in ["rhel7"] -%}}
+@@ -95,7 +95,7 @@ fixtext: |-
+     Configure {{{ full_name }}} to require authentication in single user mode.
+ 
+     Add or update the following line in "/usr/lib/systemd/system/rescue.service":
+-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
++    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
+     ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue
+     {{%- elif product in ["rhel7"] -%}}
+     ExecStart=-/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
-index 66d47a0e..047a82bd 100644
+index fd13fbd1c..18d27a02a 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
  service_file="/usr/lib/systemd/system/rescue.service"
  sulogin="/usr/lib/systemd/systemd-sulogin-shell"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
-index d125b29e..6184023c 100644
+index 63b9b08b5..15abe6cec 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  service_file="/usr/lib/systemd/system/rescue.service"
  sulogin="/bin/bash"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml
-index 9f224748..2380e50b 100644
+index 2aa4e7fb9..f51fb868a 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Support session locking with tmux'
  
-@@ -24,7 +24,7 @@ references:
-     ospp: FMT_SMF_EXT.1
-     srg: SRG-OS-000031-GPOS-00012,SRG-OS-000028-GPOS-00009
-     stigid@ol8: OL08-00-020041
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
+index bd7dbe984..f351ce62a 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+ # reboot = false
+ # strategy = configure
+ # complexity = low
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml
+index 9ffe9066a..2ee2b5a13 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel8
++prodtype: rhel8,almalinux8
+ 
+ title: 'Support session locking with tmux (not enforcing)'
+ 
+@@ -26,7 +26,7 @@ identifiers:
+ references:
+     disa: CCI-000056,CCI-000058
+     srg: SRG-OS-000031-GPOS-00012,SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
 -    stigid@rhel8: RHEL-08-020041
 +    stigid@almalinux8: RHEL-08-020041
  
- ocil_clause: 'exec tmux is not present at the end of bashrc'
+ platform: package[tmux]
  
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
-index dc63eb65..dc693130 100644
+index dc63eb653..dc6931307 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -6999,89 +8255,175 @@ index dc63eb65..dc693130 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
-index ba17de40..1e98cfbd 100644
+index d67b6369c..a56d3222d 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure tmux to lock session after inactivity'
  
 @@ -25,7 +25,7 @@ references:
-     ospp: FMT_SMF_EXT.1
-     srg: SRG-OS-000029-GPOS-00010
+     ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1
+     srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
      stigid@ol8: OL08-00-020070
 -    stigid@rhel8: RHEL-08-020070
 +    stigid@almalinux8: RHEL-08-020070
  
- ocil_clause: 'lock-after-time is not set or set to zero'
+ ocil_clause: '"lock-after-time" is not set to "900" or less in the global tmux configuration file to enforce session lock after inactivity'
  
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
-index a3a23d8e..263bc54f 100644
+index b24d68379..3eec931e8 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure the tmux Lock Command'
  
-@@ -29,7 +29,7 @@ references:
-     nist: AC-11(a),AC-11(b),CM-6(a)
-     srg: SRG-OS-000028-GPOS-00009
+@@ -30,7 +30,7 @@ references:
+     ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1
+     srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol8: OL08-00-020040
 -    stigid@rhel8: RHEL-08-020040
 +    stigid@almalinux8: RHEL-08-020040
      vmmsrg: SRG-OS-000028-VMM-000090,SRG-OS-000030-VMM-000110
  
- ocil_clause: 'lock-command is not set'
+ ocil_clause: 'the "lock-command" is not set in the global settings to call "vlock"'
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh
+index ddfb97fa4..5213cdee6 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
+ echo 'set -g lock-command vlock' >> '/etc/tmux.conf'
+ chmod 0644 "/etc/tmux.conf"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/file_empty.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/file_empty.fail.sh
-index dacc9147..8a7eebd0 100644
+index 38bf0f874..696a2bba2 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/file_empty.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/file_empty.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  echo > '/etc/tmux.conf'
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/line_commented.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/line_commented.fail.sh
-index 3b5a134b..34b13717 100644
+index 5c630fa9e..6aebf9f3d 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/line_commented.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/line_commented.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  echo '# set -g lock-command vlock' >> '/etc/tmux.conf'
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/line_is_there.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/line_is_there.pass.sh
-index 7862a7e9..d1806b59 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/line_is_there.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/line_is_there.pass.sh
-@@ -1,4 +1,4 @@
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_permissions.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_permissions.fail.sh
+index ec984bb94..8d4f4eb93 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_permissions.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_permissions.fail.sh
+@@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  echo 'set -g lock-command vlock' >> '/etc/tmux.conf'
+ chmod 0600 "/etc/tmux.conf"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_value.fail.sh
-index e747275d..07b43ed4 100644
+index acd297d55..d8dc1cd00 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_value.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/wrong_value.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  echo 'set -g lock-command locker' >> '/etc/tmux.conf'
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/rule.yml
+index 9b6775d4e..eafff9d0a 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8
++prodtype: fedora,rhel8,almalinux8
+ 
+ title: 'Configure the tmux lock session key binding'
+ 
+@@ -25,7 +25,7 @@ identifiers:
+ references:
+     disa: CCI-000056
+     srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
+-    stigid@rhel8: RHEL-08-020040
++    stigid@almalinux8: RHEL-08-020040
+ 
+ ocil_clause: 'the "lock-session" is not bound to the X key'
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/correct.pass.sh
+index 69f3ed47d..778378486 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/correct.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/correct.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
+ echo 'bind X lock-session' >> '/etc/tmux.conf'
+ chmod 0644 "/etc/tmux.conf"
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/file_empty.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/file_empty.fail.sh
+index a63f352e9..06cb330f3 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/file_empty.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/file_empty.fail.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
+ echo > '/etc/tmux.conf'
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/line_commented.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/line_commented.fail.sh
+index d8a498ea5..23e71a5ed 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/line_commented.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/line_commented.fail.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
+ echo '# bind X lock-session' >> '/etc/tmux.conf'
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_permissions.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_permissions.fail.sh
+index 72ff907a5..c6e16dd1e 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_permissions.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_permissions.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
+ echo 'bind X lock-session' >> '/etc/tmux.conf'
+ chmod 0600 "/etc/tmux.conf"
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_value.fail.sh
+index 19ab103cc..17ee1765f 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_value.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_value.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
+ echo 'bind W lock-session' >> '/etc/tmux.conf'
+ chmod 0644 "/etc/tmux.conf"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml
-index 6b2d6cd5..c20712c9 100644
+index 6b2d6cd5e..c20712c9f 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -7092,20 +8434,20 @@ index 6b2d6cd5..c20712c9 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
-index b069a87f..19668abe 100644
+index 52cc12fc6..9a581ccdd 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Prevent user from disabling the screen lock'
  
 @@ -26,7 +26,7 @@ references:
-     ospp: FMT_SMF_EXT.1
-     srg: SRG-OS-000324-GPOS-00125,SRG-OS-000028-GPOS-00009
+     ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1
+     srg: SRG-OS-000324-GPOS-00125,SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol8: OL08-00-020042
 -    stigid@rhel8: RHEL-08-020042
 +    stigid@almalinux8: RHEL-08-020042
@@ -7113,19 +8455,19 @@ index b069a87f..19668abe 100644
  ocil_clause: 'tmux is listed in /etc/shells'
  
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
-index a76cdedd..be480047 100644
+index 006b51790..08faa6e14 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Install the tmux Package'
  
 @@ -43,7 +43,7 @@ references:
-     ospp: FMT_MOF_EXT.1
+     ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1
      srg: SRG-OS-000030-GPOS-00011,SRG-OS-000028-GPOS-00009
      stigid@ol8: OL08-00-020039
 -    stigid@rhel8: RHEL-08-020039
@@ -7134,7 +8476,7 @@ index a76cdedd..be480047 100644
  
  ocil_clause: 'the package is not installed'
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/ansible/shared.yml
-index 748bff82..1760268e 100644
+index 748bff82e..1760268eb 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -7144,19 +8486,19 @@ index 748bff82..1760268e 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
-index 00c9b8cb..607aca4a 100644
+index c19e339e1..acdc2d8b8 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Configure opensc Smart Card Drivers'
  
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
-index f79727a0..49f74f41 100644
+index f79727a03..49f74f418 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -7166,44 +8508,31 @@ index f79727a0..49f74f41 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml
-index fc2c75e8..367e7869 100644
+index 2889de05c..ea3af8b80 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Force opensc To Use Defined Smart Card Driver'
  
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/group.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/group.yml
-index 54524233..3697fd65 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/group.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/group.yml
-@@ -5,7 +5,7 @@ title: 'Hardware Tokens for Authentication'
- description: |-
-     The use of hardware tokens such as smart cards for system login
-     provides stronger, two-factor authentication than using a username and password.
--    {{% if product in ['ol7', 'ol8'] %}}
-+    {{% if product in ['ol7', 'ol8', 'almalinux8'] %}}
-     In {{{ full_name }}} servers, hardware token login
-     {{% else %}}
-     In Red Hat Enterprise Linux servers and workstations, hardware token login
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
-index 27725848..d4221ccc 100644
+index 635bb240c..b3861de07 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
 @@ -12,7 +12,7 @@
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Install Smart Card Packages For Multifactor Authentication'
  
-@@ -51,7 +51,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      stigid@ol7: OL07-00-041001
      stigid@ol8: OL08-00-010390
      stigid@rhel7: RHEL-07-041001
@@ -7213,14 +8542,14 @@ index 27725848..d4221ccc 100644
      stigid@sle15: SLES-15-010460
      stigid@ubuntu2004: UBTU-20-010063
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
-index a9bcfc66..5e762d5b 100644
+index 05ee175c6..34dcb5f76 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,ubuntu2204
  
  title: 'Install the opensc Package For Multifactor Authentication'
  
@@ -7234,31 +8563,41 @@ index a9bcfc66..5e762d5b 100644
      vmmsrg: SRG-OS-000376-VMM-001520
  
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml
-index 9c6534cf..6cfe9268 100644
+index e0f2f1e0a..511ba92eb 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Install the pcsc-lite package'
  
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
-index 6472ade5..2efa5cb5 100644
+index 51d0c3183..5db8bead3 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Enable the pcscd Service'
  
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
+index 58299265d..2535b3460 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_sle,multi_platform_rhel
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh
-index 2744af58..0f5c92be 100644
+index 2744af588..0f5c92bea 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -7267,8 +8606,41 @@ index 2744af58..0f5c92be 100644
  
  # Install required packages
  if ! rpm --quiet -q pam_pkcs11; then yum -y -d 1 install pam_pkcs11; fi
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
+index c2afecc19..652fbedb7 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ubuntu,multi_platform_rhel
++# platform = multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
+ # packages = openssl-pkcs11
+ 
+ if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
+index d7103cc0a..68c252f78 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+ # packages = openssl-pkcs11
+ 
+ if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
+diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
+index c0cc3c94f..6db041b04 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+ # packages = openssl-pkcs11
+ 
+ if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
 diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/kubernetes/shared.yml
-index ff493491..082c8e61 100644
+index ff493491e..082c8e61a 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/kubernetes/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -7279,14 +8651,14 @@ index ff493491..082c8e61 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
-index a9d19544..3db95485 100644
+index f232eb7e2..59a58f321 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Disable debug-shell SystemD Service'
  
@@ -7297,10 +8669,10 @@ index a9d19544..3db95485 100644
 -    stigid@rhel8: RHEL-08-040180
 +    stigid@almalinux8: RHEL-08-040180
  
- ocil: |-
-     {{{ ocil_service_disabled(service="debug-shell") }}}
+ ocil_clause: |-
+     {{{ ocil_clause_service_disabled(service="debug-shell") }}}
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
-index 74598bc7..680caf4b 100644
+index 74598bc7e..680caf4ba 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -7310,28 +8682,28 @@ index 74598bc7..680caf4b 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
-index 8f1ea001..027aea64 100644
+index f299285d4..52e841b61 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
  
  {{{ bash_instantiate_variables("var_account_disable_post_pw_expiration") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
-index 48d3ecd3..9905d9b5 100644
+index 55d39e5b6..49297243e 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Set Account Expiration Following Inactivity'
  
-@@ -54,7 +54,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-010310
      stigid@ol8: OL08-00-020260
      stigid@rhel7: RHEL-07-010310
@@ -7341,39 +8713,39 @@ index 48d3ecd3..9905d9b5 100644
      stigid@sle15: SLES-15-020050
      stigid@ubuntu2004: UBTU-20-010409
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml
-index 12926969..572f3fbb 100644
+index 0c207a85b..56db9cc5a 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Assign Expiration Date to Emergency Accounts'
  
-@@ -42,7 +42,7 @@ references:
-     nist-csf: DE.CM-1,DE.CM-3,PR.AC-1,PR.AC-4,PR.AC-6
-     srg: SRG-OS-000123-GPOS-00064,SRG-OS-000002-GPOS-00002
+@@ -45,7 +45,7 @@ references:
+     stigid@ol7: OL07-00-010271
      stigid@ol8: OL08-00-020270
+     stigid@rhel7: RHEL-07-010271
 -    stigid@rhel8: RHEL-08-020270
 +    stigid@almalinux8: RHEL-08-020270
      vmmsrg: SRG-OS-000002-VMM-000020,SRG-OS-000123-VMM-000620
  
- ocil_clause: 'any emergency accounts have no expiration date set or do not expire within a documented time frame'
+ ocil_clause: 'any emergency accounts have no expiration date set or do not expire within 72 hours'
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
-index bb5a1d55..ecf80300 100644
+index 676d43037..e28337970 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Assign Expiration Date to Temporary Accounts'
  
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: DE.CM-1,DE.CM-3,PR.AC-1,PR.AC-4,PR.AC-6
      srg: SRG-OS-000123-GPOS-00064,SRG-OS-000002-GPOS-00002
      stigid@ol8: OL08-00-020000
@@ -7383,18 +8755,18 @@ index bb5a1d55..ecf80300 100644
      stigid@sle15: SLES-15-020000
      stigid@ubuntu2004: UBTU-20-010000
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
-index d0665b41..f6ced399 100644
+index dc9ee170c..71f54452f 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
  
  title: 'Ensure All Accounts on the System Have Unique User IDs'
  
-@@ -26,7 +26,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      nist@sle12: IA-2,IA-2.1,IA-8,IA-8.1
      srg: SRG-OS-000104-GPOS-00051,SRG-OS-000121-GPOS-00062,SRG-OS-000042-GPOS-00020
      stigid@ol8: OL08-00-020240
@@ -7404,14 +8776,14 @@ index d0665b41..f6ced399 100644
      stigid@sle15: SLES-15-010230
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
-index d4a4c6b6..7434f97e 100644
+index 9bb4ecb9f..4d6b39961 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Only Authorized Local User Accounts Exist on Operating System'
  
@@ -7425,42 +8797,42 @@ index d4a4c6b6..7434f97e 100644
      stigid@sle15: SLES-15-020090
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
-index d942f81d..bcafb5e8 100644
+index aa147fdce..bb8288f5b 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
 @@ -1,5 +1,5 @@
  #! /bin/bash
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_authorized_local_users_regex=^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$
  
  var_accounts_authorized_local_users_regex="^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$"
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
-index f21cc003..681af208 100644
+index f523c432b..f03e32401 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,sle15
-+prodtype: fedora,rhel7,rhel8,almalinux8,sle15
+-prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
  
  title: 'Ensure All Groups on the System Have Unique Group ID'
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml
-index dae8462a..9a804d56 100644
+index d40145808..e1b0980d1 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,sle15
-+prodtype: fedora,rhel7,rhel8,almalinux8,sle15
+-prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,sle12,sle15,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2204
  
  title: 'Ensure All Groups on the System Have Unique Group Names'
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
-index bed135a4..1df8f3a2 100644
+index bed135a4d..1df8f3a2c 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -7469,21 +8841,11 @@ index bed135a4..1df8f3a2 100644
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/bash/shared.sh
-index de0ea219..196d11b0 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_fedora,multi_platform_ubuntu
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_fedora,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_accounts_maximum_age_login_defs") }}}
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
-index 206a08a3..d4136dd0 100644
+index 256d6f78a..561654606 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
-@@ -54,7 +54,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-010250
      stigid@ol8: OL08-00-020200
      stigid@rhel7: RHEL-07-010250
@@ -7493,7 +8855,7 @@ index 206a08a3..d4136dd0 100644
      stigid@sle15: SLES-15-020220
      stigid@ubuntu2004: UBTU-20-010008
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
-index 0c81c0ee..29f31c65 100644
+index 0c81c0ee5..29f31c654 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -7503,10 +8865,10 @@ index 0c81c0ee..29f31c65 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
-index 34df2e5c..28421050 100644
+index 7707829e8..a2b87600e 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-010230
      stigid@ol8: OL08-00-020190
      stigid@rhel7: RHEL-07-010230
@@ -7516,124 +8878,121 @@ index 34df2e5c..28421050 100644
      stigid@sle15: SLES-15-020200
      stigid@ubuntu2004: UBTU-20-010007
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
-index eee37bda..a231fa41 100644
+index b04d7cdb8..0d5a5831e 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
-index cb5efaa5..b2a0809b 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_instantiate_variables("var_accounts_password_minlen_login_defs") }}}
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
-index c8acda93..907ea25b 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
-@@ -46,7 +46,7 @@ references:
-     ospp: FMT_MOF_EXT.1
-     srg: SRG-OS-000078-GPOS-00046
-     stigid@ol8: OL08-00-020231
--    stigid@rhel8: RHEL-08-020231
-+    stigid@almalinux8: RHEL-08-020231
- 
- ocil_clause: 'it is not set to the required value'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh
-index c1acf5e2..9b209867 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh
-@@ -1,7 +1,7 @@
- #!/bin/bash
- #
- # profiles = xccdf_org.ssgproject.content_profile_ospp
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- if grep -q "^PASS_MIN_LEN" /etc/login.defs; then
- 	sed -i "s/^PASS_MIN_LEN.*/PASS_MIN_LEN 10/" /etc/login.defs
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_12.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_12.pass.sh
-index 0e31bd79..a2ff1105 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_12.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_12.pass.sh
-@@ -1,7 +1,7 @@
- #!/bin/bash
- #
- # profiles = xccdf_org.ssgproject.content_profile_ospp
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- if grep -q "^PASS_MIN_LEN" /etc/login.defs; then
- 	sed -i "s/^PASS_MIN_LEN.*/PASS_MIN_LEN 12/" /etc/login.defs
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_15.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_15.pass.sh
-index 88509363..64a38232 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_15.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_15.pass.sh
-@@ -1,7 +1,7 @@
- #!/bin/bash
- #
- # profiles = xccdf_org.ssgproject.content_profile_ospp
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- if grep -q "^PASS_MIN_LEN" /etc/login.defs; then
- 	sed -i "s/^PASS_MIN_LEN.*/PASS_MIN_LEN 15/" /etc/login.defs
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_commented.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_commented.fail.sh
-index bd7ed7a2..78ff205e 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_commented.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_commented.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- #
- # profiles = xccdf_org.ssgproject.content_profile_ospp
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- sed -i "s/.*PASS_MIN_LEN.*/#PASS_MIN_LEN 12/" /etc/login.defs
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_not_there.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_not_there.fail.sh
-index 88ecd439..678d3b6d 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_not_there.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_not_there.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- #
- # profiles = xccdf_org.ssgproject.content_profile_ospp
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- sed -i "/^PASS_MIN_LEN.*/d" /etc/login.defs
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
-index fc2d9735..58fba606 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
-@@ -1,4 +1,4 @@
 -# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
 +# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
+index 23710faba..7f1f5642d 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ 
+ {{{ bash_instantiate_variables("var_accounts_password_minlen_login_defs") }}}
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh
+index cb388dd9b..58223531f 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_10.fail.sh
+@@ -1,7 +1,7 @@
+ #!/bin/bash
+ #
+ # profiles = xccdf_org.ssgproject.content_profile_ospp
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
+ if grep -q "^PASS_MIN_LEN" /etc/login.defs; then
+ 	sed -i "s/^PASS_MIN_LEN.*/PASS_MIN_LEN 10/" /etc/login.defs
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_12.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_12.pass.sh
+index 7aaac8c68..1f1c11f06 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_12.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_12.pass.sh
+@@ -1,7 +1,7 @@
+ #!/bin/bash
+ #
+ # profiles = xccdf_org.ssgproject.content_profile_ospp
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ 
+ if grep -q "^PASS_MIN_LEN" /etc/login.defs; then
+ 	sed -i "s/^PASS_MIN_LEN.*/PASS_MIN_LEN 12/" /etc/login.defs
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_15.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_15.pass.sh
+index 89ab4795b..d7b8f29f4 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_15.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_15.pass.sh
+@@ -1,7 +1,7 @@
+ #!/bin/bash
+ #
+ # profiles = xccdf_org.ssgproject.content_profile_ospp
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
+ if grep -q "^PASS_MIN_LEN" /etc/login.defs; then
+ 	sed -i "s/^PASS_MIN_LEN.*/PASS_MIN_LEN 15/" /etc/login.defs
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_commented.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_commented.fail.sh
+index 00649b0bf..6d8d8f7d4 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_commented.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_commented.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ #
+ # profiles = xccdf_org.ssgproject.content_profile_ospp
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
+ sed -i "s/.*PASS_MIN_LEN.*/#PASS_MIN_LEN 12/" /etc/login.defs
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_not_there.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_not_there.fail.sh
+index 3772aee13..4dfc4668b 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_not_there.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/tests/password_minlen_not_there.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ #
+ # profiles = xccdf_org.ssgproject.content_profile_ospp
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
+ sed -i "/^PASS_MIN_LEN.*/d" /etc/login.defs
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
+index 0af6018b4..bcbcdffb7 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
+index d8149ebbc..cc52efeba 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
-index 4a355eee..a1174cc5 100644
+index 93fd76aac..39dc76a2b 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Set Existing Passwords Maximum Age'
  
-@@ -34,7 +34,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      stigid@ol7: OL07-00-010260
      stigid@ol8: OL08-00-020210
      stigid@rhel7: RHEL-07-010260
@@ -7643,28 +9002,28 @@ index 4a355eee..a1174cc5 100644
      stigid@sle15: SLES-15-020230
      vmmsrg: SRG-OS-000076-VMM-000430
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/bash/shared.sh
-index e55a4c9e..468e73ed 100644
+index 7b4f2c3e0..ab46f84f9 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
-index 831a3c52..1377b469 100644
+index a133b6e69..545df9ad0 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Set Existing Passwords Minimum Age'
  
-@@ -35,7 +35,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      stigid@ol7: OL07-00-010240
      stigid@ol8: OL08-00-020180
      stigid@rhel7: RHEL-07-010240
@@ -7674,28 +9033,28 @@ index 831a3c52..1377b469 100644
      stigid@sle15: SLES-15-020210
      vmmsrg: SRG-OS-000075-VMM000420
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
-index 1091f8c8..00da1b03 100644
+index 4994ff315..e8469b8e9 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
-index 2db962da..5351e7ee 100644
+index 25ec7a969..a67ca158a 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
  
  title: 'Verify All Account Password Hashes are Shadowed with SHA512'
  
-@@ -37,7 +37,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      nist: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1
      srg:  SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010120
@@ -7705,185 +9064,191 @@ index 2db962da..5351e7ee 100644
      stigid@sle15: SLES-15-020180
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
-index dd260c7e..1b43bf44 100644
+index 82110016d..2a73ed386 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
-index b0c50f5f..1f86d0cf 100644
+index a40010714..d244fc548 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
  {{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml
-index 28e993e5..3bf7ecf2 100644
+index 2fa454aba..0b63af1f8 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Set number of Password Hashing Rounds - password-auth'
  
-@@ -33,7 +33,7 @@ references:
-     disa: CCI-000196
-     srg: SRG-OS-000073-GPOS-00041
-     stigid@ol8: OL08-00-010130
--    stigid@rhel8: RHEL-08-010130
-+    stigid@almalinux8: RHEL-08-010130
- 
- ocil_clause: 'it does not set the appropriate number of hashing rounds'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
-index 244ae3db..daf80c77 100644
+index 3e24ba16a..f3030f2af 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh
-index 8af81389..29542c0f 100644
+index 39690d88d..f85baccad 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  ROUNDS=65536
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh
-index 5af0640b..d853eba1 100644
+index 9c99fc307..582d69dd0 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  # variables = var_password_pam_unix_rounds=65536
  
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh
+index dc8b11e2d..776921f27 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_unix_rounds=65536
+ 
+ ROUNDS=65536
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh
-index 10d83eac..86d37185 100644
+index 96bcc3e23..0e90d7d60 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  ROUNDS=4000
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
-index 2e5aabcd..8f3d7421 100644
+index c0b520bdf..70ab14cba 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
-index 1cd0f94c..67e60d6d 100644
+index 8316e495a..bf8a4c240 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
  {{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml
-index 72707db7..2e05990b 100644
+index 970241983..a9eaff70e 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Set number of Password Hashing Rounds - system-auth'
  
-@@ -33,7 +33,7 @@ references:
-   disa: CCI-000196
-   srg: SRG-OS-000073-GPOS-00041
-   stigid@ol8: OL08-00-010131
--  stigid@rhel8: RHEL-08-010131
-+  stigid@almalinux8: RHEL-08-010131
- 
- ocil_clause: 'it does not set the appropriate number of hashing rounds'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
-index 506a8075..ed3c8ad2 100644
+index 3da866412..de98db38a 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh
-index 48c7f5a4..913b37d7 100644
+index 67a052f98..7bcaa94f0 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  ROUNDS=65536
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh
-index d111f61e..62977fa4 100644
+index 3e62935b5..9c2631a46 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  # variables = var_password_pam_unix_rounds=65536
  
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh
+index 85bbbdb7f..2a9b3947b 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # variables = var_password_pam_unix_rounds=65536
+ 
+ ROUNDS=65536
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh
-index 3c25268d..c34e3a10 100644
+index 244799045..be78a8508 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  ROUNDS=4000
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
-index 8e1ae005..27d584b4 100644
+index feb5366ed..f94a8b0c3 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -7893,65 +9258,77 @@ index 8e1ae005..27d584b4 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
-index c82f2f73..7942e2f7 100644
+index e85580dc5..130911186 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
-index 075cc631..47e67288 100644
+index ad3133b1f..eac1b843a 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
  ---
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
-index 6cf476b6..cbbf8834 100644
+index 6286a5532..d44452fc4 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
-@@ -54,7 +54,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      stigid@ol7: OL07-00-010290
      stigid@ol8: OL08-00-020331
      stigid@rhel7: RHEL-07-010290
--    stigid@rhel8:  RHEL-08-020331
-+    stigid@almalinux8:  RHEL-08-020331
+-    stigid@rhel8: RHEL-08-020331
++    stigid@almalinux8: RHEL-08-020331
      stigid@sle12: SLES-12-010231
      stigid@sle15: SLES-15-020300
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
-index 84b10027..4425caae 100644
+index 1dd45236b..6766ce732 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
+index 0dfb32e31..03bcd23d1 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ 
+ SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
-index 52ad383d..920e34b3 100644
+index 9dc5d7677..a16c83995 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/ansible/shared.yml
-index acf0496e..7f1fb69d 100644
+index acf0496e1..7f1fb69db 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -7961,7 +9338,7 @@ index acf0496e..7f1fb69d 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/rule.yml
-index 126f2ba5..9c45e22a 100644
+index 7241e77ea..2e0273014 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/rule.yml
 @@ -1,6 +1,6 @@
@@ -7973,7 +9350,7 @@ index 126f2ba5..9c45e22a 100644
  title: 'Ensure there are no legacy + NIS entries in /etc/group'
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/ansible/shared.yml
-index 5baef258..84ddc1e0 100644
+index 5baef2580..84ddc1e02 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -7983,44 +9360,44 @@ index 5baef258..84ddc1e0 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/rule.yml
-index 12e9a125..6bf3b7cc 100644
+index 29c2f102c..cdc0e8904 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure there are no legacy + NIS entries in /etc/passwd'
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/ansible/shared.yml
-index c969414d..7b71e4ce 100644
+index 301657219..aee4f5bcc 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,Red Hat OpenShift Container Platform 4,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4
-+# platform = multi_platform_fedora,Red Hat OpenShift Container Platform 4,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4
+-# platform = multi_platform_fedora,multi_platform_sle,Red Hat OpenShift Container Platform 4,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4
++# platform = multi_platform_fedora,multi_platform_sle,Red Hat OpenShift Container Platform 4,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/rule.yml
-index 102c4def..9dd2ada2 100644
+index 468158339..d5c485088 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure there are no legacy + NIS entries in /etc/shadow'
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
-index 8bc5319d..2b8df2c9 100644
+index 95991b273..937e71365 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
-@@ -51,7 +51,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-020310
      stigid@ol8: OL08-00-040200
      stigid@rhel7: RHEL-07-020310
@@ -8029,18 +9406,8 @@ index 8bc5319d..2b8df2c9 100644
      stigid@sle12: SLES-12-010650
      stigid@sle15: SLES-15-020100
  
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/ansible/shared.yml
-index 6fbb7c72..d8e71c19 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
-index 8f87bf06..6bed5ef5 100644
+index 8f87bf06e..6bed5ef5a 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -8051,7 +9418,7 @@ index 8f87bf06..6bed5ef5 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_root_webbrowsing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_root_webbrowsing/rule.yml
-index b5bfabab..6742eeb2 100644
+index b5bfababf..6742eeb2f 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_root_webbrowsing/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_root_webbrowsing/rule.yml
 @@ -1,6 +1,6 @@
@@ -8063,19 +9430,19 @@ index b5bfabab..6742eeb2 100644
  title: 'Restrict Web Browser Use for Administrative Accounts'
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
-index 2cd7a9ef..f2c75308 100644
+index 24d698396..71a0b5ce9 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure that System Accounts Do Not Run a Shell Upon Login'
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
-index 5f9c92aa..119219eb 100644
+index 5f9c92aac..119219eb0 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -8085,7 +9452,7 @@ index 5f9c92aa..119219eb 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/root_path_default/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/root_path_default/rule.yml
-index 84560835..c0f76497 100644
+index 845608357..c0f76497f 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/root_path_default/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/root_path_default/rule.yml
 @@ -1,6 +1,6 @@
@@ -8097,7 +9464,7 @@ index 84560835..c0f76497 100644
  title: 'Root Path Must Be Vendor Default'
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
-index 94594008..c71e3c69 100644
+index 945940087..c71e3c698 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -8107,65 +9474,65 @@ index 94594008..c71e3c69 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
-index 7194be9c..33bf1622 100644
+index ce0eb9e09..ccaec7a24 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
-index 96a41cad..5b36c8a7 100644
+index cf672ee28..ea4326138 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
  # uncomment the option if commented
    sed '/^[[:space:]]*#[[:space:]]*auth[[:space:]]\+required[[:space:]]\+pam_wheel\.so[[:space:]]\+use_uid$/s/^[[:space:]]*#//' -i /etc/pam.d/su
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
-index 9845160e..4596cfbe 100644
+index a8b964a26..3cfae3200 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Enforce usage of pam_wheel for su authentication'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/ansible/shared.yml
-index e53f7863..f8bfacd0 100644
+index c616d02f8..2d6d5201f 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle,multi_platform_fedora
+-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,Oracle Linux 7,Oracle Linux 8,multi_platform_sle,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,Oracle Linux 7,Oracle Linux 8,multi_platform_sle,multi_platform_fedora
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/bash/shared.sh
-index be3cc99c..6770cf9e 100644
+index 6aacc6efe..ad8e05fdc 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/bash/shared.sh
 @@ -1,3 +1,3 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle,multi_platform_fedora
+-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,Oracle Linux 7,Oracle Linux 8,multi_platform_sle,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,Oracle Linux 7,Oracle Linux 8,multi_platform_sle,multi_platform_fedora
  
  {{{ set_config_file("/etc/login.defs", "CREATE_HOME", "yes", create=true, insert_after="", insert_before="^\s*CREATE_HOME", insensitive=true) }}}
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
-index 0587c51e..d83d4d1d 100644
+index d4b0fac40..6cbbfaac5 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure Home Directories are Created for New Users'
  
@@ -8179,7 +9546,7 @@ index 0587c51e..d83d4d1d 100644
      stigid@sle15: SLES-15-020110
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
-index 53b68079..2a6b6612 100644
+index 53b68079e..2a6b66121 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -8189,17 +9556,17 @@ index 53b68079..2a6b6612 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh
-index e18dacd3..f7eb010c 100644
+index 23e6f0dd5..6055798dd 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ol
+-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
  
  {{{ bash_instantiate_variables("var_accounts_fail_delay") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml
-index e8a68060..b2705ed0 100644
+index 2f749b959..91eb5dc62 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml
 @@ -32,7 +32,7 @@ references:
@@ -8210,9 +9577,9 @@ index e8a68060..b2705ed0 100644
 +    stigid@almalinux8: RHEL-08-020310
      stigid@sle12: SLES-12-010140
  
- ocil_clause: 'the above command returns no output, or FAIL_DELAY is configured less than the expected value'
+ ocil_clause: 'the value of "FAIL_DELAY" is not set to "{{{ xccdf_value("var_accounts_fail_delay") }}}" or greater, or the line is commented out'
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
-index 536ac295..d1bff5ff 100644
+index 536ac2956..d1bff5ffa 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -8222,17 +9589,17 @@ index 536ac295..d1bff5ff 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
-index c0b854da..cb75cd10 100644
+index 0005b2ccb..0329d6cdf 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ubuntu,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ubuntu,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_sle
  
  {{{ bash_instantiate_variables("var_accounts_max_concurrent_login_sessions") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
-index 8a6ca3c8..307af457 100644
+index 8b9d8824b..4d0badc9d 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
 @@ -39,7 +39,7 @@ references:
@@ -8245,72 +9612,72 @@ index 8a6ca3c8..307af457 100644
      stigid@sle15: SLES-15-020020
      stigid@ubuntu2004: UBTU-20-010400
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
-index 1bd99ce7..a4f03471 100644
+index 8f060f47d..099a8f029 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_sle
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
-index 81a86072..678586dd 100644
+index bb4f52f3a..af6adefb0 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_sle
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/ansible/shared.yml
-index f37ac948..dc8eb410 100644
+index a44509922..ba1e4ed7e 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
-index b970972a..ba6d300d 100644
+index 335bb5dbe..7a8713867 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Set Interactive Session Timeout'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml
-index e7d83f84..a8ca1ec9 100644
+index b3bcf84aa..f8b37dc38 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15,ubuntu2004,wrlinux1019
+-prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'User Initialization Files Must Be Group-Owned By The Primary User'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
-index 94a8b358..5dfeb554 100644
+index 09117cedf..d4637d40d 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2204
  
  title: 'User Initialization Files Must Not Run World-Writable Programs'
  
-@@ -32,7 +32,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      stigid@ol7: OL07-00-020730
      stigid@ol8: OL08-00-010660
      stigid@rhel7: RHEL-07-020730
@@ -8320,26 +9687,26 @@ index 94a8b358..5dfeb554 100644
      stigid@sle15: SLES-15-040130
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml
-index 33bb0f51..649e1068 100644
+index 1c1fb61fd..ba44bcb73 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,ubuntu2004,wrlinux1019
+-prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'User Initialization Files Must Be Owned By the Primary User'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
-index 350d2cc5..76e98b04 100644
+index 56fc415f9..67c4f789f 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure that Users Path Contains Only Local Directories'
  
@@ -8353,14 +9720,14 @@ index 350d2cc5..76e98b04 100644
      stigid@sle15: SLES-15-040120
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
-index a666d82f..3e6404d4 100644
+index 64f21a988..211b4d8ce 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'All Interactive Users Must Have A Home Directory Defined'
  
@@ -8374,18 +9741,18 @@ index a666d82f..3e6404d4 100644
      stigid@sle15: SLES-15-040070
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
-index 5bca9149..3fabb448 100644
+index 430b07e70..bd8a1d16a 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'All Interactive Users Home Directories Must Exist'
  
-@@ -37,7 +37,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      stigid@ol7: OL07-00-020620
      stigid@ol8: OL08-00-010750
      stigid@rhel7: RHEL-07-020620
@@ -8395,54 +9762,72 @@ index 5bca9149..3fabb448 100644
      stigid@sle15: SLES-15-040080
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
-index b5d629a4..5df2b3e5 100644
+index 106c654d4..3908dabbd 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15,wrlinux1019
+-prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
  
  title: 'All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary User'
  
+@@ -33,7 +33,7 @@ references:
+     stigid@ol7: OL07-00-020670
+     stigid@ol8: OL08-00-010741
+     stigid@rhel7: RHEL-07-020670
+-    stigid@rhel8: RHEL-08-010741
++    stigid@almalinux8: RHEL-08-010741
+ 
+ ocil_clause: 'the group ownership is incorrect'
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml
-index 00f5f0b9..55b7fcb0 100644
+index 3f39a12bc..4b7467961 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15,wrlinux1019
+-prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
  
  title: 'All User Files and Directories In The Home Directory Must Have a Valid Owner'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
-index 4777f8a3..4e9bc29f 100644
+index 2a5151ab3..d9fe09150 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15,wrlinux1019
+-prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
  
  title: 'All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive'
  
+@@ -30,7 +30,7 @@ references:
+     stigid@ol7: OL07-00-020680
+     stigid@ol8: OL08-00-010731
+     stigid@rhel7: RHEL-07-020680
+-    stigid@rhel8: RHEL-08-010731
++    stigid@almalinux8: RHEL-08-010731
+ 
+ ocil_clause: 'home directory files or folders have incorrect permissions'
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
-index 0d99f9aa..8a93692f 100644
+index 0e45130ca..96d5aea55 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
++prodtype: alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2204
  
  title: 'All Interactive User Home Directories Must Be Group-Owned By The Primary User'
  
-@@ -38,7 +38,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-020650
      stigid@ol8: OL08-00-010740
      stigid@rhel7: RHEL-07-020650
@@ -8452,26 +9837,26 @@ index 0d99f9aa..8a93692f 100644
      stigid@sle15: SLES-15-040100
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml
-index 754dd064..e28b1faf 100644
+index f76d6706d..aa6dd1e81 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2204
  
  title: 'All Interactive User Home Directories Must Be Owned By The Primary User'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
-index e33c068f..5a5fa38b 100644
+index 5bfdd4a14..01e0373ac 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure All User Initialization Files Have Mode 0740 Or Less Permissive'
  
@@ -8485,18 +9870,18 @@ index e33c068f..5a5fa38b 100644
      stigid@sle15: SLES-15-040110
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
-index e8211cb5..b78cb8e9 100644
+index f124193f1..7f532563e 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'All Interactive User Home Directories Must Have mode 0750 Or Less Permissive'
  
-@@ -34,7 +34,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      stigid@ol7: OL07-00-020630
      stigid@ol8: OL08-00-010730
      stigid@rhel7: RHEL-07-020630
@@ -8506,103 +9891,93 @@ index e8211cb5..b78cb8e9 100644
      stigid@sle15: SLES-15-040090
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
-index 4e7ea875..ecbce672 100644
+index 86a49dd9b..dacd49f2e 100644
 --- a/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/bash/shared.sh
-index 9417c63d..fb02f72b 100644
---- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- {{{ bash_instantiate_variables("var_accounts_user_umask") }}}
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
-index 73c0d4c0..5a2cd9e4 100644
+index ceed76c5a..ed9742d59 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure the Default Bash Umask is Set Correctly'
  
-@@ -40,7 +40,7 @@ references:
+@@ -53,7 +53,7 @@ references:
+     pcidss: Req-8.6.1
+     srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-020353
+-    stigid@rhel8: RHEL-08-020353
++    stigid@almalinux8: RHEL-08-020353
+ 
+ ocil_clause: 'the value for the "umask" parameter is not "{{{ xccdf_value("var_accounts_user_umask") }}}", or the "umask" parameter is missing or is commented out'
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh
+index 7fabd85e4..d52316e3b 100644
+--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # profiles = xccdf_org.ssgproject.content_profile_stig
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ 
+ sed -i '/umask/d' /etc/bashrc
+ echo "umask 077" >> /etc/bashrc
+diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
+index 0f681a6db..846b47fee 100644
+--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
++++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_ubuntu
+ 
+ {{{ bash_instantiate_variables("var_accounts_user_umask") }}}
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
+index 21238691a..1ee0fbb01 100644
+--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
++++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu2004
++prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004
+ 
+ title: 'Ensure the Default C Shell Umask is Set Correctly'
+ 
+@@ -34,7 +34,7 @@ references:
      nist-csf: PR.IP-2
      srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020353
 -    stigid@rhel8: RHEL-08-020353
 +    stigid@almalinux8: RHEL-08-020353
  
- ocil_clause: 'the above command returns no output, or if the umask is configured incorrectly'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh
-index eaaf1d3b..c5abfe41 100644
---- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/tests/stig_correct.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # profiles = xccdf_org.ssgproject.content_profile_stig
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- sed -i '/umask/d' /etc/bashrc
- echo "umask 077" >> /etc/bashrc
-diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
-index b5fa44e9..10d895a0 100644
---- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- {{{ bash_instantiate_variables("var_accounts_user_umask") }}}
- 
-diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
-index 3fe2ebc9..6ea4c7e0 100644
---- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004
- 
- title: 'Ensure the Default C Shell Umask is Set Correctly'
- 
-@@ -33,7 +33,7 @@ references:
-     nist: AC-6(1),CM-6(a)
-     nist-csf: PR.IP-2
-     srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
--    stigid@rhel8: RHEL-08-020353
-+    stigid@almalinux8: RHEL-08-020353
- 
- ocil_clause: 'the above command returns no output, or if the umask is configured incorrectly'
+ ocil_clause: 'the value for the "umask" parameter is not "{{{ xccdf_value("var_accounts_user_umask") }}}", or the "umask" parameter is missing or is commented out'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh
-index a6db2863..f33d4eca 100644
+index 04f6247a8..bd02cb830 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # profiles = xccdf_org.ssgproject.content_profile_stig
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  sed -i '/umask/d' /etc/csh.cshrc
  echo "umask 077" >> /etc/csh.cshrc
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/ansible/shared.yml
-index ea0edc6f..073a937f 100644
+index 678f568fa..be583d14b 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -8612,20 +9987,20 @@ index ea0edc6f..073a937f 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/bash/shared.sh
-index 575d2b5b..c3a04c68 100644
+index acb272c05..4582a801b 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_accounts_user_umask") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
-index 11d6291b..368baec7 100644
+index 947cd7866..12b0058b5 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-020240
      stigid@ol8: OL08-00-020351
      stigid@rhel7: RHEL-07-020240
@@ -8635,44 +10010,96 @@ index 11d6291b..368baec7 100644
      stigid@sle15: SLES-15-040420
      stigid@ubuntu2004: UBTU-20-010016
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
-index 771a09d4..66396b4c 100644
+index 65386b792..77ada3f09 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
-@@ -36,7 +36,7 @@ references:
-     nist: AC-6(1),CM-6(a)
-     nist-csf: PR.IP-2
+@@ -44,7 +44,7 @@ references:
+     pcidss: Req-8.6.1
      srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-020353
 -    stigid@rhel8: RHEL-08-020353
 +    stigid@almalinux8: RHEL-08-020353
  
- ocil_clause: 'the above command returns no output, or if the umask is configured incorrectly'
- 
+ ocil_clause: |-
+     the value for the "umask" parameter is not "{{{ xccdf_value("var_accounts_user_umask") }}}",
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
-index 9219e578..e0dd6c26 100644
+index ded8284be..05143b353 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure the Default Umask is Set Correctly For Interactive Users'
  
-@@ -28,7 +28,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      stigid@ol7: OL07-00-021040
      stigid@ol8: OL08-00-020352
      stigid@rhel7: RHEL-07-021040
 -    stigid@rhel8: RHEL-08-020352
 +    stigid@almalinux8: RHEL-08-020352
  
- ocil_clause: 'the above command returns no output, or if the umask is configured incorrectly'
+ ocil_clause: 'any local interactive user initialization files are found to have a umask statement that sets a value less restrictive than "077"'
  
+diff --git a/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml b/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
+index 6a7324a7a..d979c6b04 100644
+--- a/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
++++ b/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora,multi_platform_ol
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora,multi_platform_ol
+ # reboot = false
+ # strategy = configure
+ # complexity = low
+diff --git a/linux_os/guide/system/accounts/enable_authselect/rule.yml b/linux_os/guide/system/accounts/enable_authselect/rule.yml
+index 2fd90cf19..c92e8a75c 100644
+--- a/linux_os/guide/system/accounts/enable_authselect/rule.yml
++++ b/linux_os/guide/system/accounts/enable_authselect/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol8,ol9,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
+ 
+ title: 'Enable authselect'
+ 
+diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
+index 31c46debf..9b4e3abe2 100644
+--- a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
++++ b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ # packages = authselect,pam
+ # remediation = none
+ 
+diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh b/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh
+index ac68df9e0..f589bfb44 100644
+--- a/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh
++++ b/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ # packages = authselect,pam
+ 
+ authselect select minimal --force
+diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
+index 3bd07c62e..e328ca74c 100644
+--- a/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
++++ b/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ # packages = authselect,pam
+ 
+ rm -f /etc/pam.d/{fingerprint-auth,password-auth,postlogin,smartcard-auth,system-auth}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml
-index eadfb057..efe6a244 100644
+index 41aa5e429..7d0e189d9 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml
-@@ -58,7 +58,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      stigid@ol7: OL07-00-030410
      stigid@ol8: OL08-00-030490
      stigid@rhel7: RHEL-07-030410
@@ -8682,10 +10109,10 @@ index eadfb057..efe6a244 100644
      stigid@sle15: SLES-15-030290
      stigid@ubuntu2004: UBTU-20-010152
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml
-index 970fed53..66609376 100644
+index d303a28fd..5867b2375 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml
-@@ -58,7 +58,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      stigid@ol7: OL07-00-030370
      stigid@ol8: OL08-00-030480
      stigid@rhel7: RHEL-07-030370
@@ -8695,74 +10122,74 @@ index 970fed53..66609376 100644
      stigid@sle15: SLES-15-030250
      stigid@ubuntu2004: UBTU-20-010148
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml
-index 81cc315e..d32d7960 100644
+index 0ed40f5a5..4e3c4ab21 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml
-@@ -58,7 +58,7 @@ references:
-     stigid@ol7: OL07-00-030420
-     stigid@ol8: OL08-00-030540
-     stigid@rhel7: RHEL-07-030420
+@@ -61,7 +61,7 @@ references:
+     stigid@ol7: OL07-00-030410
+     stigid@ol8: OL08-00-030490
+     stigid@rhel7: RHEL-07-030410
 -    stigid@rhel8: RHEL-08-030490
 +    stigid@almalinux8: RHEL-08-030490
-     stigid@sle12: SLES-12-020470
-     stigid@sle15: SLES-15-030300
+     stigid@sle12: SLES-12-020460
+     stigid@sle15: SLES-15-030290
      stigid@ubuntu2004: UBTU-20-010153
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml
-index 9a16e0c0..70b0e92f 100644
+index 09d963664..0a65e9659 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml
-@@ -58,7 +58,7 @@ references:
-     stigid@ol7: OL07-00-030430
-     stigid@ol8: OL08-00-030530
-     stigid@rhel7: RHEL-07-030430
+@@ -61,7 +61,7 @@ references:
+     stigid@ol7: OL07-00-030410
+     stigid@ol8: OL08-00-030490
+     stigid@rhel7: RHEL-07-030410
 -    stigid@rhel8: RHEL-08-030490
 +    stigid@almalinux8: RHEL-08-030490
-     stigid@sle12: SLES-12-020480
-     stigid@sle15: SLES-15-030310
+     stigid@sle12: SLES-12-020460
+     stigid@sle15: SLES-15-030290
      stigid@ubuntu2004: UBTU-20-010154
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml
-index 11d522c2..72012bac 100644
+index 36198137c..01762eb17 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml
-@@ -61,7 +61,7 @@ references:
-     stigid@ol7: OL07-00-030380
-     stigid@ol8: OL08-00-030520
-     stigid@rhel7: RHEL-07-030380
+@@ -64,7 +64,7 @@ references:
+     stigid@ol7: OL07-00-030370
+     stigid@ol8: OL08-00-030480
+     stigid@rhel7: RHEL-07-030370
 -    stigid@rhel8: RHEL-08-030480
 +    stigid@almalinux8: RHEL-08-030480
-     stigid@sle12: SLES-12-020430
-     stigid@sle15: SLES-15-030260
+     stigid@sle12: SLES-12-020420
+     stigid@sle15: SLES-15-030250
      stigid@ubuntu2004: UBTU-20-010149
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml
-index 1f74f950..11288f64 100644
+index 8fcdae247..33039e7a6 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml
-@@ -58,7 +58,7 @@ references:
-     stigid@ol7: OL07-00-030400
-     stigid@ol8: OL08-00-030510
-     stigid@rhel7: RHEL-07-030400
+@@ -61,7 +61,7 @@ references:
+     stigid@ol7: OL07-00-030370
+     stigid@ol8: OL08-00-030480
+     stigid@rhel7: RHEL-07-030370
 -    stigid@rhel8: RHEL-08-030480
 +    stigid@almalinux8: RHEL-08-030480
-     stigid@sle12: SLES-12-020450
-     stigid@sle15: SLES-15-030280
+     stigid@sle12: SLES-12-020420
+     stigid@sle15: SLES-15-030250
      stigid@ubuntu2004: UBTU-20-010150
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
-index a7a3a872..33332a47 100644
+index 8376f7386..e21ae7456 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
 @@ -11,13 +11,13 @@ description: |-
      startup (the default), add the following line to a file with suffix
      .rules in the directory /etc/audit/rules.d:
      
-a always,exit -F arch=b32 -S fremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b32 -S fremovexattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      


      If the system is 64 bit then also add the following line:
      
-a always,exit -F arch=b64 -S fremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b64 -S fremovexattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      


@@ -8770,99 +10197,99 @@ index a7a3a872..33332a47 100644
      utility to read audit rules during daemon startup, add the following line to
      /etc/audit/audit.rules file:
      
-a always,exit -F arch=b32 -S fremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b32 -S fremovexattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      


      If the system is 64 bit then also add the following line:
      
-a always,exit -F arch=b64 -S fremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b64 -S fremovexattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
  
-@@ -75,7 +75,7 @@ references:
-     stigid@ol7: OL07-00-030480
-     stigid@ol8: OL08-00-030240
-     stigid@rhel7: RHEL-07-030480
+@@ -78,7 +78,7 @@ references:
+     stigid@ol7: OL07-00-030440
+     stigid@ol8: OL08-00-030200
+     stigid@rhel7: RHEL-07-030440
 -    stigid@rhel8: RHEL-08-030200
 +    stigid@almalinux8: RHEL-08-030200
-     stigid@sle12: SLES-12-020410
-     stigid@sle15: SLES-15-030210
+     stigid@sle12: SLES-12-020370
+     stigid@sle15: SLES-15-030190
      stigid@ubuntu2004: UBTU-20-010147
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
-index 0bff8533..112e3259 100644
+index 8aa2a0ca8..7b4a38f4c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
 @@ -9,24 +9,24 @@ description: |-
      startup (the default), add the following line to a file with suffix
      .rules in the directory /etc/audit/rules.d:
      
-a always,exit -F arch=b32 -S fsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b32 -S fsetxattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      If the system is 64 bit then also add the following line:
      
-a always,exit -F arch=b64 -S fsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b64 -S fsetxattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      If the auditd daemon is configured to use the auditctl
      utility to read audit rules during daemon startup, add the following line to
      /etc/audit/audit.rules file:
      
-a always,exit -F arch=b32 -S fsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b32 -S fsetxattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      If the system is 64 bit then also add the following line:
      
-a always,exit -F arch=b64 -S fsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b64 -S fsetxattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
  
-@@ -70,7 +70,7 @@ references:
-     stigid@ol7: OL07-00-030450
-     stigid@ol8: OL08-00-030230
-     stigid@rhel7: RHEL-07-030450
+@@ -73,7 +73,7 @@ references:
+     stigid@ol7: OL07-00-030440
+     stigid@ol8: OL08-00-030200
+     stigid@rhel7: RHEL-07-030440
 -    stigid@rhel8: RHEL-08-030200
 +    stigid@almalinux8: RHEL-08-030200
-     stigid@sle12: SLES-12-020380
-     stigid@sle15: SLES-15-030230
+     stigid@sle12: SLES-12-020370
+     stigid@sle15: SLES-15-030190
      stigid@ubuntu2004: UBTU-20-010144
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml
-index dec01548..26c3cce5 100644
+index f2eaf6a3a..cfd95440a 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml
-@@ -58,7 +58,7 @@ references:
-     stigid@ol7: OL07-00-030390
-     stigid@ol8: OL08-00-030500
-     stigid@rhel7: RHEL-07-030390
+@@ -61,7 +61,7 @@ references:
+     stigid@ol7: OL07-00-030370
+     stigid@ol8: OL08-00-030480
+     stigid@rhel7: RHEL-07-030370
 -    stigid@rhel8: RHEL-08-030480
 +    stigid@almalinux8: RHEL-08-030480
-     stigid@sle12: SLES-12-020440
-     stigid@sle15: SLES-15-030270
+     stigid@sle12: SLES-12-020420
+     stigid@sle15: SLES-15-030250
      stigid@ubuntu2004: UBTU-20-010151
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
-index 8f29dd24..6c5db2b7 100644
+index a7e1a9fba..3fa5ae011 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
 @@ -11,13 +11,13 @@ description: |-
      startup (the default), add the following line to a file with suffix
      .rules in the directory /etc/audit/rules.d:
      
-a always,exit -F arch=b32 -S lremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8"] %}}
-+{{%- if product in ["rhel8", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b32 -S lremovexattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      


      If the system is 64 bit then also add the following line:
      
-a always,exit -F arch=b64 -S lremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8"] %}}
-+{{%- if product in ["rhel8", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b64 -S lremovexattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      


@@ -8870,86 +10297,86 @@ index 8f29dd24..6c5db2b7 100644
      utility to read audit rules during daemon startup, add the following line to
      /etc/audit/audit.rules file:
      
-a always,exit -F arch=b32 -S lremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8"] %}}
-+{{%- if product in ["rhel8", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b32 -S lremovexattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      


      If the system is 64 bit then also add the following line:
      
-a always,exit -F arch=b64 -S lremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8"] %}}
-+{{%- if product in ["rhel8", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b64 -S lremovexattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
  
-@@ -75,7 +75,7 @@ references:
-     stigid@ol7: OL07-00-030490
+@@ -78,7 +78,7 @@ references:
+     stigid@ol7: OL07-00-030440
      stigid@ol8: OL08-00-030200
-     stigid@rhel7: RHEL-07-030490
+     stigid@rhel7: RHEL-07-030440
 -    stigid@rhel8: RHEL-08-030200
 +    stigid@almalinux8: RHEL-08-030200
-     stigid@sle12: SLES-12-020400
-     stigid@sle15: SLES-15-030200
+     stigid@sle12: SLES-12-020370
+     stigid@sle15: SLES-15-030190
      stigid@ubuntu2004: UBTU-20-010146
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
-index 44ff9cf8..52ae4834 100644
+index 7f52404cb..81e3c7920 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
 @@ -9,24 +9,24 @@ description: |-
      startup (the default), add the following line to a file with suffix
      .rules in the directory /etc/audit/rules.d:
      
-a always,exit -F arch=b32 -S lsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b32 -S lsetxattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      If the system is 64 bit then also add the following line:
      
-a always,exit -F arch=b64 -S lsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b64 -S lsetxattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      If the auditd daemon is configured to use the auditctl
      utility to read audit rules during daemon startup, add the following line to
      /etc/audit/audit.rules file:
      
-a always,exit -F arch=b32 -S lsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b32 -S lsetxattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      If the system is 64 bit then also add the following line:
      
-a always,exit -F arch=b64 -S lsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b64 -S lsetxattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
  
-@@ -69,7 +69,7 @@ references:
-     stigid@ol7: OL07-00-030460
-     stigid@ol8: OL08-00-030220
-     stigid@rhel7: RHEL-07-030460
+@@ -73,7 +73,7 @@ references:
+     stigid@ol7: OL07-00-030440
+     stigid@ol8: OL08-00-030200
+     stigid@rhel7: RHEL-07-030440
 -    stigid@rhel8: RHEL-08-030200
 +    stigid@almalinux8: RHEL-08-030200
-     stigid@sle15: SLES-15-030240
+     stigid@sle12: SLES-12-020370
+     stigid@sle15: SLES-15-030190
      stigid@ubuntu2004: UBTU-20-010143
-     vmmsrg: SRG-OS-000458-VMM-001810,SRG-OS-000474-VMM-001940
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
-index f5b0d926..64ef3a12 100644
+index cef263eea..894b6fd73 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
 @@ -10,13 +10,13 @@ description: |-
      program to read audit rules during daemon startup (the default), add the
      following line to a file with suffix .rules in the directory /etc/audit/rules.d:
      
-a always,exit -F arch=b32 -S removexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b32 -S removexattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      


      If the system is 64 bit then also add the following line:
      
-a always,exit -F arch=b64 -S removexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b64 -S removexattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      


@@ -8957,82 +10384,82 @@ index f5b0d926..64ef3a12 100644
      utility to read audit rules during daemon startup, add the following line to
      /etc/audit/audit.rules file:
      
-a always,exit -F arch=b32 -S removexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b32 -S removexattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      


      If the system is 64 bit then also add the following line:
      
-a always,exit -F arch=b64 -S removexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b64 -S removexattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
  
-@@ -74,7 +74,7 @@ references:
-     stigid@ol7: OL07-00-030470
-     stigid@ol8: OL08-00-030210
-     stigid@rhel7: RHEL-07-030470
+@@ -77,7 +77,7 @@ references:
+     stigid@ol7: OL07-00-030440
+     stigid@ol8: OL08-00-030200
+     stigid@rhel7: RHEL-07-030440
 -    stigid@rhel8: RHEL-08-030200
 +    stigid@almalinux8: RHEL-08-030200
-     stigid@sle12: SLES-12-020390
+     stigid@sle12: SLES-12-020370
      stigid@sle15: SLES-15-030190
      stigid@ubuntu2004: UBTU-20-010145
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
-index 5dc13a0a..27f641ed 100644
+index c27328bc2..51b252f5a 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
 @@ -9,24 +9,24 @@ description: |-
      startup (the default), add the following line to a file with suffix
      .rules in the directory /etc/audit/rules.d:
      
-a always,exit -F arch=b32 -S setxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b32 -S setxattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      If the system is 64 bit then also add the following line:
      
-a always,exit -F arch=b64 -S setxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b64 -S setxattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      If the auditd daemon is configured to use the auditctl
      utility to read audit rules during daemon startup, add the following line to
      /etc/audit/audit.rules file:
      
-a always,exit -F arch=b32 -S setxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b32 -S setxattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
      If the system is 64 bit then also add the following line:
      
-a always,exit -F arch=b64 -S setxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod

--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
      
-a always,exit -F arch=b64 -S setxattr -F auid=0 -F key=perm_mod

  {{%- endif %}}
  
-@@ -70,7 +70,7 @@ references:
+@@ -73,7 +73,7 @@ references:
      stigid@ol7: OL07-00-030440
-     stigid@ol8: OL08-00-030270
+     stigid@ol8: OL08-00-030200
      stigid@rhel7: RHEL-07-030440
 -    stigid@rhel8: RHEL-08-030200
 +    stigid@almalinux8: RHEL-08-030200
      stigid@sle12: SLES-12-020370
-     stigid@sle15: SLES-15-030220
+     stigid@sle15: SLES-15-030190
      stigid@ubuntu2004: UBTU-20-010142
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
-index eb29c31f..525f475c 100644
+index acb382faa..dbb52188e 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Any Attempts to Run chacl'
  
-@@ -37,7 +37,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a)
      srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210
      stigid@ol8: OL08-00-030570
@@ -9042,18 +10469,18 @@ index eb29c31f..525f475c 100644
      stigid@sle15: SLES-15-030440
      stigid@ubuntu2004: UBTU-20-010168
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
-index 401f22ff..4d7555c9 100644
+index 7a3a6ffd0..7e5f35e6d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Any Attempts to Run setfacl'
  
-@@ -37,7 +37,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a)
      srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215
      stigid@ol8: OL08-00-030330
@@ -9063,23 +10490,23 @@ index 401f22ff..4d7555c9 100644
      stigid@sle15: SLES-15-030430
      stigid@ubuntu2004: UBTU-20-010167
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
-index 6aa92b44..99d49d4b 100644
+index c43b0ca72..332b09db4 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Any Attempts to Run chcon'
  
-@@ -60,7 +60,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030580
      stigid@ol8: OL08-00-030260
      stigid@rhel7: RHEL-07-030580
@@ -9089,36 +10516,36 @@ index 6aa92b44..99d49d4b 100644
      stigid@sle15: SLES-15-030450
      stigid@ubuntu2004: UBTU-20-010165
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml
-index 02b16e46..cb5b37cb 100644
+index 5b50548cb..2dc2acd59 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle15"] %}}
+-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Record Any Attempts to Run restorecon'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
-index c4a1a692..019ab9a2 100644
+index cc1d64c57..fec22ace0 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Record Any Attempts to Run semanage'
  
@@ -9130,21 +10557,21 @@ index c4a1a692..019ab9a2 100644
 +    stigid@almalinux8: RHEL-08-030313
      vmmsrg: SRG-OS-000463-VMM-001850
  
- ocil: |-
+ {{{ ocil_fix_srg_privileged_command("semanage", "/usr/sbin/", "privileged-unix-update") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml
-index 57f66640..a23e8b47 100644
+index 20b8aeaed..7ed8c5d92 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Record Any Attempts to Run setfiles'
  
@@ -9156,21 +10583,21 @@ index 57f66640..a23e8b47 100644
 +    stigid@almalinux8: RHEL-08-030314
      vmmsrg: SRG-OS-000463-VMM-001850
  
- ocil: |-
+ {{{ ocil_fix_srg_privileged_command("setfiles", "/usr/sbin/", "privileged-unix-update") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
-index a6ce0ee6..c1224c2d 100644
+index a86532dbf..f132b682b 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Record Any Attempts to Run setsebool'
  
@@ -9182,93 +10609,93 @@ index a6ce0ee6..c1224c2d 100644
 +    stigid@almalinux8: RHEL-08-030316
      vmmsrg: SRG-OS-000463-VMM-001850
  
- ocil: |-
+ {{{ ocil_fix_srg_privileged_command("setsebool", "/usr/sbin/", "privileged") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml
-index 00684ec0..2d111f1d 100644
+index ef551f5f4..a9a4e47c4 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml
 @@ -1,11 +1,11 @@
--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Record Any Attempts to Run seunshare'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh
-index 275e61d5..6fe950aa 100644
+index 53e61fb25..e9a0edcde 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  
  # Perform the remediation for the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
-index 3099393b..15487c16 100644
+index 6366b9690..c909a6e98 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
  
  title: 'Ensure auditd Collects File Deletion Events by User'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml
-index 2157ea14..e877083a 100644
+index 814cece2a..4bb22a4d1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml
-@@ -52,7 +52,7 @@ references:
-     stigid@ol7: OL07-00-030880
+@@ -56,7 +56,7 @@ references:
+     stigid@ol7: OL07-00-030910
      stigid@ol8: OL08-00-030361
-     stigid@rhel7: RHEL-07-030880
+     stigid@rhel7: RHEL-07-030910
 -    stigid@rhel8: RHEL-08-030361
 +    stigid@almalinux8: RHEL-08-030361
      stigid@ubuntu2004: UBTU-20-010269
      vmmsrg: SRG-OS-000466-VMM-001870,SRG-OS-000468-VMM-001890
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml
-index 2598ee66..819f26a3 100644
+index c0f71418b..d8ccc0ede 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml
-@@ -52,7 +52,7 @@ references:
-     stigid@ol7: OL07-00-030890
-     stigid@ol8: OL08-00-030362
-     stigid@rhel7: RHEL-07-030890
+@@ -56,7 +56,7 @@ references:
+     stigid@ol7: OL07-00-030910
+     stigid@ol8: OL08-00-030361
+     stigid@rhel7: RHEL-07-030910
 -    stigid@rhel8: RHEL-08-030361
 +    stigid@almalinux8: RHEL-08-030361
      stigid@ubuntu2004: UBTU-20-010270
      vmmsrg: SRG-OS-000466-VMM-001870,SRG-OS-000468-VMM-001890
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml
-index ecb3dfe0..3ab7d061 100644
+index 948a03776..cb9506683 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml
-@@ -49,7 +49,7 @@ references:
-     stigid@ol7: OL07-00-030900
-     stigid@ol8: OL08-00-030363
-     stigid@rhel7: RHEL-07-030900
+@@ -50,7 +50,7 @@ references:
+     stigid@ol7: OL07-00-030910
+     stigid@ol8: OL08-00-030361
+     stigid@rhel7: RHEL-07-030910
 -    stigid@rhel8: RHEL-08-030361
 +    stigid@almalinux8: RHEL-08-030361
      vmmsrg: SRG-OS-000466-VMM-001870,SRG-OS-000468-VMM-001890
  
  {{{ complete_ocil_entry_audit_syscall(syscall="rmdir") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml
-index 8fea9dc4..dab9ce26 100644
+index ff9334155..743156fb6 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-030910
-     stigid@ol8: OL08-00-030364
+     stigid@ol8: OL08-00-030361
      stigid@rhel7: RHEL-07-030910
 -    stigid@rhel8: RHEL-08-030361
 +    stigid@almalinux8: RHEL-08-030361
@@ -9276,20 +10703,20 @@ index 8fea9dc4..dab9ce26 100644
      vmmsrg: SRG-OS-000466-VMM-001870,SRG-OS-000468-VMM-001890
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml
-index 6a5dcb6b..547ec963 100644
+index 49e67e336..78de241a3 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml
-@@ -52,7 +52,7 @@ references:
-     stigid@ol7: OL07-00-030920
-     stigid@ol8: OL08-00-030365
-     stigid@rhel7: RHEL-07-030920
+@@ -56,7 +56,7 @@ references:
+     stigid@ol7: OL07-00-030910
+     stigid@ol8: OL08-00-030361
+     stigid@rhel7: RHEL-07-030910
 -    stigid@rhel8: RHEL-08-030361
 +    stigid@almalinux8: RHEL-08-030361
      stigid@ubuntu2004: UBTU-20-010268
      vmmsrg: SRG-OS-000466-VMM-001870,SRG-OS-000468-VMM-001890
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml
-index d3b01863..2bb5eb1b 100644
+index d3b018633..2bb5eb1b5 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml
 @@ -1,6 +1,6 @@
@@ -9301,7 +10728,7 @@ index d3b01863..2bb5eb1b 100644
  title: 'Record Successful Permission Changes to Files - chmod'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml
-index 241d1d63..f9749a32 100644
+index 241d1d633..f9749a326 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml
 @@ -1,6 +1,6 @@
@@ -9313,7 +10740,7 @@ index 241d1d63..f9749a32 100644
  title: 'Record Successful Ownership Changes to Files - chown'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_creat/rule.yml
-index a1f8f395..173d16fb 100644
+index a1f8f3955..173d16fb6 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_creat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_creat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9325,7 +10752,7 @@ index a1f8f395..173d16fb 100644
  title: 'Record Successful Access Attempts to Files - creat'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml
-index ce7070ed..8fdaba2d 100644
+index ce7070ed8..8fdaba2d5 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml
 @@ -1,6 +1,6 @@
@@ -9337,7 +10764,7 @@ index ce7070ed..8fdaba2d 100644
  title: 'Record Successful Permission Changes to Files - fchmod'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml
-index 4b6cee01..3f60a691 100644
+index 4b6cee018..3f60a6910 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9349,7 +10776,7 @@ index 4b6cee01..3f60a691 100644
  title: 'Record Successful Permission Changes to Files - fchmodat'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml
-index 6bc0b959..71a0383b 100644
+index 6bc0b9595..71a0383b1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml
 @@ -1,6 +1,6 @@
@@ -9361,7 +10788,7 @@ index 6bc0b959..71a0383b 100644
  title: 'Record Successful Ownership Changes to Files - fchown'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml
-index e882a57b..ef4a46a9 100644
+index e882a57be..ef4a46a99 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9373,7 +10800,7 @@ index e882a57b..ef4a46a9 100644
  title: 'Record Successful Ownership Changes to Files - fchownat'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml
-index ee4ff3a8..9aaea3ee 100644
+index ee4ff3a8d..9aaea3ee2 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml
 @@ -1,6 +1,6 @@
@@ -9385,7 +10812,7 @@ index ee4ff3a8..9aaea3ee 100644
  title: 'Record Successful Permission Changes to Files - fremovexattr'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml
-index d40bfdee..8ce3cb3a 100644
+index d40bfdeee..8ce3cb3af 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml
 @@ -1,6 +1,6 @@
@@ -9397,7 +10824,7 @@ index d40bfdee..8ce3cb3a 100644
  title: 'Record Successful Permission Changes to Files - fsetxattr'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_ftruncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_ftruncate/rule.yml
-index 4fe00220..d99a82aa 100644
+index 4fe00220c..d99a82aab 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_ftruncate/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_ftruncate/rule.yml
 @@ -1,6 +1,6 @@
@@ -9409,7 +10836,7 @@ index 4fe00220..d99a82aa 100644
  title: 'Record Successful Access Attempts to Files - ftruncate'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml
-index 90873b10..2e82232c 100644
+index 90873b108..2e82232c8 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml
 @@ -1,6 +1,6 @@
@@ -9421,7 +10848,7 @@ index 90873b10..2e82232c 100644
  title: 'Record Successful Ownership Changes to Files - lchown'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml
-index acbfbc0e..dfdcfbad 100644
+index acbfbc0e0..dfdcfbadf 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml
 @@ -1,6 +1,6 @@
@@ -9433,7 +10860,7 @@ index acbfbc0e..dfdcfbad 100644
  title: 'Record Successful Permission Changes to Files - lremovexattr'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml
-index b669f750..9897c41b 100644
+index b669f750c..9897c41b9 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml
 @@ -1,6 +1,6 @@
@@ -9445,7 +10872,7 @@ index b669f750..9897c41b 100644
  title: 'Record Successful Permission Changes to Files - lsetxattr'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open/rule.yml
-index 9cc9ff86..3de02e18 100644
+index 9cc9ff866..3de02e18f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open/rule.yml
 @@ -1,6 +1,6 @@
@@ -9457,7 +10884,7 @@ index 9cc9ff86..3de02e18 100644
  title: 'Record Successful Access Attempts to Files - open'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at/rule.yml
-index 89a65e14..bc586252 100644
+index 89a65e14e..bc5862526 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at/rule.yml
 @@ -1,6 +1,6 @@
@@ -9469,7 +10896,7 @@ index 89a65e14..bc586252 100644
  title: 'Record Successful Access Attempts to Files - open_by_handle_at'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_creat/rule.yml
-index 38a00312..ad07bfd0 100644
+index 38a00312e..ad07bfd01 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_creat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_creat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9481,7 +10908,7 @@ index 38a00312..ad07bfd0 100644
  title: 'Record Successful Creation Attempts to Files - open_by_handle_at O_CREAT'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
-index 5ed132a5..0352431c 100644
+index 5ed132a52..0352431ce 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -9493,7 +10920,7 @@ index 5ed132a5..0352431c 100644
  title: 'Record Successful Creation Attempts to Files - open_by_handle_at O_TRUNC_WRITE'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_creat/rule.yml
-index bef2d87a..ac4e2ebe 100644
+index bef2d87a1..ac4e2ebeb 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_creat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_creat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9505,7 +10932,7 @@ index bef2d87a..ac4e2ebe 100644
  title: 'Record Successful Creation Attempts to Files - open O_CREAT'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_trunc_write/rule.yml
-index 653e1d8e..d6cf93b7 100644
+index 653e1d8e1..d6cf93b79 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_trunc_write/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_trunc_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -9517,7 +10944,7 @@ index 653e1d8e..d6cf93b7 100644
  title: 'Record Successful Creation Attempts to Files - open O_TRUNC_WRITE'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat/rule.yml
-index 16e9b483..7ede712e 100644
+index 16e9b483f..7ede712e0 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9529,7 +10956,7 @@ index 16e9b483..7ede712e 100644
  title: 'Record Successful Access Attempts to Files - openat'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_creat/rule.yml
-index 75ead44a..1d342e48 100644
+index 75ead44a9..1d342e48f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_creat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_creat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9541,7 +10968,7 @@ index 75ead44a..1d342e48 100644
  title: 'Record Successful Creation Attempts to Files - openat O_CREAT'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_trunc_write/rule.yml
-index 13ff5e23..11279f4b 100644
+index 13ff5e23c..11279f4b1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_trunc_write/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_trunc_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -9553,7 +10980,7 @@ index 13ff5e23..11279f4b 100644
  title: 'Record Successful Creation Attempts to Files - openat O_TRUNC_WRITE'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml
-index 7d7e3ebe..6e115c37 100644
+index 7d7e3ebe8..6e115c377 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml
 @@ -1,6 +1,6 @@
@@ -9565,7 +10992,7 @@ index 7d7e3ebe..6e115c37 100644
  title: 'Record Successful Permission Changes to Files - removexattr'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml
-index 82d103ec..84fa9b87 100644
+index 82d103ece..84fa9b87b 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml
 @@ -1,6 +1,6 @@
@@ -9577,7 +11004,7 @@ index 82d103ec..84fa9b87 100644
  title: 'Record Successful Delete Attempts to Files - rename'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml
-index 1736c971..046a17f3 100644
+index 1736c971c..046a17f30 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9589,7 +11016,7 @@ index 1736c971..046a17f3 100644
  title: 'Record Successful Delete Attempts to Files - renameat'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml
-index 75809f4a..852c7f93 100644
+index 75809f4aa..852c7f93f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml
 @@ -1,6 +1,6 @@
@@ -9601,7 +11028,7 @@ index 75809f4a..852c7f93 100644
  title: 'Record Successful Permission Changes to Files - setxattr'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_truncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_truncate/rule.yml
-index 4d850dc8..c1a49a4f 100644
+index 4d850dc81..c1a49a4f6 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_truncate/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_truncate/rule.yml
 @@ -1,6 +1,6 @@
@@ -9613,7 +11040,7 @@ index 4d850dc8..c1a49a4f 100644
  title: 'Record Successful Access Attempts to Files - truncate'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml
-index 91e8f67b..0c57eabc 100644
+index 91e8f67b6..0c57eabc8 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml
 @@ -1,6 +1,6 @@
@@ -9625,7 +11052,7 @@ index 91e8f67b..0c57eabc 100644
  title: 'Record Successful Delete Attempts to Files - unlink'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml
-index a11b195b..3e87d37f 100644
+index a11b195b1..3e87d37f4 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9637,29 +11064,29 @@ index a11b195b..3e87d37f 100644
  title: 'Record Successful Delete Attempts to Files - unlinkat'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh
-index 853f8fe9..103b83c1 100644
+index 8a48783f6..b846f8113 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  
  # Perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
-index b6aeb8bc..edb084f7 100644
+index f4ad2ed39..feb9fe7f9 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful)'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chmod/rule.yml
-index ddfe1e9d..ec62165d 100644
+index cb0b6500f..0e2bbdceb 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chmod/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chmod/rule.yml
 @@ -1,6 +1,6 @@
@@ -9668,10 +11095,10 @@ index ddfe1e9d..ec62165d 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Permission Changes to Files - chmod'
+ title: 'Record Unsuccessful Permission Changes to Files - chmod'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chown/rule.yml
-index 6ca6e27b..bb624b8f 100644
+index 45fc20288..33b6ec43f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chown/rule.yml
 @@ -1,6 +1,6 @@
@@ -9680,31 +11107,31 @@ index 6ca6e27b..bb624b8f 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Ownership Changes to Files - chown'
+ title: 'Record Unsuccessful Ownership Changes to Files - chown'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
-index 24a4b100..4e38d942 100644
+index 075566988..e1482ee18 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Unsuccessful Access Attempts to Files - creat'
  
-@@ -63,7 +63,7 @@ references:
-     stigid@ol7: OL07-00-030500
-     stigid@ol8: OL08-00-030470
-     stigid@rhel7: RHEL-07-030500
+@@ -66,7 +66,7 @@ references:
+     stigid@ol7: OL07-00-030510
+     stigid@ol8: OL08-00-030420
+     stigid@rhel7: RHEL-07-030510
 -    stigid@rhel8: RHEL-08-030420
 +    stigid@almalinux8: RHEL-08-030420
-     stigid@sle12: SLES-12-020520
-     stigid@sle15: SLES-15-030160
+     stigid@sle12: SLES-12-020490
+     stigid@sle15: SLES-15-030150
      stigid@ubuntu2004: UBTU-20-010158
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmod/rule.yml
-index 1a93b453..170e0027 100644
+index e30a1d2f4..f2ccc6753 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmod/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmod/rule.yml
 @@ -1,6 +1,6 @@
@@ -9713,10 +11140,10 @@ index 1a93b453..170e0027 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Permission Changes to Files - fchmod'
+ title: 'Record Unsuccessful Permission Changes to Files - fchmod'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmodat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmodat/rule.yml
-index dd77cd60..bc79016c 100644
+index e3c7fa19c..2219d6c58 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmodat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmodat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9725,10 +11152,10 @@ index dd77cd60..bc79016c 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Permission Changes to Files - fchmodat'
+ title: 'Record Unsuccessful Permission Changes to Files - fchmodat'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchown/rule.yml
-index 3e5da890..6e55b2a9 100644
+index 59da9d0a5..5cc873c32 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchown/rule.yml
 @@ -1,6 +1,6 @@
@@ -9737,10 +11164,10 @@ index 3e5da890..6e55b2a9 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Ownership Changes to Files - fchown'
+ title: 'Record Unsuccessful Ownership Changes to Files - fchown'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchownat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchownat/rule.yml
-index 76f0e177..016e13c9 100644
+index 0fb28cfa9..804d6b579 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchownat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchownat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9749,10 +11176,10 @@ index 76f0e177..016e13c9 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Ownership Changes to Files - fchownat'
+ title: 'Record Unsuccessful Ownership Changes to Files - fchownat'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fremovexattr/rule.yml
-index a6fbb185..c1455d6c 100644
+index ec572f511..5017d9ede 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fremovexattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fremovexattr/rule.yml
 @@ -1,6 +1,6 @@
@@ -9761,10 +11188,10 @@ index a6fbb185..c1455d6c 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Permission Changes to Files - fremovexattr'
+ title: 'Record Unsuccessful Permission Changes to Files - fremovexattr'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fsetxattr/rule.yml
-index bf1ff867..ac79f42c 100644
+index 66fc4c747..e93444330 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fsetxattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fsetxattr/rule.yml
 @@ -1,6 +1,6 @@
@@ -9773,31 +11200,31 @@ index bf1ff867..ac79f42c 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Permission Changes to Files - fsetxattr'
+ title: 'Record Unsuccessful Permission Changes to Files - fsetxattr'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
-index f9212bbb..7446c16b 100644
+index a12fe0c0a..fda4617a2 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Unsuccessful Access Attempts to Files - ftruncate'
  
-@@ -66,7 +66,7 @@ references:
-     stigid@ol7: OL07-00-030550
-     stigid@ol8: OL08-00-030460
-     stigid@rhel7: RHEL-07-030550
+@@ -69,7 +69,7 @@ references:
+     stigid@ol7: OL07-00-030510
+     stigid@ol8: OL08-00-030420
+     stigid@rhel7: RHEL-07-030510
 -    stigid@rhel8: RHEL-08-030420
 +    stigid@almalinux8: RHEL-08-030420
-     stigid@sle12: SLES-12-020510
-     stigid@sle15: SLES-15-030320
+     stigid@sle12: SLES-12-020490
+     stigid@sle15: SLES-15-030150
      stigid@ubuntu2004: UBTU-20-010157
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lchown/rule.yml
-index 3d42cea2..d6d0f45e 100644
+index 4a5d13bb1..e72b9b22b 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lchown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lchown/rule.yml
 @@ -1,6 +1,6 @@
@@ -9806,10 +11233,10 @@ index 3d42cea2..d6d0f45e 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Ownership Changes to Files - lchown'
+ title: 'Record Unsuccessful Ownership Changes to Files - lchown'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lremovexattr/rule.yml
-index 05c1f7c8..a464da9f 100644
+index 38e0558c0..9f75abf4f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lremovexattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lremovexattr/rule.yml
 @@ -1,6 +1,6 @@
@@ -9818,10 +11245,10 @@ index 05c1f7c8..a464da9f 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Permission Changes to Files - lremovexattr'
+ title: 'Record Unsuccessful Permission Changes to Files - lremovexattr'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lsetxattr/rule.yml
-index e388ec2d..314b64f7 100644
+index b91a2e54b..d5fcca4d9 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lsetxattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lsetxattr/rule.yml
 @@ -1,6 +1,6 @@
@@ -9830,23 +11257,23 @@ index e388ec2d..314b64f7 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Permission Changes to Files - lsetxattr'
+ title: 'Record Unsuccessful Permission Changes to Files - lsetxattr'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
-index d64c2a19..13cf42e0 100644
+index dbcad7da9..8d1d1197f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Unsuccessful Access Attempts to Files - open'
  
-@@ -66,7 +66,7 @@ references:
+@@ -69,7 +69,7 @@ references:
      stigid@ol7: OL07-00-030510
-     stigid@ol8: OL08-00-030440
+     stigid@ol8: OL08-00-030420
      stigid@rhel7: RHEL-07-030510
 -    stigid@rhel8: RHEL-08-030420
 +    stigid@almalinux8: RHEL-08-030420
@@ -9854,37 +11281,37 @@ index d64c2a19..13cf42e0 100644
      stigid@sle15: SLES-15-030150
      stigid@ubuntu2004: UBTU-20-010155
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
-index 937aa74c..dd23cc56 100644
+index 34f9b308f..131df9ba3 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Unsuccessful Access Attempts to Files - open_by_handle_at'
  
-@@ -60,7 +60,7 @@ references:
-     stigid@ol7: OL07-00-030530
-     stigid@ol8: OL08-00-030450
-     stigid@rhel7: RHEL-07-030530
+@@ -61,7 +61,7 @@ references:
+     stigid@ol7: OL07-00-030510
+     stigid@ol8: OL08-00-030420
+     stigid@rhel7: RHEL-07-030510
 -    stigid@rhel8: RHEL-08-030420
 +    stigid@almalinux8: RHEL-08-030420
-     stigid@sle12: SLES-12-020540
-     stigid@sle15: SLES-15-030180
+     stigid@sle12: SLES-12-020490
+     stigid@sle15: SLES-15-030150
      stigid@ubuntu2004: UBTU-20-010160
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh
-index b3a9d84a..f9d579a9 100644
+index c1352ae38..31de43746 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh
 @@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml
-index dbca575d..f00a0ff9 100644
+index 29cc51e5e..66a88468f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9896,16 +11323,16 @@ index dbca575d..f00a0ff9 100644
  title: 'Record Unsuccessful Creation Attempts to Files - open_by_handle_at O_CREAT'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh
-index b3a9d84a..f9d579a9 100644
+index c1352ae38..31de43746 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh
 @@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
-index b3a06000..462ad0a1 100644
+index 1139d3d4c..12b5f9c15 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -9917,7 +11344,7 @@ index b3a06000..462ad0a1 100644
  title: 'Record Unsuccessful Modification Attempts to Files - open_by_handle_at O_TRUNC_WRITE'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh
-index c944fb9e..b506644a 100644
+index c944fb9e6..b506644af 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh
 @@ -1,3 +1,3 @@
@@ -9926,7 +11353,7 @@ index c944fb9e..b506644a 100644
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml
-index 650f5b6d..7104f6cd 100644
+index f6778ff2e..39a7315aa 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml
 @@ -1,6 +1,6 @@
@@ -9938,7 +11365,7 @@ index 650f5b6d..7104f6cd 100644
  title: 'Ensure auditd Unauthorized Access Attempts To open_by_handle_at Are Ordered Correctly'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh
-index c1352ae3..31de4374 100644
+index c1352ae38..31de43746 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh
 @@ -1,3 +1,3 @@
@@ -9947,7 +11374,7 @@ index c1352ae3..31de4374 100644
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml
-index e0d4117e..222d70c8 100644
+index fc832a32d..2b4a41076 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml
 @@ -1,6 +1,6 @@
@@ -9959,7 +11386,7 @@ index e0d4117e..222d70c8 100644
  title: 'Record Unsuccessful Creation Attempts to Files - open O_CREAT'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh
-index c1352ae3..31de4374 100644
+index c1352ae38..31de43746 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh
 @@ -1,3 +1,3 @@
@@ -9968,7 +11395,7 @@ index c1352ae3..31de4374 100644
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml
-index 1cc53b18..2d82f928 100644
+index 77c90c55b..25300be01 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -9980,7 +11407,7 @@ index 1cc53b18..2d82f928 100644
  title: 'Record Unsuccessful Modification Attempts to Files - open O_TRUNC_WRITE'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh
-index c944fb9e..b506644a 100644
+index c944fb9e6..b506644af 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh
 @@ -1,3 +1,3 @@
@@ -9989,7 +11416,7 @@ index c944fb9e..b506644a 100644
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml
-index 34e5d448..7d6ab8dc 100644
+index 1cf66b9e1..c695c8733 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml
 @@ -1,6 +1,6 @@
@@ -10001,28 +11428,28 @@ index 34e5d448..7d6ab8dc 100644
  title: 'Ensure auditd Rules For Unauthorized Attempts To open Are Ordered Correctly'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
-index 15fd7fec..172d1285 100644
+index eb740982f..ec1c4035f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Unsuccessful Access Attempts to Files - openat'
  
-@@ -66,7 +66,7 @@ references:
-     stigid@ol7: OL07-00-030520
-     stigid@ol8: OL08-00-030430
-     stigid@rhel7: RHEL-07-030520
+@@ -69,7 +69,7 @@ references:
+     stigid@ol7: OL07-00-030510
+     stigid@ol8: OL08-00-030420
+     stigid@rhel7: RHEL-07-030510
 -    stigid@rhel8: RHEL-08-030420
 +    stigid@almalinux8: RHEL-08-030420
-     stigid@sle12: SLES-12-020530
-     stigid@sle15: SLES-15-030170
+     stigid@sle12: SLES-12-020490
+     stigid@sle15: SLES-15-030150
      stigid@ubuntu2004: UBTU-20-010159
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh
-index c1352ae3..31de4374 100644
+index c1352ae38..31de43746 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh
 @@ -1,3 +1,3 @@
@@ -10031,7 +11458,7 @@ index c1352ae3..31de4374 100644
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml
-index b66f7225..e6c6c787 100644
+index e699454e5..abd30b697 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml
 @@ -1,6 +1,6 @@
@@ -10043,7 +11470,7 @@ index b66f7225..e6c6c787 100644
  title: 'Record Unsuccessful Creation Attempts to Files - openat O_CREAT'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh
-index c1352ae3..31de4374 100644
+index c1352ae38..31de43746 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh
 @@ -1,3 +1,3 @@
@@ -10052,7 +11479,7 @@ index c1352ae3..31de4374 100644
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml
-index bf575128..4081e603 100644
+index b9aa00b65..24ed7123c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -10064,7 +11491,7 @@ index bf575128..4081e603 100644
  title: 'Record Unsuccessful Modification Attempts to Files - openat O_TRUNC_WRITE'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh
-index c944fb9e..b506644a 100644
+index c944fb9e6..b506644af 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh
 @@ -1,3 +1,3 @@
@@ -10073,7 +11500,7 @@ index c944fb9e..b506644a 100644
  
  {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml
-index 4a09bc68..40f06aae 100644
+index 46851bf6a..45f7b4ef1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml
 @@ -1,6 +1,6 @@
@@ -10085,7 +11512,7 @@ index 4a09bc68..40f06aae 100644
  title: 'Ensure auditd Rules For Unauthorized Attempts To openat Are Ordered Correctly'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_removexattr/rule.yml
-index b16b964d..f5d1c1ea 100644
+index 73941532d..97bb35cd8 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_removexattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_removexattr/rule.yml
 @@ -1,6 +1,6 @@
@@ -10094,34 +11521,34 @@ index b16b964d..f5d1c1ea 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Permission Changes to Files - removexattr'
+ title: 'Record Unsuccessful Permission Changes to Files - removexattr'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml
-index ae390fc9..bc2c87f4 100644
+index e99c78599..ff1bf926b 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
- title: 'Record Unsuccessul Delete Attempts to Files - rename'
+ title: 'Record Unsuccessful Delete Attempts to Files - rename'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml
-index b26847c4..95aed62a 100644
+index 94091c132..fec7ba65c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
- title: 'Record Unsuccessul Delete Attempts to Files - renameat'
+ title: 'Record Unsuccessful Delete Attempts to Files - renameat'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_setxattr/rule.yml
-index a45d0cda..69fc6720 100644
+index 3b6ce3839..cb900ac4d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_setxattr/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_setxattr/rule.yml
 @@ -1,6 +1,6 @@
@@ -10130,55 +11557,55 @@ index a45d0cda..69fc6720 100644
 -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Record Unsuccessul Permission Changes to Files - setxattr'
+ title: 'Record Unsuccessful Permission Changes to Files - setxattr'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
-index 3c6a1b12..8ca0eeae 100644
+index 043d5f70b..677d0971e 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Unsuccessful Access Attempts to Files - truncate'
  
-@@ -65,7 +65,7 @@ references:
-     stigid@ol7: OL07-00-030540
+@@ -68,7 +68,7 @@ references:
+     stigid@ol7: OL07-00-030510
      stigid@ol8: OL08-00-030420
-     stigid@rhel7: RHEL-07-030540
+     stigid@rhel7: RHEL-07-030510
 -    stigid@rhel8: RHEL-08-030420
 +    stigid@almalinux8: RHEL-08-030420
-     stigid@sle12: SLES-12-020500
-     stigid@sle15: SLES-15-030610
+     stigid@sle12: SLES-12-020490
+     stigid@sle15: SLES-15-030150
      stigid@ubuntu2004: UBTU-20-010156
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml
-index 327bf51e..b2018008 100644
+index 96906848c..257a8a2ca 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
- title: 'Record Unsuccessul Delete Attempts to Files - unlink'
+ title: 'Record Unsuccessful Delete Attempts to Files - unlink'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml
-index ae5f119a..13f0356d 100644
+index cc76dfeec..b1e23b086 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
- title: 'Record Unsuccessul Delete Attempts to Files - unlinkat'
+ title: 'Record Unsuccessful Delete Attempts to Files - unlinkat'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml
-index 905c14fe..fb7f6cff 100644
+index 5c616a0dd..a498e4795 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -10188,19 +11615,30 @@ index 905c14fe..fb7f6cff 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
-index c3d70a84..cbea82ed 100644
+index 0cf4bd984..4d258bd41 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading'
  
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml
+index bdf3015c4..658327033 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml
-index f5469c0e..6caf0ab7 100644
+index 423f67054..af9b30c74 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -10210,7 +11648,7 @@ index f5469c0e..6caf0ab7 100644
  # complexity = low
  # disruption = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml
-index 51a61028..71df13a4 100644
+index 51a610284..71df13a42 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -10221,18 +11659,18 @@ index 51a61028..71df13a4 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
-index d55bf54d..f23ea207 100644
+index e71d5bd44..81985b3e0 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on Kernel Module Unloading - delete_module'
  
-@@ -54,7 +54,7 @@ references:
+@@ -62,7 +62,7 @@ references:
      stigid@ol7: OL07-00-030830
      stigid@ol8: OL08-00-030390
      stigid@rhel7: RHEL-07-030830
@@ -10241,8 +11679,19 @@ index d55bf54d..f23ea207 100644
      stigid@sle12: SLES-12-020730
      stigid@sle15: SLES-15-030520
      stigid@ubuntu2004: UBTU-20-010302
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/tests/missing_auid_filter.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/tests/missing_auid_filter.fail.sh
+index ebf2a9cab..288d4f0ee 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/tests/missing_auid_filter.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/tests/missing_auid_filter.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # packages = audit
+ 
+ rm -f /etc/audit/rules.d/*
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml
-index 2e0780af..2ecb0742 100644
+index 586ba8187..731d773ec 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -10252,7 +11701,7 @@ index 2e0780af..2ecb0742 100644
  # complexity = low
  # disruption = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml
-index 90d7d43d..818c3cad 100644
+index 90d7d43d5..818c3cade 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -10263,28 +11712,39 @@ index 90d7d43d..818c3cad 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
-index 410c103a..50a2090d 100644
+index fa08613fe..67e8c2c11 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module'
  
-@@ -51,7 +51,7 @@ references:
-     stigid@ol7: OL07-00-030821
-     stigid@ol8: OL08-00-030380
-     stigid@rhel7: RHEL-07-030821
+@@ -59,7 +59,7 @@ references:
+     stigid@ol7: OL07-00-030820
+     stigid@ol8: OL08-00-030360
+     stigid@rhel7: RHEL-07-030820
 -    stigid@rhel8: RHEL-08-030360
 +    stigid@almalinux8: RHEL-08-030360
      stigid@sle12: SLES-12-020740
      stigid@sle15: SLES-15-030530
      stigid@ubuntu2004: UBTU-20-010180
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/tests/missing_auid_filter.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/tests/missing_auid_filter.fail.sh
+index deb2217de..3db9d374e 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/tests/missing_auid_filter.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/tests/missing_auid_filter.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # packages = audit
+ 
+ rm -f /etc/audit/rules.d/*
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml
-index 6f6bd182..d20223bf 100644
+index 8765a6a7a..1dcb1e8e4 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -10294,7 +11754,7 @@ index 6f6bd182..d20223bf 100644
  # complexity = low
  # disruption = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml
-index 2fb9a7ff..7cef862d 100644
+index 2fb9a7ff5..7cef862dc 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -10305,28 +11765,39 @@ index 2fb9a7ff..7cef862d 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
-index c7d78888..0ab729e7 100644
+index 76c509df2..3e3095de1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on Kernel Module Loading - init_module'
  
-@@ -53,7 +53,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      stigid@ol7: OL07-00-030820
      stigid@ol8: OL08-00-030360
      stigid@rhel7: RHEL-07-030820
 -    stigid@rhel8: RHEL-08-030360
 +    stigid@almalinux8: RHEL-08-030360
-     stigid@sle12: SLES-12-020750
-     stigid@sle15: SLES-15-030540
+     stigid@sle12: SLES-12-020740
+     stigid@sle15: SLES-15-030530
      stigid@ubuntu2004: UBTU-20-010179
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/tests/missing_auid_filter.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/tests/missing_auid_filter.fail.sh
+index 7570ed06f..e9ff26fab 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/tests/missing_auid_filter.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/tests/missing_auid_filter.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # packages = audit
+ 
+ rm -f /etc/audit/rules.d/*
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh
-index 13991cd7..77a89efb 100644
+index d58a5ee62..c6d928bbd 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -10336,42 +11807,64 @@ index 13991cd7..77a89efb 100644
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
-index 858affea..0027d79a 100644
+index 52196f41a..0f662a980 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Record Attempts to Alter Logon and Logout Events'
  
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/tests/rules_without_keys.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/tests/rules_without_keys.pass.sh
+index 9c69bc099..d133b31d9 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/tests/rules_without_keys.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/tests/rules_without_keys.pass.sh
+@@ -2,7 +2,7 @@
+ # packages = audit
+ # remediation = bash
+ 
+-{{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++{{% if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
+ {{% set faillock_path="/var/log/faillock" %}}
+ {{% else %}}
+ {{% set faillock_path="/var/run/faillock" %}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
-index 6a8fa7cb..7d3cc6c9 100644
+index 2fa41de54..a571d79b4 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Record Attempts to Alter Logon and Logout Events - faillock'
  
+@@ -56,7 +56,7 @@ references:
+     stigid@ol7: OL07-00-030610
+     stigid@ol8: OL08-00-030590
+     stigid@rhel7: RHEL-07-030610
+-    stigid@rhel8: RHEL-08-030590
++    stigid@almalinux8: RHEL-08-030590
+     vmmsrg: SRG-OS-000473-VMM-001930,SRG-OS-000470-VMM-001900
+ 
+ ocil_clause: 'the command does not return a line, or the line is commented out'
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
-index cfd5fd79..20a33dde 100644
+index c5723981d..345fafea1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Attempts to Alter Logon and Logout Events - lastlog'
  
-@@ -54,7 +54,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-030620
      stigid@ol8: OL08-00-030600
      stigid@rhel7: RHEL-07-030620
@@ -10381,19 +11874,19 @@ index cfd5fd79..20a33dde 100644
      stigid@sle15: SLES-15-030480
      stigid@ubuntu2004: UBTU-20-010171
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
-index ff8a7b24..cfd75f28 100644
+index e41c80469..767d93a8f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Attempts to Alter Logon and Logout Events - tallylog'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml
-index 68c8497c..83094aae 100644
+index 15380184a..29ef1af23 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -10403,228 +11896,240 @@ index 68c8497c..83094aae 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/bash/shared.sh
-index 727868f8..76cc889b 100644
+index 3d7bcfa88..1df0dff7a 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_perform_audit_rules_privileged_commands_remediation("auditctl", auid) }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh
-index 7e15005a..59b04990 100644
+index e063fe444..edaaead85 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh
-index fd97dc6e..78add9a6 100644
+index 9f901bc48..e77afffaf 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh
-@@ -1,6 +1,6 @@
+@@ -1,7 +1,7 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  ./generate_privileged_commands_rule.sh 1000 privileged /etc/audit/audit.rules
  sed -i '/newgrp/d' /etc/audit/audit.rules
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh
-index 3f534d4d..209478b1 100644
+index d6e108811..345269aa8 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh
-@@ -1,6 +1,6 @@
+@@ -1,7 +1,7 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  echo "-a always,exit -F path=/usr/bin/sudo -F auid>=1000 -F auid!=unset -k privileged" >> /etc/audit/audit.rules
  sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh
-index 11463a77..cc44abea 100644
+index 4c141ff93..d23a56f5d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh
-@@ -1,6 +1,6 @@
+@@ -1,7 +1,7 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  ./generate_privileged_commands_rule.sh 1000 privileged /etc/audit/audit.rules
  sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_with_perm_x.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_with_perm_x.fail.sh
-index 0ba1cfb2..77a72fb3 100644
+index ece818b96..bad106bce 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_with_perm_x.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_with_perm_x.fail.sh
-@@ -1,6 +1,6 @@
+@@ -1,7 +1,7 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  ./generate_privileged_commands_rule.sh 1000 privileged /etc/audit/audit.rules
  sed -i -E 's/^(.*path=[[:graph:]]+ )(.*$)/\1-F perm=x \2/' /etc/audit/audit.rules
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh
-index 8293c08f..03770257 100644
+index 1c429afbb..5e5794849 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  # augenrules is default for rhel7
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh
-index c8017b46..576f0d55 100644
+index f64e0d6a2..29e821c7f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh
-@@ -1,7 +1,7 @@
- #!/bin/bash
+@@ -2,7 +2,7 @@
+ # packages = audit
  # Remediation for this rule cannot remove the duplicates
  # remediation = none
--# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
- mkdir -p /etc/audit/rules.d
  ./generate_privileged_commands_rule.sh 1000 privileged /tmp/privileged.rules
+ 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
-index 83b00b1e..56866ef9 100644
+index 1776a4d98..ba97f9521 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
-@@ -1,6 +1,6 @@
+@@ -1,7 +1,7 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
- mkdir -p /etc/audit/rules.d
  ./generate_privileged_commands_rule.sh 1000 privileged /etc/audit/rules.d/privileged.rules
+  sed -i '/newgrp/d' /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh
-index ff78e3de..192f8919 100644
+index 8b0d6cef5..29a608404 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
- mkdir -p /etc/audit/rules.d
  echo "-a always,exit -F path=/usr/bin/sudo -F auid>=1000 -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh
-index ff080377..1743b072 100644
+index 6903132be..10e81b369 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
- mkdir -p /etc/audit/rules.d
  ./generate_privileged_commands_rule.sh 1000 privileged /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh
-index 694bc049..92b92961 100644
+index 320492d74..84478668d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh
-@@ -1,6 +1,6 @@
+@@ -1,7 +1,7 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
- mkdir -p /etc/audit/rules.d
  ./generate_privileged_commands_rule.sh 1000 privileged /etc/audit/rules.d/privileged.rules
+ # change key of rules for binaries in /usr/sbin
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_with_perm_x.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_with_perm_x.fail.sh
-index 473d8a0b..2374ffeb 100644
+index 2093fd716..6c67b6791 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_with_perm_x.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_with_perm_x.fail.sh
-@@ -1,6 +1,6 @@
+@@ -1,7 +1,7 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
- mkdir -p /etc/audit/rules.d
  ./generate_privileged_commands_rule.sh 1000 privileged /etc/audit/rules.d/privileged.rules
+ sed -i -E 's/^(.*path=[[:graph:]]+ )(.*$)/\1-F perm=x \2/' /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh
-index 8c7f0479..289aaae3 100644
+index 28e5fecf9..4fddc3ccb 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh
-@@ -1,6 +1,6 @@
+@@ -1,7 +1,7 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
- mkdir -p /etc/audit/rules.d
  echo "-a always,exit -F path=/usr/bin/newgrp -F auid>=1000 -F auid!=unset -k privileged" >> /etc/audit/rules.d/privileged.rules
+ echo "-a always,exit -F path=/usr/bin/passwd -F auid>=1000 -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh
-index b7258fe0..beecff6e 100644
+index 18a8e7b5a..0679d1f7b 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh
-@@ -1,6 +1,6 @@
+@@ -1,7 +1,7 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
- mkdir -p /etc/audit/rules.d
  echo "-a always,exit -F path=/usr/bin/newgrp -F auid>=1000 -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/priv.rules
+ echo "-a always,exit -F path=/usr/bin/passwd -F auid>=1000 -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh
-index 3a947ea1..8471b399 100644
+index 3ad8f1f60..b82e9cc08 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
+ # packages = audit
  # remediation = bash
--# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Fedora,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
++# platform = Fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  ./generate_privileged_commands_rule.sh 1000 own_key /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml
-index 453b64fe..8da9508a 100644
+index 8c8048e51..ffc61d925 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "ubuntu2004"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "ubuntu2004"] %}}
+-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - at'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
-index 1ba98b84..182eb072 100644
+index 42fbf78be..3d0d32d0d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - chage'
  
-@@ -59,7 +59,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-030660
      stigid@ol8: OL08-00-030250
      stigid@rhel7: RHEL-07-030660
@@ -10634,23 +12139,23 @@ index 1ba98b84..182eb072 100644
      stigid@sle15: SLES-15-030120
      stigid@ubuntu2004: UBTU-20-010175
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
-index b2573957..2be5e675 100644
+index 8b16dfa54..61ace82d7 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - chsh'
  
-@@ -59,7 +59,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-030720
      stigid@ol8: OL08-00-030410
      stigid@rhel7: RHEL-07-030720
@@ -10660,23 +12165,23 @@ index b2573957..2be5e675 100644
      stigid@sle15: SLES-15-030100
      stigid@ubuntu2004: UBTU-20-010163
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
-index 48fad244..4b2ac61a 100644
+index ef97a5a77..63cb51dee 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - crontab'
  
-@@ -58,7 +58,7 @@ references:
+@@ -59,7 +59,7 @@ references:
      stigid@ol7: OL07-00-030800
      stigid@ol8: OL08-00-030400
      stigid@rhel7: RHEL-07-030800
@@ -10686,23 +12191,23 @@ index 48fad244..4b2ac61a 100644
      stigid@sle15: SLES-15-030130
      stigid@ubuntu2004: UBTU-20-010177
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
-index a0922716..4e766e4a 100644
+index a3f444ba8..c1813331b 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - gpasswd'
  
-@@ -60,7 +60,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      stigid@ol7: OL07-00-030650
      stigid@ol8: OL08-00-030370
      stigid@rhel7: RHEL-07-030650
@@ -10712,7 +12217,7 @@ index a0922716..4e766e4a 100644
      stigid@sle15: SLES-15-030080
      stigid@ubuntu2004: UBTU-20-010174
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml
-index 5baa999e..cb49a4d7 100644
+index 5baa999e7..cb49a4d71 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -10722,45 +12227,45 @@ index 5baa999e..cb49a4d7 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh
-index f9cbf11b..02cfce0d 100644
+index 29bfc7be7..d0910b1c6 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/insmod", "x", "modules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
-index f5ec9ecf..af2fa414 100644
+index d30ab819a..1a2076a32 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
 @@ -1,4 +1,4 @@
--{{%- if product in ["rhel8"] %}}
-+{{%- if product in ["rhel8", "almalinux8"] %}}
+-{{%- if product in ["ol7", "rhel7", "rhel8", "rhel9"] %}}
++{{%- if product in ["ol7", "rhel7", "rhel8", "almalinux8", "rhel9"] %}}
      {{%- set kmod_audit="-a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged" %}}
- {{%- elif product in ["ubuntu2004"] %}}
+ {{%- elif product in ["ubuntu2004", "ubuntu2204"] %}}
      {{%- set kmod_audit="-w /bin/kmod -p x -k modules" %}}
 @@ -8,7 +8,7 @@
  
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - kmod'
  
-@@ -46,7 +46,7 @@ references:
-     nist: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv)AU-12(c),MA-4(1)(a)
-     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222
+@@ -49,7 +49,7 @@ references:
+     stigid@ol7: OL07-00-030840
      stigid@ol8: OL08-00-030580
+     stigid@rhel7: RHEL-07-030840
 -    stigid@rhel8: RHEL-08-030580
 +    stigid@almalinux8: RHEL-08-030580
      stigid@sle12: SLES-12-020360
      stigid@sle15: SLES-15-030410
      stigid@ubuntu2004: UBTU-20-010297
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml
-index 8f61ee32..07ddf429 100644
+index 8f61ee32a..07ddf4291 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -10770,7 +12275,7 @@ index 8f61ee32..07ddf429 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh
-index ed9771d0..665d2cc0 100644
+index ed9771d0d..665d2cc0f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -10780,23 +12285,23 @@ index ed9771d0..665d2cc0 100644
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/modprobe", "x", "modules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml
-index c8a729bc..82141829 100644
+index b9b07a651..98dc04647 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - mount'
  
-@@ -50,7 +50,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      stigid@ol7: OL07-00-030740
      stigid@ol8: OL08-00-030300
      stigid@rhel7: RHEL-07-030740
@@ -10806,40 +12311,40 @@ index c8a729bc..82141829 100644
      stigid@ubuntu2004: UBTU-20-010138
      vmmsrg: SRG-OS-000471-VMM-001910
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml
-index e57cd67d..da2919b3 100644
+index 7b74b66e0..d0ed73ece 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "ubuntu2004"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "ubuntu2004"] %}}
+-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newgidmap'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
-index 72a54c6b..3fddf556 100644
+index b25bd8fcc..05aa62a9f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newgrp'
  
-@@ -60,7 +60,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      stigid@ol7: OL07-00-030710
      stigid@ol8: OL08-00-030350
      stigid@rhel7: RHEL-07-030710
@@ -10849,43 +12354,42 @@ index 72a54c6b..3fddf556 100644
      stigid@sle15: SLES-15-030090
      stigid@ubuntu2004: UBTU-20-010164
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml
-index c66e67d1..831f1655 100644
+index 58c4f297a..df60ceafc 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "ubuntu2004"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "ubuntu2004"] %}}
+-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newuidmap'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
-index 6d161b5d..7e65a6d5 100644
+index 9e02c8012..622e1189a 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
-@@ -1,5 +1,5 @@
- 
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+@@ -1,4 +1,4 @@
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
-@@ -11,7 +11,7 @@
+@@ -10,7 +10,7 @@
  
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - pam_timestamp_check'
  
-@@ -66,7 +66,7 @@ references:
+@@ -65,7 +65,7 @@ references:
      stigid@ol7: OL07-00-030810
      stigid@ol8: OL08-00-030340
      stigid@rhel7: RHEL-07-030810
@@ -10895,19 +12399,19 @@ index 6d161b5d..7e65a6d5 100644
      stigid@sle15: SLES-15-030510
      stigid@ubuntu2004: UBTU-20-010178
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
-index 586efb3e..cc26d446 100644
+index 57b222a83..c98ad2219 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - passwd'
  
@@ -10921,23 +12425,23 @@ index 586efb3e..cc26d446 100644
      stigid@sle15: SLES-15-030070
      stigid@ubuntu2004: UBTU-20-010172
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
-index c5cd8408..b2b5d4cf 100644
+index efcd8ecbf..0f2d3d17a 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - postdrop'
  
-@@ -57,7 +57,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-030760
      stigid@ol8: OL08-00-030311
      stigid@rhel7: RHEL-07-030760
@@ -10945,25 +12449,25 @@ index c5cd8408..b2b5d4cf 100644
 +    stigid@almalinux8: RHEL-08-030311
      vmmsrg: SRG-OS-000471-VMM-001910
  
- ocil_clause: 'it is not the case'
+ {{{ ocil_fix_srg_privileged_command("postdrop") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
-index 4a15cd91..1d268284 100644
+index 183447d37..1a3e9c91d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - postqueue'
  
-@@ -57,7 +57,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-030770
      stigid@ol8: OL08-00-030312
      stigid@rhel7: RHEL-07-030770
@@ -10971,26 +12475,26 @@ index 4a15cd91..1d268284 100644
 +    stigid@almalinux8: RHEL-08-030312
      vmmsrg: SRG-OS-000471-VMM-001910
  
- ocil_clause: 'it is not the case'
+ {{{ ocil_fix_srg_privileged_command("postqueue") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml
-index 0b4bb3cc..37995c62 100644
+index dbd96c253..c4b98f27c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - pt_chown'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml
-index f3c3324e..d5545d32 100644
+index f3c3324e2..d5545d32c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -11000,28 +12504,28 @@ index f3c3324e..d5545d32 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh
-index cab3cb16..d895a1d3 100644
+index bf0a58b43..0b13f7c0d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/rmmod", "x", "modules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml
-index 8cdfca3d..72b0ee78 100644
+index e1d848144..e38115cab 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Any Attempts to Run ssh-agent'
  
-@@ -39,7 +39,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist@sle12: AU-3,AU-3.1,AU-12(a),AU-12(c),AU-12.1(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a)
      srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215
      stigid@ol8: OL08-00-030280
@@ -11031,12 +12535,12 @@ index 8cdfca3d..72b0ee78 100644
      stigid@sle15: SLES-15-030370
      stigid@ubuntu2004: UBTU-20-010140
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
-index 96fd5e95..914f7b0d 100644
+index 45c313ae0..8976cdc63 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
 @@ -1,4 +1,4 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
@@ -11044,12 +12548,12 @@ index 96fd5e95..914f7b0d 100644
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - ssh-keysign'
  
-@@ -65,7 +65,7 @@ references:
+@@ -66,7 +66,7 @@ references:
      stigid@ol7: OL07-00-030780
      stigid@ol8: OL08-00-030320
      stigid@rhel7: RHEL-07-030780
@@ -11059,23 +12563,23 @@ index 96fd5e95..914f7b0d 100644
      stigid@sle15: SLES-15-030060
      stigid@ubuntu2004: UBTU-20-010141
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
-index cd83c4ed..659233c3 100644
+index f0e518047..4340c063e 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - su'
  
-@@ -59,7 +59,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-030680
      stigid@ol8: OL08-00-030190
      stigid@rhel7: RHEL-07-030680
@@ -11085,23 +12589,23 @@ index cd83c4ed..659233c3 100644
      stigid@sle15: SLES-15-030550
      stigid@ubuntu2004: UBTU-20-010136
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
-index a3bac816..0da31642 100644
+index 867878942..cffeeed50 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - sudo'
  
-@@ -60,7 +60,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      stigid@ol7: OL07-00-030690
      stigid@ol8: OL08-00-030550
      stigid@rhel7: RHEL-07-030690
@@ -11111,40 +12615,40 @@ index a3bac816..0da31642 100644
      stigid@sle15: SLES-15-030560
      stigid@ubuntu2004: UBTU-20-010161
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
-index a401027e..15a7c2cb 100644
+index 3d3dd8a5a..6bc830943 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle15", "ubuntu2004"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle15", "ubuntu2004"] %}}
+-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - sudoedit'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
-index 5fa4a273..f649ffb2 100644
+index 5c4d045a2..9edc02f6d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - umount'
  
-@@ -58,7 +58,7 @@ references:
+@@ -59,7 +59,7 @@ references:
      stigid@ol7: OL07-00-030750
      stigid@ol8: OL08-00-030301
      stigid@rhel7: RHEL-07-030750
@@ -11154,23 +12658,23 @@ index 5fa4a273..f649ffb2 100644
      stigid@ubuntu2004: UBTU-20-010139
      vmmsrg: SRG-OS-000471-VMM-001910
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
-index 15fe5052..aa270bad 100644
+index 8b5bab8ed..8daef0a43 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - unix_chkpwd'
  
-@@ -60,7 +60,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      stigid@ol7: OL07-00-030640
      stigid@ol8: OL08-00-030317
      stigid@rhel7: RHEL-07-030640
@@ -11180,40 +12684,40 @@ index 15fe5052..aa270bad 100644
      stigid@sle15: SLES-15-030110
      vmmsrg: SRG-OS-000471-VMM-001910
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml
-index 64a4c85e..7ea9b814 100644
+index 6ad48696d..2d326071c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9,ubuntu2004
-+prodtype: ol8,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - unix_update'
  
 @@ -38,7 +38,7 @@ references:
-     disa: CCI-000169,CCI-000172
+     disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884
      srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215
      stigid@ol8: OL08-00-030310
 -    stigid@rhel8: RHEL-08-030310
 +    stigid@almalinux8: RHEL-08-030310
      stigid@ubuntu2004: UBTU-20-010173
  
- ocil_clause: 'it is not the case'
+ {{{ ocil_fix_srg_privileged_command("unix_update") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
-index 448d36c4..b085b827 100644
+index 5ce90cbe6..c3f15a697 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - userhelper'
  
@@ -11225,20 +12729,20 @@ index 448d36c4..b085b827 100644
 +    stigid@almalinux8: RHEL-08-030315
      vmmsrg: SRG-OS-000471-VMM-001910
  
- ocil_clause: 'it is not the case'
+ {{{ ocil_fix_srg_privileged_command("userhelper") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
-index 8cd21a5c..853577b8 100644
+index eff534c34..2aa7f9839 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - usermod'
  
-@@ -41,7 +41,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist@sle12: AU-3,AU-12(a),AU-12(c),MA-4(1)(a)
      srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210
      stigid@ol8: OL08-00-030560
@@ -11248,24 +12752,24 @@ index 8cd21a5c..853577b8 100644
      stigid@sle15: SLES-15-030500
      stigid@ubuntu2004: UBTU-20-010176
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml
-index 88fc3a7c..1159b2eb 100644
+index 4909928c6..d8006225c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml
 @@ -1,10 +1,10 @@
--{{%- if product in ["rhel8", "rhel9"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}}
+-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
++{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
    {{%- set perm_x="-F perm=x " %}}
  {{%- endif %}}
  
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Ensure auditd Collects Information on the Use of Privileged Commands - usernetctl'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml
-index 4fd5bef0..30e9c339 100644
+index 4fd5bef0f..30e9c3398 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml
 @@ -1,6 +1,6 @@
@@ -11277,7 +12781,7 @@ index 4fd5bef0..30e9c339 100644
  title: 'Record Events that Modify User/Group Information via open syscall - /etc/group'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml
-index 79dc227e..d97d3a1e 100644
+index 79dc227e0..d97d3a1ec 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml
 @@ -1,6 +1,6 @@
@@ -11289,7 +12793,7 @@ index 79dc227e..d97d3a1e 100644
  title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/group'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml
-index e1221d1a..d4b05056 100644
+index e1221d1ae..d4b050568 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml
 @@ -1,6 +1,6 @@
@@ -11301,7 +12805,7 @@ index e1221d1a..d4b05056 100644
  title: 'Record Events that Modify User/Group Information via openat syscall - /etc/group'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml
-index 84d77e89..969bb5e4 100644
+index 84d77e89c..969bb5e4f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml
 @@ -1,6 +1,6 @@
@@ -11313,7 +12817,7 @@ index 84d77e89..969bb5e4 100644
  title: 'Record Events that Modify User/Group Information via open syscall - /etc/gshadow'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml
-index 3c8971e4..91444872 100644
+index 3c8971e4c..914448724 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml
 @@ -1,6 +1,6 @@
@@ -11325,7 +12829,7 @@ index 3c8971e4..91444872 100644
  title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/gshadow'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml
-index 6ee8ef91..7b7abadc 100644
+index 6ee8ef91c..7b7abadc7 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml
 @@ -1,6 +1,6 @@
@@ -11337,7 +12841,7 @@ index 6ee8ef91..7b7abadc 100644
  title: 'Record Events that Modify User/Group Information via openat syscall - /etc/gshadow'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml
-index 449fe58e..9a8dc9be 100644
+index 449fe58e3..9a8dc9be7 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml
 @@ -1,6 +1,6 @@
@@ -11349,7 +12853,7 @@ index 449fe58e..9a8dc9be 100644
  title: 'Record Events that Modify User/Group Information via open syscall - /etc/passwd'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml
-index 37094bd4..a62486e4 100644
+index 37094bd4a..a62486e41 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml
 @@ -1,6 +1,6 @@
@@ -11361,7 +12865,7 @@ index 37094bd4..a62486e4 100644
  title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/passwd'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml
-index ee516082..6ae9798c 100644
+index ee5160823..6ae9798c7 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml
 @@ -1,6 +1,6 @@
@@ -11373,7 +12877,7 @@ index ee516082..6ae9798c 100644
  title: 'Record Events that Modify User/Group Information via openat syscall - /etc/passwd'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml
-index 01b22ecb..f3c198fb 100644
+index 01b22ecb0..f3c198fb1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml
 @@ -1,6 +1,6 @@
@@ -11385,7 +12889,7 @@ index 01b22ecb..f3c198fb 100644
  title: 'Record Events that Modify User/Group Information via open syscall - /etc/shadow'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml
-index 0eaf7977..2c4c9699 100644
+index 0eaf7977f..2c4c96990 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml
 @@ -1,6 +1,6 @@
@@ -11397,7 +12901,7 @@ index 0eaf7977..2c4c9699 100644
  title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/shadow'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml
-index a1a40472..325c88f4 100644
+index a1a404722..325c88f45 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml
 @@ -1,6 +1,6 @@
@@ -11409,17 +12913,17 @@ index a1a40472..325c88f4 100644
  title: 'Record Events that Modify User/Group Information via openat syscall - /etc/shadow'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh
-index b9daadd7..514f4744 100644
+index ba84abfc9..e771e26f1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  # Traverse all of:
  #
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml
-index 26d02c24..28daa910 100644
+index 26d02c24e..28daa9106 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -11430,17 +12934,51 @@ index 26d02c24..28daa910 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml
-index d298d9e9..d4add406 100644
+index 91d169395..4db7d0c7c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml
-@@ -51,4 +51,4 @@ references:
+@@ -56,7 +56,7 @@ references:
      pcidss: Req-10.5.2
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029
      stigid@ol8: OL08-00-030121
 -    stigid@rhel8: RHEL-08-030121
 +    stigid@almalinux8: RHEL-08-030121
+ 
+ ocil_clause: 'the audit system is not set to be immutable by adding the "-e 2" option to the end of "/etc/audit/audit.rules"'
+ 
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml
+index 94768073f..6fd009b50 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml
+index 46e249efb..2e6eee0e5 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel8
++prodtype: rhel8,almalinux8
+ 
+ title: 'Configure immutable Audit login UIDs'
+ 
+@@ -32,7 +32,7 @@ identifiers:
+ references:
+     disa: CCI-000162,CCI-000163,CCI-000164
+     srg: SRG-OS-000462-GPOS-00206,SRG-OS-000475-GPOS-00220,SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029
+-    stigid@rhel8: RHEL-08-030122
++    stigid@almalinux8: RHEL-08-030122
+ 
+ ocil_clause: 'the system is not configured to make login UIDs immutable'
+ 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml
-index e55119fd..2e7514b5 100644
+index e55119fd1..2e7514b51 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -11450,17 +12988,17 @@ index e55119fd..2e7514b5 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh
-index 632149b9..038c574b 100644
+index 79440e79b..614a4e09c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/etc/selinux/", "wa", "MAC-policy") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml
-index 4534624b..7d1db5bb 100644
+index 4534624b4..7d1db5bb1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -11471,10 +13009,10 @@ index 4534624b..7d1db5bb 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml
-index e3b53819..cef1ede1 100644
+index 35d680636..d31c788b1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml
-@@ -53,7 +53,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-030740
      stigid@ol8: OL08-00-030302
      stigid@rhel7: RHEL-07-030740
@@ -11484,7 +13022,7 @@ index e3b53819..cef1ede1 100644
      stigid@sle15: SLES-15-030350
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml
-index 3c1ca33a..fdb0252c 100644
+index ac5c84c87..bf549f47f 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -11494,17 +13032,17 @@ index 3c1ca33a..fdb0252c 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh
-index 352d01bd..a3b0b525 100644
+index 7e22f270f..d310cfd08 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml
-index 7f2f4e29..7ad5c59a 100644
+index 7f2f4e298..7ad5c59a3 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -11514,17 +13052,17 @@ index 7f2f4e29..7ad5c59a 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh
-index d01b505a..8cce3781 100644
+index caf49d4f8..f2ba8f9f1 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/var/run/utmp", "wa", "session") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml
-index 1decbff9..083f80bd 100644
+index 1decbff93..083f80bd9 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -11535,80 +13073,80 @@ index 1decbff9..083f80bd 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml
-index 36f780a9..f4141fe3 100644
+index 65cd15d0b..01dbc134b 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhel8,rhel9
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Ensure auditd Collects System Administrator Actions - /etc/sudoers'
  
-@@ -30,7 +30,7 @@ references:
-     disa: CCI-000169,CCI-002884
-     srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221
+@@ -33,7 +33,7 @@ references:
+     disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-002130,CCI-002132,CCI-002884
+     srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221
      stigid@ol8: OL08-00-030171
 -    stigid@rhel8: RHEL-08-030171
 +    stigid@almalinux8: RHEL-08-030171
  
- ocil_clause: 'there is not output'
+ ocil_clause: 'the command does not return a line, or the line is commented out'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml
-index a5f906e9..36370d87 100644
+index 7f32fc3d0..6e674c36a 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhel8,rhel9
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Ensure auditd Collects System Administrator Actions - /etc/sudoers.d/'
  
-@@ -30,7 +30,7 @@ references:
-     disa: CCI-000169,CCI-002884
-     srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221
+@@ -33,7 +33,7 @@ references:
+     disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-002130,CCI-002132,CCI-002884
+     srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221
      stigid@ol8: OL08-00-030172
 -    stigid@rhel8: RHEL-08-030172
 +    stigid@almalinux8: RHEL-08-030172
  
- ocil_clause: 'there is not output'
+ ocil_clause: 'the command does not return a line, or the line is commented out'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml
-index 9583a47b..b68aa06b 100644
+index c46cbbe39..acbd8ad2c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh
-index c474fe55..d3ad208d 100644
+index 8fdd7e75a..9c16b41cc 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml
-index 6635fa92..53d1d152 100644
+index 327d07fb2..24a3364a4 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Events When Privileged Executables Are Run'
  
-@@ -41,7 +41,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      stigid@ol7: OL07-00-030360
      stigid@ol8: OL08-00-030000
      stigid@rhel7: RHEL-07-030360
@@ -11618,17 +13156,17 @@ index 6635fa92..53d1d152 100644
      stigid@sle15: SLES-15-030640
      stigid@ubuntu2004: UBTU-20-010211
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh
-index 3b1d4ede..420f5707 100644
+index fcde9d3aa..6477bc85e 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/etc/sudoers", "wa", "actions") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
-index 5c99e72f..88c36f80 100644
+index 5c99e72f4..88c36f80d 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -11639,40 +13177,40 @@ index 5c99e72f..88c36f80 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
-index 9f8dd579..7683678f 100644
+index 57dc24fcd..79456ebaf 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Shutdown System When Auditing Failures Occur'
  
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh
-index 39eac550..5d9c29be 100644
+index 07965e2c7..908fa6e54 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/etc/group", "wa", "audit_rules_usergroup_modification") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
-index 6cb77454..8abc7409 100644
+index a17b62a24..8bfafb398 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Events that Modify User/Group Information - /etc/group'
  
-@@ -59,7 +59,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030871
      stigid@ol8: OL08-00-030170
      stigid@rhel7: RHEL-07-030871
@@ -11682,18 +13220,18 @@ index 6cb77454..8abc7409 100644
      stigid@sle15: SLES-15-030010
      stigid@ubuntu2004: UBTU-20-010101
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
-index 1bdaf0fe..11403df8 100644
+index 82339f74a..c5ebddaa8 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Events that Modify User/Group Information - /etc/gshadow'
  
-@@ -59,7 +59,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030872
      stigid@ol8: OL08-00-030160
      stigid@rhel7: RHEL-07-030872
@@ -11703,18 +13241,18 @@ index 1bdaf0fe..11403df8 100644
      stigid@sle15: SLES-15-030040
      stigid@ubuntu2004: UBTU-20-010103
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
-index f039be50..0eaf7df5 100644
+index 3d3a8a8cc..589493727 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Events that Modify User/Group Information - /etc/security/opasswd'
  
-@@ -60,7 +60,7 @@ references:
+@@ -64,7 +64,7 @@ references:
      stigid@ol7: OL07-00-030874
      stigid@ol8: OL08-00-030140
      stigid@rhel7: RHEL-07-030874
@@ -11724,18 +13262,18 @@ index f039be50..0eaf7df5 100644
      stigid@sle15: SLES-15-030030
      stigid@ubuntu2004: UBTU-20-010104
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
-index 188d28a7..47fb62ff 100644
+index fd297cce7..f86e48526 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Events that Modify User/Group Information - /etc/passwd'
  
-@@ -59,7 +59,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030870
      stigid@ol8: OL08-00-030150
      stigid@rhel7: RHEL-07-030870
@@ -11745,18 +13283,18 @@ index 188d28a7..47fb62ff 100644
      stigid@sle15: SLES-15-030000
      stigid@ubuntu2004: UBTU-20-010100
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
-index 7e2e181f..c87e8290 100644
+index 8c61d1f92..0fff324ce 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Record Events that Modify User/Group Information - /etc/shadow'
  
-@@ -59,7 +59,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-030873
      stigid@ol8: OL08-00-030130
      stigid@rhel7: RHEL-07-030873
@@ -11765,17 +13303,29 @@ index 7e2e181f..c87e8290 100644
      stigid@sle12: SLES-12-020220
      stigid@sle15: SLES-15-030020
      stigid@ubuntu2004: UBTU-20-010102
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml
+index 95546923d..230523282 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
+ 
+ title: 'Record Attempts to perform maintenance activities'
+ 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh
-index e829590e..e72d090f 100644
+index b7f44ab38..e6b1d1856 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh
 @@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml
-index 3fbd4948..27378a92 100644
+index 3fbd4948a..27378a924 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -11786,17 +13336,17 @@ index 3fbd4948..27378a92 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh
-index 1dd7cb10..9c43228d 100644
+index f0783ec4f..a4cc0d84c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml
-index 18bb2671..8f0bffdd 100644
+index 18bb26716..8f0bffdd8 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -11807,16 +13357,16 @@ index 18bb2671..8f0bffdd 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh
-index e829590e..e72d090f 100644
+index b7f44ab38..e6b1d1856 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh
 @@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml
-index e2f2d649..bd5c2434 100644
+index e2f2d6494..bd5c24342 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -11827,16 +13377,16 @@ index e2f2d649..bd5c2434 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh
-index e829590e..e72d090f 100644
+index b7f44ab38..e6b1d1856 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh
 @@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml
-index 7ea72adf..28662fe8 100644
+index 7ea72adfa..28662fe80 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -11847,17 +13397,17 @@ index 7ea72adf..28662fe8 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh
-index 742bbfc4..e9db1df7 100644
+index 4983b503e..b4db73bce 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/etc/localtime", "wa", "audit_time_rules") }}}
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml
-index ac72267a..67ee8659 100644
+index ac72267a2..67ee86593 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -11868,7 +13418,7 @@ index ac72267a..67ee8659 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml
-index ec17adf5..0ecb4079 100644
+index ec17adf55..0ecb4079c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -11878,18 +13428,18 @@ index ec17adf5..0ecb4079 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml
-index 95272cce..2daa232b 100644
+index dfff55bd3..b43eabe6e 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhel8,rhel9
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'System Audit Directories Must Be Group Owned By Root'
  
-@@ -34,7 +34,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      pcidss: Req-10.5.1
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-030110
@@ -11897,16 +13447,28 @@ index 95272cce..2daa232b 100644
 +    stigid@almalinux8: RHEL-08-030110
  
  ocil: |-
-     {{{ describe_file_group_owner(file="/var/log/audit", group="root") }}}
+     {{% if product =="ol8" %}}
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
+index 09d4e8ff5..6a8e8bdab 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ 
+ groupadd group_test
+ 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml
-index acec72a8..a7322a9c 100644
+index 6a95e9f13..0ac24ce77 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhel8,rhel9
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'System Audit Directories Must Be Owned By Root'
  
@@ -11917,10 +13479,10 @@ index acec72a8..a7322a9c 100644
 -    stigid@rhel8: RHEL-08-030100
 +    stigid@almalinux8: RHEL-08-030100
  
- ocil: |-
-     {{{ describe_file_owner(file="/var/log/audit", owner="root") }}}
+ ocil_clause: the directory is not owned by root
+ 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh
-index 8683b710..14f0fc0c 100644
+index 0dad1bfe1..29632f729 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -11930,10 +13492,19 @@ index 8683b710..14f0fc0c 100644
  if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then
    DIR=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ' | rev | cut -d"/" -f2- | rev)
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml
-index 10d443b7..c42b97ad 100644
+index cab7c10c6..c51d3f1a2 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml
-@@ -31,7 +31,7 @@ references:
+@@ -3,7 +3,7 @@ documentation_complete: true
+ title: 'System Audit Logs Must Have Mode 0750 or Less Permissive'
+ 
+ description: |-
+-    {{% if product in ["ol8", "rhel8"] %}}
++    {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
+     Verify the audit log directories have a mode of "0700" or less permissive by first determining
+     where the audit logs are stored with the following command:
+     
$ sudo grep -iw log_file /etc/audit/auditd.conf
+@@ -45,7 +45,7 @@ references:
      nist-csf: DE.AE-3,DE.AE-5,PR.AC-4,PR.DS-5,PR.PT-1,RS.AN-1,RS.AN-4
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029
      stigid@ol8: OL08-00-030120
@@ -11941,20 +13512,86 @@ index 10d443b7..c42b97ad 100644
 +    stigid@almalinux8: RHEL-08-030120
      stigid@ubuntu2004: UBTU-20-010128
  
- ocil_clause: 'any are more permissive'
+ ocil_clause: 'audit logs have a more permissive mode'
+@@ -69,7 +69,7 @@ ocil: |-
+ 
+     Replace "[audit_log_directory]" to the correct audit log directory path, by default this location is "/var/log/audit".
+ 
+-    {{% if product in ["ol8", "rhel8"] %}}
++    {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
+     The correct permissions are 0700
+     {{% else %}}
+     If the log_group is "root" or is not set, the correct permissions are 0700, otherwise they are 0750.
+@@ -82,7 +82,7 @@ fixtext: |-
+ 
+     $ sudo grep "^log_file" /etc/audit/auditd.conf
+ 
+-    {{% if product in ["ol8", "rhel8"] %}}
++    {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
+     Set the correct permissions mode by the following command:
+ 
+     $ sudo chmod 0700 [audit_log_directory]
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh
+index 7e8c49123..999d914cd 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ source common_0700.sh
+ 
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh
+index 7cfadc195..3bb0cefbb 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ source common_0700.sh
+ 
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh
+index 3654389ed..64e3e8ebc 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ source common_0700.sh
+ 
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh
+index b93254a4b..c7d66ccbb 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ source common_0700.sh
+ 
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
-index 2efc71f8..cfaf1e45 100644
+index b2cba263a..46c32a0b9 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9,ubuntu2004
-+prodtype: ol8,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'System Audit Logs Must Be Group Owned By Root'
  
-@@ -37,7 +37,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      pcidss: Req-10.5.1
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-030090
@@ -11963,19 +13600,65 @@ index 2efc71f8..cfaf1e45 100644
      stigid@ubuntu2004: UBTU-20-010124
  
  ocil: |-
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
+index 6f19e15c6..b1d995c61 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ 
+ if grep -iwq "log_file" /etc/audit/auditd.conf; then
+     FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
+index cf4b02b90..cd69f17c2 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ 
+ if grep -iwq "log_file" /etc/audit/auditd.conf; then
+     FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/oval/shared.xml b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/oval/shared.xml
+index 95acf5905..18954ffa1 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/oval/shared.xml
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/oval/shared.xml
+@@ -6,7 +6,7 @@
+         
+         
+       
+-      {{% if product in ["ol8", "rhel8"] %}}
++      {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
+       
+         
+@@ -28,7 +28,7 @@
+     state_owner_not_root_var_log_audit
+   
+   
+-  {{% if product in ["ol8", "rhel8"] %}}
++  {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
+   
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
-index 60d46adc..048ecf8c 100644
+index b7b5736cd..400ffbe2c 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9,ubuntu2004
-+prodtype: ol8,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'System Audit Logs Must Be Owned By Root'
  
-@@ -34,7 +34,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      pcidss: Req-10.5.1
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-030080
@@ -11983,30 +13666,73 @@ index 60d46adc..048ecf8c 100644
 +    stigid@almalinux8: RHEL-08-030080
      stigid@ubuntu2004: UBTU-20-010123
  
- ocil: |-
+ ocil_clause: "the audit log is not owned by root"
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh
+index 3a0d9a4e9..ab43ceb2b 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ #!/bin/bash
+ 
+ sed -i "/^\s*log_file.*/d" /etc/audit/auditd.conf
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value.fail.sh
+index d597ca07f..75a41c4fd 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value.fail.sh
+@@ -15,7 +15,7 @@ useradd testuser_123
+ touch "/var/log/audit/audit.log"
+ chown root "/var/log/audit/audit.log"
+ 
+-{{% if product in ["ol8", "rhel8"] %}}
++{{% if product in ["ol8", "rhel8", "almalinux8"] %}}
+ touch $FILE
+ chown testuser_123 $FILE
+ {{% else %}}
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh
+index 1879113b8..8798ae1ae 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ #!/bin/bash
+ 
+ sed -i "/^\s*log_file.*/d" /etc/audit/auditd.conf
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml
+index bb0ae821f..1b84683ce 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh
-index 2b146586..859d7317 100644
+index f97a559e6..de9777988 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh
 @@ -1,4 +1,4 @@
 -# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  
- if LC_ALL=C grep -iw log_file /etc/audit/auditd.conf; then
+ if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then
      FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
-index a7056eda..e84a3847 100644
+index e5c0e1eda..37ba97e98 100644
 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'System Audit Logs Must Have Mode 0640 or Less Permissive'
  
-@@ -40,7 +40,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-910055
      stigid@ol8: OL08-00-030070
      stigid@rhel7: RHEL-07-910055
@@ -12014,111 +13740,116 @@ index a7056eda..e84a3847 100644
 +    stigid@almalinux8: RHEL-08-030070
      stigid@ubuntu2004: UBTU-20-010122
  
- ocil_clause: 'any are more permissive'
+ ocil_clause: 'any permissions are more permissive'
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh
+index 15023ca70..488ef3e3f 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ # packages = audit
+ 
+ source common_0600.sh
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh
+index 04d76809f..6475f83ae 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ # packages = audit
+ 
+ source common_0600.sh
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh
+index aea9d1b10..3f045e4c7 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ # packages = audit
+ 
+ source common_0600.sh
+diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh
+index 003e3330f..368540adc 100644
+--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh
++++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ # packages = audit
+ 
+ source common_0600.sh
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml
-index eb3fd508..132047e0 100644
+index 1e0529f08..9ed9948a4 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml
-@@ -1,11 +1,11 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = false
  # strategy = configure
  # complexity = low
- # disruption = low
- {{{ ansible_instantiate_variables("var_audispd_remote_server") }}}
- 
--{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
- {{% set audisp_config_file_path = "/etc/audit/audisp-remote.conf" %}}
- {{% else %}}
- {{% set audisp_config_file_path = "/etc/audisp/audisp-remote.conf" %}}
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh
-index cc85e4a2..b86f0ef4 100644
+index 53a56e255..554799735 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh
-@@ -1,8 +1,8 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle,multi_platform_ubuntu
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_audispd_remote_server") }}}
  
--{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
- AUDITCONFIG=/etc/audit/audisp-remote.conf
- {{% else %}}
- AUDITCONFIG=/etc/audisp/audisp-remote.conf
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/oval/shared.xml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/oval/shared.xml
-index a19f62d3..b9d78eb9 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/oval/shared.xml
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/oval/shared.xml
-@@ -1,4 +1,4 @@
--{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
- {{% set audisp_config_file_path = "/etc/audit/audisp-remote.conf" %}}
- {{% else %}}
- {{% set audisp_config_file_path = "/etc/audisp/audisp-remote.conf" %}}
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml
-index 814f868f..797ced64 100644
+index 85fd8e388..2c904720d 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Configure audispd Plugin To Send Logs To Remote Server'
  
-@@ -12,7 +12,7 @@ description: |-
-     
/etc/audisp/plugins.d/au-remote.conf

- {{% endif %}}
-     Set the remote_server option in 
--{{%- if product in ["rhel8", "fedora", "ol8", "rhv4"] -%}}
-+{{%- if product in ["rhel8", "fedora", "almalinux8", "ol8", "rhv4"] -%}}
-     /etc/audit/audisp-remote.conf
- {{%- else -%}}
-     /etc/audisp/audisp-remote.conf
-@@ -59,7 +59,7 @@ ocil: |-
- {{% endif %}}
-     To verify the audispd plugin off-loads audit records onto a different system or
-     media from the system being audited, run the following command:
--{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
-     
$ sudo grep -i remote_server /etc/audit/audisp-remote.conf

- {{% else %}}
-     
$ sudo grep -i remote_server /etc/audisp/audisp-remote.conf

 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh
-index f3401af3..dc069b05 100644
+index 44d9a1f74..a466bc72d 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
+ # packages = audit
 -# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  . $SHARED/auditd_utils.sh
  prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_not_there.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_not_there.fail.sh
-index 29cf6015..61a9640e 100644
+index 0bfa82083..93b11eb05 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_not_there.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_not_there.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
+ # packages = audit
 -# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  . $SHARED/auditd_utils.sh
  prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
-index 2426f830..316d0819 100644
+index 5edbb9df9..4faa8a675 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Configure a Sufficiently Large Partition for Audit Logs'
  
@@ -12128,55 +13859,69 @@ index 2426f830..316d0819 100644
      stigid@ol8: OL08-00-030660
 -    stigid@rhel8: RHEL-08-030660
 +    stigid@almalinux8: RHEL-08-030660
-     stigid@sle12: SLES-12-020020 
+     stigid@sle12: SLES-12-020020
      stigid@sle15: SLES-15-030660
      stigid@ubuntu2004: UBTU-20-010215
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml
+index 942cd0f5d..a53df57b1 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ # reboot = false
+ # strategy = configure
+ # complexity = low
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh
+index 36e7f8cda..842f3922d 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ 
+ {{{ bash_instantiate_variables("var_audispd_disk_full_action") }}}
+ 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml
-index e5c33838..b855ec67 100644
+index 8ccde192c..24a1d1f07 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Configure audispd''s Plugin disk_full_action When Disk Is Full'
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh
-index 536220c6..5be962ce 100644
+index be3e74b0b..b6f46f51e 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh
-@@ -1,6 +1,6 @@
- # platform = multi_platform_wrlinux,multi_platform_all
+@@ -1,7 +1,7 @@
+ # platform = multi_platform_all
  
+ AUDISP_REMOTE_CONFIG="{{{ audisp_conf_path }}}/audisp-remote.conf"
 -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
 +{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
- AUDISP_REMOTE_CONFIG="/etc/audit/audisp-remote.conf"
  option="^transport"
  value="KRB5"
+ {{% else %}}
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml
-index 1e21e071..9d74788c 100644
+index e8d055f90..467e50704 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml
-@@ -1,6 +1,6 @@
+@@ -2,7 +2,7 @@
+ 
  
    
 -    {{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
 +    {{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
-     {{{ oval_metadata("transport setting in /etc/audit/audisp-remote.conf is set to 'KRB5'") }}}
+     {{{ oval_metadata("transport setting in " + audisp_config_file_path + " is set to 'KRB5'") }}}
      {{% else %}}
-     {{{ oval_metadata("enable_krb5 setting in /etc/audisp/audisp-remote.conf is set to 'yes'") }}}
-@@ -17,14 +17,14 @@
-   
- 
-   
--{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
-     /etc/audit/audisp-remote.conf
- {{% else %}}
-     /etc/audisp/audisp-remote.conf
- {{% endif %}}
+     {{{ oval_metadata("enable_krb5 setting in " + audisp_config_file_path + " is set to 'yes'") }}}
+@@ -22,7 +22,7 @@
+     {{{ audisp_config_file_path }}}
      
      
 -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
@@ -12185,14 +13930,14 @@ index 1e21e071..9d74788c 100644
  {{% else %}}
      ^[ ]*enable_krb5[ ]+=[ ]+yes[ ]*$
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
-index 9c3f34e2..e62aaf08 100644
+index 637683d69..2d38292b3 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
 @@ -1,13 +1,13 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Encrypt Audit Records Sent With audispd Plugin'
  
@@ -12201,178 +13946,167 @@ index 9c3f34e2..e62aaf08 100644
      records onto a different system or media from the system being audited.
 -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
 +{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
-     Set the transport option in 
/etc/audit/audisp-remote.conf

+     Set the transport option in 
{{{ audisp_conf_path }}}/audisp-remote.conf

      to KRB5.
  {{% else %}}
-@@ -44,7 +44,7 @@ ocil_clause: 'audispd is not encrypting audit records when sent over the network
+@@ -45,7 +45,7 @@ ocil_clause: 'audispd is not encrypting audit records when sent over the network
  ocil: |-
      To verify the audispd plugin encrypts audit records off-loaded onto a different
      system or media from the system being audited, run the following command:
 -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
 +{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
-     
$ sudo grep -i transport /etc/audit/audisp-remote.conf

+     
$ sudo grep -i transport {{{ audisp_conf_path }}}/audisp-remote.conf

      The output should return the following:
      
transport = KRB5

+@@ -57,7 +57,7 @@ ocil: |-
+ 
+ fixtext: |-
+     Configure {{{ full_name }}} to encrypt audit records sent with audispd plugin.
+-{{% if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] %}}
++{{% if product in ["rhel8", "almalinux8", "rhel9", "fedora", "ol8", "rhv4"] %}}
+     Set the "transport" option in "{{{ audisp_conf_path }}}/audisp-remote.conf" to "KRB5".
+ {{% else %}}
+     Uncomment the "enable_krb5" option in "{{{ audisp_conf_path }}}/audisp-remote.conf",
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh
-index 9b2f37fd..4f7164e3 100644
+index 1ee02140b..711b6593d 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
+ # packages = audit
 -# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  . $SHARED/auditd_utils.sh
  prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_correct_value.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_correct_value.pass.sh
-index 8933828d..75fe1ce1 100644
+index b6775223d..b7fa1f1f4 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_correct_value.pass.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_correct_value.pass.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
+ # packages = audit
 -# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  . $SHARED/auditd_utils.sh
  prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_not_there.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_not_there.fail.sh
-index 5d6fb974..a8e33c70 100644
+index bf1c533c6..fb621cfff 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_not_there.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_not_there.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
+ # packages = audit
 -# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  . $SHARED/auditd_utils.sh
  prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_wrong_value.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_wrong_value.fail.sh
-index 7d594d64..5d1ae6e8 100644
+index 864e97b31..8c16af8f9 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_wrong_value.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_wrong_value.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
+ # packages = audit
 -# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  . $SHARED/auditd_utils.sh
  prepare_auditd_test_enviroment
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml
+index 71fc81683..835402712 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ # reboot = false
+ # strategy = configure
+ # complexity = low
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh
+index d1a513600..8ca091bea 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ 
+ {{{ bash_instantiate_variables("var_audispd_network_failure_action") }}}
+ 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml
-index 08d2794f..8e3bc55b 100644
+index 0a3db3206..b05f5e2b3 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Configure audispd''s Plugin network_failure_action On Network Failure'
  
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/ansible/shared.yml
-index 976c8104..f5cb4872 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/ansible/shared.yml
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/ansible/shared.yml
-@@ -6,7 +6,7 @@
- 
- - name: enable syslog plugin
-   lineinfile:
--    {{% if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] -%}}
-+    {{% if product in ["rhel8", "almalinux8", "rhel9", "fedora", "ol8", "rhv4"] -%}}
-     dest: /etc/audit/plugins.d/syslog.conf
-     {{%- else -%}}
-     dest: /etc/audisp/plugins.d/syslog.conf
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/bash/shared.sh
-index 96de94d4..bc59bf9a 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/bash/shared.sh
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/bash/shared.sh
-@@ -1,7 +1,7 @@
- # platform = multi_platform_all
- var_syslog_active="yes"
- 
--{{% if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "almalinux8", "rhel9", "fedora", "ol8", "rhv4"] %}}
- AUDISP_SYSLOGCONFIG=/etc/audit/plugins.d/syslog.conf
- {{% else %}}
- AUDISP_SYSLOGCONFIG=/etc/audisp/plugins.d/syslog.conf
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/oval/shared.xml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/oval/shared.xml
-index 7ab522e0..87d5c878 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/oval/shared.xml
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/oval/shared.xml
-@@ -1,6 +1,6 @@
- 
-   
--    {{{ oval_metadata("active setting in " + ("/etc/audit/plugins.d/syslog.conf" if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] else "/etc/audisp/plugins.d/syslog.conf") + " is set to 'yes'") }}}
-+    {{{ oval_metadata("active setting in " + ("/etc/audit/plugins.d/syslog.conf" if product in ["rhel8", "rhel9", "almalinux8", "fedora", "ol8", "rhv4"] else "/etc/audisp/plugins.d/syslog.conf") + " is set to 'yes'") }}}
- 
-     
-         
-@@ -13,7 +13,7 @@
-   
- 
-   
--{{% if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "almalinux8", "rhel9", "fedora", "ol8", "rhv4"] %}}
-     /etc/audit/plugins.d/syslog.conf
- {{% else %}}
-     /etc/audisp/plugins.d/syslog.conf
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml
-index 4b37d016..162582f7 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml
-@@ -6,7 +6,7 @@ description: |-
-     To configure the auditd service to use the
-     syslog plug-in of the audispd audit event multiplexor, set
-     the active line in 
--{{%- if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] -%}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux8", "fedora", "ol8", "rhv4"] -%}}
-     /etc/audit/plugins.d/syslog.conf
- {{%- else -%}}
-     /etc/audisp/plugins.d/syslog.conf
-@@ -50,7 +50,7 @@ ocil_clause: 'it is not activated'
- 
- ocil: |-
-     To verify the audispd's syslog plugin is active, run the following command:
--{{% if product in ["rhel8", "rhel9", "fedora", "rhv4"] %}}
-+{{% if product in ["rhel8", "almalinux8", "rhel9", "fedora", "rhv4"] %}}
-     
$ sudo grep active /etc/audit/plugins.d/syslog.conf

- {{% else %}}
-     
$ sudo grep active /etc/audisp/plugins.d/syslog.conf

-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
-index b1dd2333..3234308f 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh
+index d244d4bd0..ec516de8a 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ 
+ . $SHARED/auditd_utils.sh
+ prepare_auditd_test_enviroment
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh
+index af96da871..3bcbba05c 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ 
+ . $SHARED/auditd_utils.sh
+ prepare_auditd_test_enviroment
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
+index caf9766f5..8b2142f08 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = audit
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = bash
  
  . $SHARED/auditd_utils.sh
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
-index 0755a9dd..cb85748f 100644
+index c87268eae..ffa87d06e 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # packages = audit
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = bash
  
  . $SHARED/auditd_utils.sh
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
-index 046c9ac9..83adb66c 100644
+index 0bb1518ef..c54736340 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+ # packages = audit
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = bash
  
  . $SHARED/auditd_utils.sh
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml
-index 06f4a10c..ba788edb 100644
+index b075778f5..d9baf1b4f 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -12382,7 +14116,7 @@ index 06f4a10c..ba788edb 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh
-index 355c9210..d8e8305e 100644
+index d0065b38c..7027992a4 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -12392,7 +14126,7 @@ index 355c9210..d8e8305e 100644
  {{{ bash_instantiate_variables("var_auditd_disk_error_action") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12403,7 +14137,7 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
-index dc335a66..516b3b76 100644
+index 652697743..1509661df 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
 @@ -38,7 +38,7 @@ references:
@@ -12413,10 +14147,41 @@ index dc335a66..516b3b76 100644
 -    stigid@rhel8: RHEL-08-030040
 +    stigid@almalinux8: RHEL-08-030040
  
- ocil_clause: 'the system is not configured to switch to single-user mode for corrective action'
+ ocil_clause: 'there is no evidence of appropriate action'
  
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml
+index 06f4a10c6..ba788edbf 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh
+index 78726bbc6..0a36846ab 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ {{{ bash_instantiate_variables("var_auditd_disk_error_action") }}}
+ 
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
+index 55f407e01..b9084af21 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
+ # reboot = true
+ # strategy = restrict
+ # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml
-index 61cc4751..7f66a5c1 100644
+index 0adf2b538..376952524 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -12426,7 +14191,7 @@ index 61cc4751..7f66a5c1 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
-index 8ab6e16a..11021155 100644
+index ce4f4d029..6ab8e06dd 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -12436,7 +14201,7 @@ index 8ab6e16a..11021155 100644
  {{{ bash_instantiate_variables("var_auditd_disk_full_action") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12447,7 +14212,7 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
-index 286c4715..fc4a9e2b 100644
+index e69a05904..f847fa9c0 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
 @@ -43,7 +43,7 @@ references:
@@ -12459,8 +14224,39 @@ index 286c4715..fc4a9e2b 100644
      stigid@sle12: SLES-12-020060
      stigid@sle15: SLES-15-030590
      stigid@ubuntu2004: UBTU-20-010118
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml
+index 61cc4751d..7f66a5c15 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh
+index 8ab6e16ab..110211558 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ 
+ {{{ bash_instantiate_variables("var_auditd_disk_full_action") }}}
+ 
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
+index 55f407e01..b9084af21 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
+ # reboot = true
+ # strategy = restrict
+ # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml
-index b82e6d17..717e52b9 100644
+index b82e6d174..717e52b99 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -12470,20 +14266,20 @@ index b82e6d17..717e52b9 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh
-index 9633d4ff..9855bd95 100644
+index dfb8d3035..28e3fd6c9 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_auditd_action_mail_acct") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
-index 8e653594..d7fc8bed 100644
+index c68498f85..43787aaaf 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      stigid@ol7: OL07-00-030350
      stigid@ol8: OL08-00-030020
      stigid@rhel7: RHEL-07-030350
@@ -12493,7 +14289,7 @@ index 8e653594..d7fc8bed 100644
      stigid@sle15: SLES-15-030570
      stigid@ubuntu2004: UBTU-20-010117
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
-index 9efd2d5e..95c46c53 100644
+index 9efd2d5e8..95c46c53e 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -12503,17 +14299,17 @@ index 9efd2d5e..95c46c53 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
-index 0d7dff4c..129da2eb 100644
+index e05250cea..e04d721a4 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_auditd_admin_space_left_action") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12523,8 +14319,20 @@ index c865ad76..f226ae34 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml
+index 5f10393b4..ab1400386 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
+ 
+ title: 'Configure auditd admin_space_left on Low Disk Space'
+ 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
-index 9c8afcfa..53a6da7e 100644
+index 9c8afcfa3..53a6da7e0 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -12534,17 +14342,17 @@ index 9c8afcfa..53a6da7e 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh
-index d3a53c59..ac99ce76 100644
+index 79b916559..40632d099 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  
  {{{ bash_instantiate_variables("var_auditd_flush") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12555,85 +14363,91 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
-index c0d1894f..38884203 100644
+index ce94d5f5f..de2167a15 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Configure auditd flush priority'
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh
-index 9817ba88..1a718d62 100644
+index ba44b2bb5..303e1d8f7 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # packages = audit
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # remediation = bash
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh
-index 2dc2791e..eb6d3368 100644
+index a8f68412c..0c0d35e0d 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # packages = audit
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # remediation = bash
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh
-index dadc03e8..ae2b6248 100644
+index f3301e81a..eb39696dd 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # packages = audit
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # remediation = bash
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh
-index 741e5487..453786c9 100644
+index 64ebd312f..c43471049 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # packages = audit
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # remediation = bash
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh
-index fb0da2f5..3206a5a3 100644
+index f6e0c1088..a51782746 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # packages = audit
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # remediation = bash
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh
-index 9a930ab2..0b4e4944 100644
+index 47f3daf89..5cab1da02 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # packages = audit
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # remediation = bash
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml
-index c70cd104..c97fbf56 100644
+index c70cd104e..c97fbf56e 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -12643,17 +14457,17 @@ index c70cd104..c97fbf56 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh
-index 8ac93789..e8a6dab1 100644
+index 8a53bf847..95c5446b6 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_auditd_max_log_file") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12664,7 +14478,7 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml
-index 69ae3cb8..f48f3656 100644
+index 69ae3cb89..f48f36569 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -12674,17 +14488,17 @@ index 69ae3cb8..f48f3656 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh
-index 3a69df68..67d60999 100644
+index 5007f965f..4c06ea831 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_auditd_max_log_file_action") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12694,33 +14508,39 @@ index c865ad76..f226ae34 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/rule.yml
-index cc9e6c73..0aa28666 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/rule.yml
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/rule.yml
-@@ -54,7 +54,7 @@ references:
-     pcidss: Req-10.7
-     srg: SRG-OS-000047-GPOS-00023
-     stigid@ol8: OL08-00-030050
--    stigid@rhel8: RHEL-08-030050
-+    stigid@almalinux8: RHEL-08-030050
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml
+index 69ae3cb89..f48f36569 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh
+index 4609f8ec9..f4b4664e3 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  
- ocil_clause: 'the system has not been properly configured to rotate audit logs'
+ {{{ bash_instantiate_variables("var_auditd_max_log_file_action") }}}
  
-diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/tests/max_log_file_action_stig.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/tests/max_log_file_action_stig.pass.sh
-index de16233b..38c22bf5 100644
---- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/tests/max_log_file_action_stig.pass.sh
-+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/tests/max_log_file_action_stig.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # profiles = xccdf_org.ssgproject.content_profile_stig
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9, multi_platform_fedora
- 
- . $SHARED/auditd_utils.sh
- prepare_auditd_test_enviroment
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
+index 55f407e01..b9084af21 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
+ # reboot = true
+ # strategy = restrict
+ # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml
-index 7deaa060..748a59d8 100644
+index 7deaa0607..748a59d80 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -12730,7 +14550,7 @@ index 7deaa060..748a59d8 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12741,7 +14561,7 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml
-index ab0bea58..a6158699 100644
+index ab0bea58e..a6158699d 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -12751,17 +14571,17 @@ index ab0bea58..a6158699 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh
-index 62901056..5e8deca1 100644
+index a53f062b5..e0200450d 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_auditd_space_left") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12772,19 +14592,19 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
-index 04042fa1..82988db4 100644
+index 54462480d..eb0802b06 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Configure auditd space_left on Low Disk Space'
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
-index 46560f89..123e5ef3 100644
+index 46560f89e..123e5ef3c 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -12794,7 +14614,7 @@ index 46560f89..123e5ef3 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
-index 870f6619..a1dc8844 100644
+index 870f6619e..a1dc8844a 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -12804,7 +14624,7 @@ index 870f6619..a1dc8844 100644
  {{{ bash_instantiate_variables("var_auditd_space_left_action") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12815,10 +14635,10 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
-index 1dc1f330..ac8d6ec7 100644
+index 4dc2529aa..ac76cdea4 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
-@@ -57,7 +57,7 @@ references:
+@@ -62,7 +62,7 @@ references:
      stigid@ol7: OL07-00-030340
      stigid@ol8: OL08-00-030731
      stigid@rhel7: RHEL-07-030340
@@ -12828,19 +14648,19 @@ index 1dc1f330..ac8d6ec7 100644
      vmmsrg: SRG-OS-000343-VMM-001240
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
-index dff73762..5f066b7d 100644
+index aef2ffe8a..5d39f86de 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel7,rhel8,rhel9,ubuntu2004
-+prodtype: fedora,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Configure auditd space_left on Low Disk Space'
  
-@@ -37,7 +37,7 @@ references:
-     srg: SRG-OS-000343-GPOS-00134
+@@ -38,7 +38,7 @@ references:
+     stigid@ol7: OL07-00-030330
      stigid@ol8: OL08-00-030730
      stigid@rhel7: RHEL-07-030330
 -    stigid@rhel8: RHEL-08-030730
@@ -12849,7 +14669,7 @@ index dff73762..5f066b7d 100644
      vmmsrg: SRG-OS-000343-VMM-001240
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12860,7 +14680,7 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12871,7 +14691,7 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
-index f4780b4a..8bc1f3d9 100644
+index 75590e720..0b5a09999 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
 @@ -25,7 +25,7 @@ references:
@@ -12884,7 +14704,7 @@ index f4780b4a..8bc1f3d9 100644
  ocil_clause: local_events isn't set to yes
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12895,7 +14715,7 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
-index b536a68c..ca2bf485 100644
+index 475689e52..96b7c4ce4 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
 @@ -26,7 +26,7 @@ references:
@@ -12907,8 +14727,28 @@ index b536a68c..ca2bf485 100644
  
  ocil_clause: log_format isn't set to ENRICHED
  
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
+index c93322835..b24919d0b 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
+index 67a1203dd..12a94396c 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+ # reboot = true
+ # strategy = restrict
+ # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12919,7 +14759,7 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
-index 8da90cd7..0c143a84 100644
+index 1d32aaf92..02471eb04 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
 @@ -29,7 +29,7 @@ references:
@@ -12932,7 +14772,7 @@ index 8da90cd7..0c143a84 100644
  ocil_clause: name_format isn't set to hostname
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
-index 41fc224a..f92ab0a1 100644
+index 12d8541cb..a3d1c459b 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -12942,7 +14782,7 @@ index 41fc224a..f92ab0a1 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh
-index 84cb1cc1..358aeb69 100644
+index f308bd675..e9789ea24 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -12952,7 +14792,7 @@ index 84cb1cc1..358aeb69 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
-index 887c7885..90204db7 100644
+index a058b881c..1427b39ca 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
 @@ -32,7 +32,7 @@ references:
@@ -12962,10 +14802,10 @@ index 887c7885..90204db7 100644
 -    stigid@rhel8: RHEL-08-030700
 +    stigid@almalinux8: RHEL-08-030700
  
- ocil_clause: 'auditd overflow action is not setup correctly'
+ ocil_clause: 'auditd overflow action is not set correctly'
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
-index c865ad76..f226ae34 100644
+index c865ad76e..f226ae349 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -12976,7 +14816,7 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/var_audispd_remote_server.var b/linux_os/guide/system/auditing/configure_auditd_data_retention/var_audispd_remote_server.var
-index bcafc35b..1579dc90 100644
+index bcafc35b8..1579dc90f 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/var_audispd_remote_server.var
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/var_audispd_remote_server.var
 @@ -3,7 +3,7 @@ documentation_complete: true
@@ -12989,18 +14829,18 @@ index bcafc35b..1579dc90 100644
  {{% else %}}
      The setting for remote_server in /etc/audisp/audisp-remote.conf
 diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
-index 4f5abc19..3a6580b6 100644
+index 9948a25c9..1fbfd5638 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
 +++ b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Enable Auditing for Processes Which Start Prior to the Audit Daemon'
  
-@@ -44,7 +44,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      pcidss: Req-10.3
      srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000254-GPOS-00095
      stigid@ol8: OL08-00-030601
@@ -13009,77 +14849,55 @@ index 4f5abc19..3a6580b6 100644
      stigid@ubuntu2004: UBTU-20-010198
      vmmsrg: SRG-OS-000254-VMM-000880
  
-diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/tests/arg_not_there_rhel8.fail.sh b/linux_os/guide/system/auditing/grub2_audit_argument/tests/arg_not_there_rhel8.fail.sh
-index dfffe3a7..1526a372 100644
---- a/linux_os/guide/system/auditing/grub2_audit_argument/tests/arg_not_there_rhel8.fail.sh
-+++ b/linux_os/guide/system/auditing/grub2_audit_argument/tests/arg_not_there_rhel8.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- # Removes audit argument from kernel command line in /boot/grub2/grubenv
- file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh b/linux_os/guide/system/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh
-index 956c8ac7..006899d7 100644
+index 4a03a2117..365d018a2 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh
 +++ b/linux_os/guide/system/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  # remediation = none
  
  # Removes audit argument from kernel command line in /boot/grub2/grubenv
-diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/tests/correct_grubenv.pass.sh b/linux_os/guide/system/auditing/grub2_audit_argument/tests/correct_grubenv.pass.sh
-index 9823b08d..4522a4c6 100644
---- a/linux_os/guide/system/auditing/grub2_audit_argument/tests/correct_grubenv.pass.sh
-+++ b/linux_os/guide/system/auditing/grub2_audit_argument/tests/correct_grubenv.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) audit=1"
 diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/tests/double_value_rhel8.fail.sh b/linux_os/guide/system/auditing/grub2_audit_argument/tests/double_value_rhel8.fail.sh
-index 556b82c4..fa266b77 100644
+index 065c1d459..75db9892c 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_argument/tests/double_value_rhel8.fail.sh
 +++ b/linux_os/guide/system/auditing/grub2_audit_argument/tests/double_value_rhel8.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  # Break the audit argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/tests/wrong_value_rhel8.fail.sh b/linux_os/guide/system/auditing/grub2_audit_argument/tests/wrong_value_rhel8.fail.sh
-index 59f1ed22..e9cac86b 100644
+index 35034f242..3f1e63b11 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_argument/tests/wrong_value_rhel8.fail.sh
 +++ b/linux_os/guide/system/auditing/grub2_audit_argument/tests/wrong_value_rhel8.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  # Break the audit argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
-index efbc3dae..a24d7031 100644
+index 65132d8ee..02631d75d 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
 +++ b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Extend Audit Backlog Limit for the Audit Daemon'
  
-@@ -34,7 +34,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      ospp: FAU_STG.1,FAU_STG.3
-     srg: SRG-OS-000254-GPOS-00095,SRG-OS-000341-GPOS-00132
+     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000254-GPOS-00095,SRG-OS-000341-GPOS-00132,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215
      stigid@ol8: OL08-00-030602
 -    stigid@rhel8: RHEL-08-030602
 +    stigid@almalinux8: RHEL-08-030602
@@ -13087,45 +14905,45 @@ index efbc3dae..a24d7031 100644
  ocil_clause: 'audit backlog limit is not configured'
  
 diff --git a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
-index 3648f215..1db7652a 100644
+index aaffbf476..f3e10ad43 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
 +++ b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) audit_backlog_limit=8192"
 diff --git a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/wrong_value_rhel8.fail.sh b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/wrong_value_rhel8.fail.sh
-index 921c9db9..d54cf31e 100644
+index f93dc5644..1fa37409f 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/wrong_value_rhel8.fail.sh
 +++ b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/wrong_value_rhel8.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  # Break the audit_backlog_limit argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml b/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml
-index 864e508b..7c9d8a3f 100644
+index e2d2b7fdb..f4952aacd 100644
 --- a/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml
 +++ b/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Install audispd-plugins Package'
  
 diff --git a/linux_os/guide/system/auditing/package_audit_installed/rule.yml b/linux_os/guide/system/auditing/package_audit_installed/rule.yml
-index 795089c8..4f170680 100644
+index 701d4e5b1..c0ac20101 100644
 --- a/linux_os/guide/system/auditing/package_audit_installed/rule.yml
 +++ b/linux_os/guide/system/auditing/package_audit_installed/rule.yml
-@@ -30,7 +30,7 @@ references:
-     ospp: FAU_GEN.1
-     srg: SRG-OS-000122-GPOS-00063,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000359-GPOS-00146,SRG-OS-000365-GPOS-00152,SRG-OS-000474-GPOS-00219,SRG-OS-000475-GPOS-00220,SRG-OS-000480-GPOS-00227,SRG-OS-000062-GPOS-00031
+@@ -34,7 +34,7 @@ references:
+     pcidss: Req-10.2.1
+     srg: SRG-OS-000062-GPOS-00031,SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000475-GPOS-00220
      stigid@ol8: OL08-00-030180
 -    stigid@rhel8: RHEL-08-030180
 +    stigid@almalinux8: RHEL-08-030180
@@ -13133,7 +14951,7 @@ index 795089c8..4f170680 100644
      stigid@sle15: SLES-15-030650
      stigid@ubuntu2004: UBTU-20-010182
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/kubernetes/shared.yml
-index e3314050..603abfb9 100644
+index e33140501..603abfb90 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -13144,29 +14962,41 @@ index e3314050..603abfb9 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml
-index 26c7eea7..19b4493a 100644
+index 992bf062a..4fd40dc3b 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of unsuccessful file accesses'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/tests/rules_from_audit_package.pass.sh
-index 5d19cb09..a554e489 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/30-ospp-v42-3-access-failed.rules /etc/audit/rules.d/
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
+index f29a4afc6..26ac0688c 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml
+index 412c67f15..ec1467404 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
-index 41329308..3f8c50a3 100644
+index 413293083..3f8c50a39 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -13177,29 +15007,41 @@ index 41329308..3f8c50a3 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml
-index 262cf290..e0794c38 100644
+index 8000a1a6d..59fbf2fb5 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of successful file accesses'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_access_success/tests/rules_from_audit_package.pass.sh
-index 411fdc41..5d82a353 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_access_success/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/30-ospp-v42-3-access-success.rules /etc/audit/rules.d/
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
+index 1d08bae3a..3e2300448 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml
+index 372b7c27c..4e2ce77e9 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
-index f6242690..bd3ddd10 100644
+index f62426900..bd3ddd10a 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -13210,29 +15052,19 @@ index f6242690..bd3ddd10 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml
-index 19dc3320..b96d469a 100644
+index 28500f9d4..f7fdb1574 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure basic parameters of Audit system'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/tests/rules_from_audit_package.pass.sh
-index 23e5e84c..018f4056 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/10-base-config.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml
-index 981a0c86..ab7d657c 100644
+index 981a0c861..ab7d657c3 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -13243,51 +15075,53 @@ index 981a0c86..ab7d657c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml
-index d23651be..8762d394 100644
+index 08bff7139..2b27b5b35 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of unsuccessful file creations'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/tests/rules_from_audit_package.pass.sh
-index a4918944..ffa84daf 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/30-ospp-v42-1-create-failed.rules /etc/audit/rules.d/
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
+index c26dc39be..d32b854fd 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml
+index 08c8dc855..e9277f263 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml
-index 60be6eb1..9d1e0063 100644
+index 7532b0bf1..99b6350ae 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of successful file creations'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_success/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_create_success/tests/rules_from_audit_package.pass.sh
-index 83e8dec1..63bb706d 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_create_success/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_success/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/30-ospp-v42-1-create-success.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
-index 023388b6..655883af 100644
+index 023388b66..655883afe 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -13298,29 +15132,41 @@ index 023388b6..655883af 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml
-index 286b0ff8..3c0e01cf 100644
+index 6280008f2..bc2a76836 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of unsuccessful file deletions'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/tests/rules_from_audit_package.pass.sh
-index bf661297..32b34abe 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/30-ospp-v42-4-delete-failed.rules /etc/audit/rules.d/
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
+index 22d3990f0..ed4f8bce8 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml
+index 2fb2c25aa..e182781c4 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
-index 6c42b726..1da7bb5f 100644
+index 6c42b726a..1da7bb5fe 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -13331,29 +15177,41 @@ index 6c42b726..1da7bb5f 100644
  {{% set file_contents = """## Successful file delete
  -a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=1000 -F auid!=unset -F key=successful-delete
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml
-index 2f7c9f05..f7c6b6c1 100644
+index c95d8aabe..3e2cd2818 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of successful file deletions'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/tests/rules_from_audit_package.pass.sh
-index fc77e6b3..b17a5bff 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
+index 0314988d4..25f2c5ae8 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
  
- cp /usr/share/audit/sample-rules/30-ospp-v42-4-delete-success.rules /etc/audit/rules.d/
+ {{% set file_contents = """## Successful file delete
+ -a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=1000 -F auid!=unset -F key=successful-delete
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml
+index 3734328c9..1ff00c4e6 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ 
+ {{% set file_contents = """## Successful file delete
+ -a always,exit -F arch=b64 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=1000 -F auid!=unset -F key=successful-delete""" -%}}
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
-index 4b611673..42e1c3da 100644
+index 4b6116733..42e1c3da2 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -13364,18 +15222,18 @@ index 4b611673..42e1c3da 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
-index 70357c15..4fd0cfe7 100644
+index c5295afeb..25c7c729d 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure immutable Audit login UIDs'
  
-@@ -40,7 +40,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      ospp: FAU_GEN.1.2
      srg: SRG-OS-000462-GPOS-00206,SRG-OS-000475-GPOS-00220,SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029
      stigid@ol8: OL08-00-030122
@@ -13384,18 +15242,8 @@ index 70357c15..4fd0cfe7 100644
  
  ocil_clause: 'the file does not exist or the content differs'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/tests/rules_from_audit_package.pass.sh
-index 2f236b0e..27e58829 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/11-loginuid.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
-index 2d927984..ec647737 100644
+index 2d9279849..ec6477378 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -13406,29 +15254,41 @@ index 2d927984..ec647737 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml
-index 8e8361a6..c0ac95aa 100644
+index 23d3209cc..0fe51e018 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of unsuccessful file modifications'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/tests/rules_from_audit_package.pass.sh
-index 2bae4b7d..ebe19e45 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/30-ospp-v42-2-modify-failed.rules /etc/audit/rules.d/
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
+index dae466002..527bc8489 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml
+index f07ff3607..62de7826c 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
-index c6f79696..7a6e545c 100644
+index c6f796967..7a6e545c4 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -13439,29 +15299,41 @@ index c6f79696..7a6e545c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml
-index ab542a2c..83c9b8df 100644
+index 82ac32264..33b7d1ad6 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of successful file modifications'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/tests/rules_from_audit_package.pass.sh
-index 7a59c265..dccc2bd8 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/30-ospp-v42-2-modify-success.rules /etc/audit/rules.d/
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
+index 212ec4ba5..62e1ee6de 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml
+index 92310b977..e76e314a6 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
-index f8cd8b73..090554c0 100644
+index f8cd8b73d..090554c02 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -13472,29 +15344,30 @@ index f8cd8b73..090554c0 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml
-index 519ffbc8..cb015616 100644
+index c3cb2cd34..0351d8b52 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of loading and unloading of kernel modules'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_module_load/tests/rules_from_audit_package.pass.sh
-index 84826498..86cf7576 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_module_load/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_module_load/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/43-module-load.rules /etc/audit/rules.d/
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
+index 231034a9c..460877cec 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
-index a93771e8..22e9b17b 100644
+index a93771e85..22e9b17b9 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -13505,126 +15378,89 @@ index a93771e8..22e9b17b 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml
-index bdc59faa..ac97fec2 100644
+index 878b95eab..69277846e 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Perform general configuration of Audit for OSPP'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/correct_rules.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/correct_rules.pass.sh
-index c59e7e5e..72a131b6 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/correct_rules.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/correct_rules.pass.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp $SHARED/audit/30-ospp-v42.rules /etc/audit/rules.d/
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/rules_from_audit_package.pass.sh
-index acfdc7d1..1f352b57 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/30-ospp-v42.rules /etc/audit/rules.d/
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
+index 6b943ce05..5b19b70bb 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
+index fa81ece03..7a26684d2 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
++++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ apiVersion: machineconfiguration.openshift.io/v1
+ kind: MachineConfig
+ spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml
-index c1035b0f..9599aa99 100644
+index 9e8afab03..a559a87ca 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of unsuccessful ownership changes'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/tests/rules_from_audit_package.pass.sh
-index 593f3ed8..26afdea1 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/30-ospp-v42-6-owner-change-failed.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml
-index 85998273..0cebc1fa 100644
+index 7ba36791c..55070353f 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of successful ownership changes'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/tests/rules_from_audit_package.pass.sh
-index e7f61fd6..31fabb01 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/30-ospp-v42-6-owner-change-success.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml
-index ba60b921..bc3a6b83 100644
+index 414cfba0b..d928aabc3 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of unsuccessful permission changes'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/tests/rules_from_audit_package.pass.sh
-index ee58a47c..271e05fa 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/30-ospp-v42-5-perm-change-failed.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml
-index 10790eb5..a78af617 100644
+index c01c37bd0..c6c411bd8 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhcos4,rhel8,rhel9
-+prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Configure auditing of successful permission changes'
  
-diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/tests/rules_from_audit_package.pass.sh
-index bf26da4b..5c633722 100644
---- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/tests/rules_from_audit_package.pass.sh
-+++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/tests/rules_from_audit_package.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- cp /usr/share/audit/sample-rules/30-ospp-v42-5-perm-change-success.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml
-index d460ded7..5f1f0142 100644
+index 1cc1f231f..e545d01bb 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml
 @@ -1,6 +1,6 @@
@@ -13636,21 +15472,21 @@ index d460ded7..5f1f0142 100644
  title: 'Configure audit according to OSPP requirements'
  
 diff --git a/linux_os/guide/system/auditing/service_auditd_enabled/kubernetes/shared.yml b/linux_os/guide/system/auditing/service_auditd_enabled/kubernetes/shared.yml
-index 0d05bd46..ea629355 100644
+index 89d6152dc..7afbf02b7 100644
 --- a/linux_os/guide/system/auditing/service_auditd_enabled/kubernetes/shared.yml
 +++ b/linux_os/guide/system/auditing/service_auditd_enabled/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
  ---
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml b/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml
-index 99edca3e..20e4e867 100644
+index 774887887..261342b03 100644
 --- a/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml
 +++ b/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml
-@@ -56,7 +56,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-030000
      stigid@ol8: OL08-00-030181
      stigid@rhel7: RHEL-07-030000
@@ -13660,7 +15496,7 @@ index 99edca3e..20e4e867 100644
      stigid@sle15: SLES-15-030050
      vmmsrg: SRG-OS-000037-VMM-000150,SRG-OS-000063-VMM-000310,SRG-OS-000038-VMM-000160,SRG-OS-000039-VMM-000170,SRG-OS-000040-VMM-000180,SRG-OS-000041-VMM-000190
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml
-index d6bfc02f..98c11ac6 100644
+index d6bfc02f3..98c11ac6f 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml
 @@ -1,6 +1,6 @@
@@ -13672,90 +15508,49 @@ index d6bfc02f..98c11ac6 100644
  title: 'Configure kernel to trust the CPU random number generator'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
-index 091ac6fa..dbef772c 100644
+index 50abc5732..306ca07b1 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # Based on shared/templates/grub2_bootloader_argument/tests/arg_not_there.fail.sh
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  # Removes audit argument from kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
-diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_etcdefaultgrub.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_etcdefaultgrub.fail.sh
-index b7e25f38..a6a2fe32 100644
---- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_etcdefaultgrub.fail.sh
-+++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_etcdefaultgrub.fail.sh
-@@ -4,7 +4,7 @@ if grep -q CONFIG_RANDOM_TRUST_CPU /boot/config-`uname -r`; then
-     sed -Ei 's/(.*)CONFIG_RANDOM_TRUST_CPU=.(.*)/\1CONFIG_RANDOM_TRUST_CPU=N\2/' /boot/config-`uname -r`
- fi
- 
--{{% if product == "rhel8" %}}
-+{{% if product == "rhel8" or product == "almalinux8" %}}
- file="/boot/grub2/grubenv"
- if grep -q '^.*random.trust_cpu=.*'  "$file" ; then
- 	sed -i 's/\(^.*\)random.trust_cpu=[^[:space:]]*\(.*\)/\1 \2/'  "$file"
-diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/boot_parameter.pass.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/boot_parameter.pass.sh
-index 4ee60679..b2c0535a 100644
---- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/boot_parameter.pass.sh
-+++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/boot_parameter.pass.sh
-@@ -5,7 +5,7 @@ if grep -q CONFIG_RANDOM_TRUST_CPU /boot/config-`uname -r`; then
-     sed -Ei 's/(.*)CONFIG_RANDOM_TRUST_CPU=.(.*)/\1CONFIG_RANDOM_TRUST_CPU=N\2/' /boot/config-`uname -r`
- fi
- 
--{{% if product == "rhel8" %}}
-+{{% if product == "rhel8" or product == "almalinux8" %}}
- grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) random.trust_cpu=on"
- {{% else %}}
- grubby --update-kernel=ALL --args="random.trust_cpu=on"
-diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_but_overridden.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_but_overridden.fail.sh
-index 13a89d0f..8d0b0acc 100644
---- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_but_overridden.fail.sh
-+++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_but_overridden.fail.sh
-@@ -1,7 +1,7 @@
+diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_grubenv.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_grubenv.fail.sh
+index 5a204756e..98a5d0256 100644
+--- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_grubenv.fail.sh
++++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_grubenv.fail.sh
+@@ -1,5 +1,5 @@
  #!/bin/bash
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # Based on shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh
  
- # make sure that the option is overridden through boot parameter
--{{% if product == "rhel8" %}}
-+{{% if product == "rhel8" or product == "almalinux8" %}}
- grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) random.trust_cpu=off"
- {{% else %}}
- grubby --update-kernel=ALL --args="random.trust_cpu=off"
-diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_uppercase.pass.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_uppercase.pass.sh
-index b28cd6e3..608ee59d 100644
---- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_uppercase.pass.sh
-+++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_uppercase.pass.sh
-@@ -1,7 +1,7 @@
- #!/bin/bash
- 
- # make sure that the option is not configured through boot parameter
--{{% if product == "rhel8" %}}
-+{{% if product == "rhel8" or product == "almalinux8" %}}
- file="/boot/grub2/grubenv"
- if grep -q '^.*random.trust_cpu=.*'  "$file" ; then
- 	sed -i 's/\(^.*\)random.trust_cpu=[^[:space:]]*\(.*\)/\1 \2/'  "$file"
+ # Fake the kernel compile config, this is necessary when the distro's kernel is already compiled
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value.fail.sh
-index b3d9ab27..ef22e767 100644
+index c4213caf8..c422634f2 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value.fail.sh
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # Based on shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  # Break the argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
-index 52a308e3..8097b24c 100644
+index c455abcfd..4e082df3e 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Enable Kernel Page-Table Isolation (KPTI)'
  
@@ -13768,48 +15563,15 @@ index 52a308e3..8097b24c 100644
  
  ocil_clause: 'Kernel page-table isolation is not enabled'
  
-diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/arg_not_there.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/arg_not_there.fail.sh
-index f9b42970..2f0e238f 100644
---- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/arg_not_there.fail.sh
-+++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/arg_not_there.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- # Removes pti argument from kernel command line in /boot/grub2/grubenv
- file="/boot/grub2/grubenv"
-diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/correct.pass.sh b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/correct.pass.sh
-index dfebbbf7..25a0020c 100644
---- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/correct.pass.sh
-+++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/correct.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) pti=on"
-diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/wrong_value.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/wrong_value.fail.sh
-index b4dd962b..c4092a2d 100644
---- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/wrong_value.fail.sh
-+++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/wrong_value.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- # Break the pti argument in kernel command line in /boot/grub2/grubenv
- file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
-index 93eb31da..897d39fa 100644
+index 9a0f0d212..4fc19b1de 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Disable vsyscalls'
  
@@ -13823,50 +15585,86 @@ index 93eb31da..897d39fa 100644
  ocil_clause: 'vsyscalls are enabled'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
-index a40f068c..08a9ba85 100644
+index 2ee32d03d..391352701 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Verify {{{ grub2_boot_path }}}/grub.cfg Group Ownership'
  
+diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml
+index 6a9cb33f7..d32c228b7 100644
+--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml
++++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
+ 
+ title: 'Verify {{{ grub2_boot_path }}}/user.cfg Group Ownership'
+ 
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
-index 5457cebe..a6012704 100644
+index 5bf4ae355..12bd1974a 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Verify {{{ grub2_boot_path }}}/grub.cfg User Ownership'
  
+diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml
+index ca2bc1ec8..bcb9897d9 100644
+--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml
++++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
+ 
+ title: 'Verify {{{ grub2_boot_path }}}/user.cfg User Ownership'
+ 
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
-index 58c73139..e6a8a658 100644
+index 491718273..d6172921f 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Verify {{{ grub2_boot_path }}}/grub.cfg Permissions'
  
+diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml
+index 7a23d0885..93a3cf5e7 100644
+--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml
++++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+ 
+ title: 'Verify {{{ grub2_boot_path }}}/user.cfg Permissions'
+ 
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
-index 85e953f9..2a845e73 100644
+index 4def1608b..0cc75f0b8 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Set the Boot Loader Admin Username to a Non-Default Value'
  
@@ -13877,33 +15675,46 @@ index 85e953f9..2a845e73 100644
 -    stigid@rhel8: RHEL-08-010149
 +    stigid@almalinux8: RHEL-08-010149
  
- ocil_clause: 'it does not'
+ ocil_clause: 'superuser account is not set or is set to root, admin, administrator or any other existing user name'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_no_removeable_media/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_no_removeable_media/rule.yml
-index c2b738aa..4bbff3f3 100644
+index fe06e5afc..1eb0615a4 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_no_removeable_media/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_no_removeable_media/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019
+-prodtype: ol7,ol8,rhel7,rhel8,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
  
  title: 'Boot Loader Is Not Installed On Removeable Media'
  
+diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/oval/shared.xml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/oval/shared.xml
+index 5260666c2..210a1dbaf 100644
+--- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/oval/shared.xml
++++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/oval/shared.xml
+@@ -3,7 +3,7 @@
+     {{{ oval_metadata("The grub2 boot loader should have password protection enabled.") }}}
+ 
+     
+-      {{% if product in ["ol7","ol8", "rhel8"] %}}
++      {{% if product in ["ol7","ol8", "rhel8", "almalinux8"] %}}
+       
+       {{% else %}}
+       
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
-index ad515a65..2fd91d45 100644
+index 9acb58b33..62454ce21 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Set Boot Loader Password in grub2'
  
-@@ -72,7 +72,7 @@ references:
+@@ -71,7 +71,7 @@ references:
      stigid@ol7: OL07-00-010482
      stigid@ol8: OL08-00-010150
      stigid@rhel7: RHEL-07-010482
@@ -13913,185 +15724,86 @@ index ad515a65..2fd91d45 100644
      stigid@sle15: SLES-15-010190
      stigid@ubuntu2004: UBTU-20-010009
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml
-index f44e85a0..96feebbd 100644
+index 9ff70429d..bd6c5be94 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml
-@@ -1,20 +1,20 @@
+@@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Verify the UEFI Boot Loader grub.cfg Group Ownership'
  
- description: |-
- {{%- if product == "fedora" %}}
--    The file /boot/efi/EFI/fedora/grub.cfg should
-+    The file /boot/efi/EFI/almalinux/grub.cfg should
-     be group-owned by the root group to prevent
-     destruction or modification of the file.
--    {{{ describe_file_group_owner(file="/boot/efi/EFI/fedora/grub.cfg", group="root") }}}
-+    {{{ describe_file_group_owner(file="/boot/efi/EFI/almalinux/grub.cfg", group="root") }}}
- {{% else %}}
--    The file /boot/efi/EFI/redhat/grub.cfg should
-+    The file /boot/efi/EFI/almalinux/grub.cfg should
-     be group-owned by the root group to prevent
-     destruction or modification of the file.
--    {{{ describe_file_group_owner(file="/boot/efi/EFI/redhat/grub.cfg", group="root") }}}
-+    {{{ describe_file_group_owner(file="/boot/efi/EFI/almalinux/grub.cfg", group="root") }}}
- {{%- endif %}}
- 
- rationale: |-
-@@ -44,16 +44,16 @@ references:
- 
- ocil_clause: |-
- {{%- if product == "fedora" %}}
--    {{{ ocil_clause_file_group_owner(file="/boot/efi/EFI/fedora/grub.cfg", group="root") }}}
-+    {{{ ocil_clause_file_group_owner(file="/boot/efi/EFI/almalinux/grub.cfg", group="root") }}}
- {{% else %}}
--    {{{ ocil_clause_file_group_owner(file="/boot/efi/EFI/redhat/grub.cfg", group="root") }}}
-+    {{{ ocil_clause_file_group_owner(file="/boot/efi/EFI/almalinux/grub.cfg", group="root") }}}
- {{%- endif %}}
- 
- ocil: |-
- {{%- if product == "fedora" %}}
--    {{{ ocil_file_group_owner(file="/boot/efi/EFI/fedora/grub.cfg", group="root") }}}
-+    {{{ ocil_file_group_owner(file="/boot/efi/EFI/almalinux/grub.cfg", group="root") }}}
- {{% else %}}
--    {{{ ocil_file_group_owner(file="/boot/efi/EFI/redhat/grub.cfg", group="root") }}}
-+    {{{ ocil_file_group_owner(file="/boot/efi/EFI/almalinux/grub.cfg", group="root") }}}
- {{%- endif %}}
- 
- platform: machine
-@@ -61,6 +61,6 @@ platform: machine
- template:
-     name: file_groupowner
-     vars:
--        filepath: /boot/efi/EFI/redhat/grub.cfg
--        filepath@fedora: /boot/efi/EFI/fedora/grub.cfg
-+        filepath: /boot/efi/EFI/almalinux/grub.cfg
-+        filepath@fedora: /boot/efi/EFI/almalinux/grub.cfg
-         filegid: '0'
-diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
-index a9468d00..b4ee87fe 100644
---- a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
-+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
-@@ -1,20 +1,20 @@
+diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_user_cfg/rule.yml
+index 32ccd5de1..31efa6830 100644
+--- a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_user_cfg/rule.yml
++++ b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_user_cfg/rule.yml
+@@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
+-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
+ 
+ title: 'Verify {{{ grub2_uefi_boot_path }}}/user.cfg Group Ownership'
+ 
+diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
+index 2e51fbb41..60dd27444 100644
+--- a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
++++ b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Verify the UEFI Boot Loader grub.cfg User Ownership'
  
- description: |-
- {{%- if product == "fedora" %}}
--    The file /boot/efi/EFI/fedora/grub.cfg should
-+    The file /boot/efi/EFI/almalinux/grub.cfg should
-     be owned by the root user to prevent destruction
-     or modification of the file.
--    {{{ describe_file_owner(file="/boot/efi/EFI/fedora/grub.cfg", owner="root") }}}
-+    {{{ describe_file_owner(file="/boot/efi/EFI/almalinux/grub.cfg", owner="root") }}}
- {{% else %}}
--    The file /boot/efi/EFI/redhat/grub.cfg should
-+    The file /boot/efi/EFI/almalinux/grub.cfg should
-     be owned by the root user to prevent destruction
-     or modification of the file.
--    {{{ describe_file_owner(file="/boot/efi/EFI/redhat/grub.cfg", owner="root") }}}
-+    {{{ describe_file_owner(file="/boot/efi/EFI/almalinux/grub.cfg", owner="root") }}}
- {{%- endif %}}
+diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml
+index 104fa81e8..d68cbb603 100644
+--- a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml
++++ b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
  
- rationale: 'Only root should be able to modify important boot parameters.'
-@@ -42,16 +42,16 @@ references:
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
- ocil_clause: |-
- {{%- if product == "fedora" %}}
--    {{{ ocil_clause_file_owner(file="/boot/efi/EFI/fedora/grub.cfg", owner="root") }}}
-+    {{{ ocil_clause_file_owner(file="/boot/efi/EFI/almalinux/grub.cfg", owner="root") }}}
- {{% else %}}
--    {{{ ocil_clause_file_owner(file="/boot/efi/EFI/redhat/grub.cfg", owner="root") }}}
-+    {{{ ocil_clause_file_owner(file="/boot/efi/EFI/almalinux/grub.cfg", owner="root") }}}
- {{%- endif %}}
+ title: 'Verify {{{ grub2_uefi_boot_path }}}/user.cfg User Ownership'
  
- ocil: |-
- {{%- if product == "fedora" %}}
--    {{{ ocil_file_owner(file="/boot/efi/EFI/fedora/grub.cfg", owner="root") }}}
-+    {{{ ocil_file_owner(file="/boot/efi/EFI/almalinux/grub.cfg", owner="root") }}}
- {{% else %}}
--    {{{ ocil_file_owner(file="/boot/efi/EFI/redhat/grub.cfg", owner="root") }}}
-+    {{{ ocil_file_owner(file="/boot/efi/EFI/almalinux/grub.cfg", owner="root") }}}
- {{%- endif %}}
- 
- platform: machine
-@@ -59,6 +59,6 @@ platform: machine
- template:
-     name: file_owner
-     vars:
--        filepath: /boot/efi/EFI/redhat/grub.cfg
--        filepath@fedora: /boot/efi/EFI/fedora/grub.cfg
-+        filepath: /boot/efi/EFI/almalinux/grub.cfg
-+        filepath@fedora: /boot/efi/EFI/almalinux/grub.cfg
-         fileuid: '0'
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
-index d9c0be8c..97c0ff73 100644
+index 3a23fbac6..db366caed 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
-@@ -1,16 +1,16 @@
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+ 
+ 
+ title: 'Verify the UEFI Boot Loader grub.cfg Permissions'
+diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_user_cfg/rule.yml
+index 9fe66afd0..ba684baca 100644
+--- a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_user_cfg/rule.yml
++++ b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_user_cfg/rule.yml
+@@ -1,6 +1,6 @@
  documentation_complete: true
  
 -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Verify the UEFI Boot Loader grub.cfg Permissions'
  
- description: |-
- {{%- if product == "fedora" %}}
--    File permissions for /boot/efi/EFI/fedora/grub.cfg should be set to 700.
--    {{{ describe_file_permissions(file="/boot/efi/EFI/fedora/grub.cfg", perms="700") }}}
-+    File permissions for /boot/efi/EFI/almalinux/grub.cfg should be set to 700.
-+    {{{ describe_file_permissions(file="/boot/efi/EFI/almalinux/grub.cfg", perms="700") }}}
- {{% else %}}
--    File permissions for /boot/efi/EFI/redhat/grub.cfg should be set to 700.
--    {{{ describe_file_permissions(file="/boot/efi/EFI/redhat/grub.cfg", perms="700") }}}
-+    File permissions for /boot/efi/EFI/almalinux/grub.cfg should be set to 700.
-+    {{{ describe_file_permissions(file="/boot/efi/EFI/almalinux/grub.cfg", perms="700") }}}
- {{%- endif %}}
- 
- rationale: |-
-@@ -41,11 +41,11 @@ ocil_clause: 'it does not'
- 
- ocil: |-
- {{%- if product == "fedora" %}}
--    To check the permissions of /boot/efi/EFI/fedora/grub.cfg, run the command:
--    
$ sudo ls -lL /boot/efi/EFI/fedora/grub.cfg

-+    To check the permissions of /boot/efi/EFI/almalinux/grub.cfg, run the command:
-+    
$ sudo ls -lL /boot/efi/EFI/almalinux/grub.cfg

- {{% else %}}
--    To check the permissions of /boot/efi/EFI/redhat/grub.cfg, run the command:
--    
$ sudo ls -lL /boot/efi/EFI/redhat/grub.cfg

-+    To check the permissions of /boot/efi/EFI/almalinux/grub.cfg, run the command:
-+    
$ sudo ls -lL /boot/efi/EFI/almalinux/grub.cfg

- {{%- endif %}}
-     If properly configured, the output should indicate the following
-     permissions: -rwx------
-@@ -55,6 +55,6 @@ platform: machine
- template:
-     name: file_permissions
-     vars:
--        filepath: /boot/efi/EFI/redhat/grub.cfg
--        filepath@fedora: /boot/efi/EFI/fedora/grub.cfg
-+        filepath: /boot/efi/EFI/almalinux/grub.cfg
-+        filepath@fedora: /boot/efi/EFI/almalinux/grub.cfg
-         filemode: '0700'
+ title: 'Verify {{{ grub2_uefi_boot_path }}}/user.cfg Permissions'
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
-index 56e93d41..d4197f17 100644
+index a277f209f..2ee2ac744 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Set the UEFI Boot Loader Admin Username to a Non-Default Value'
  
@@ -14102,43 +15814,21 @@ index 56e93d41..d4197f17 100644
 -    stigid@rhel8: RHEL-08-010141
 +    stigid@almalinux8: RHEL-08-010141
  
- ocil_clause: 'it does not'
+ ocil_clause: 'superuser account is not set or is set to an existing name or to a common name'
  
-diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/oval/shared.xml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/oval/shared.xml
-index 8fc73653..5850545c 100644
---- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/oval/shared.xml
-+++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/oval/shared.xml
-@@ -25,7 +25,7 @@
-     1
-   
- 
--  
-+  
-     
-   
-   
-@@ -34,7 +34,7 @@
-     1
-   
- 
--  
-+  
-     
-   
-   
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
-index 4579b1ff..33407d60 100644
+index 47c92fd24..b717f4128 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Set the UEFI Boot Loader Password'
  
-@@ -72,7 +72,7 @@ references:
+@@ -71,7 +71,7 @@ references:
      stigid@ol7: OL07-00-010491
      stigid@ol8: OL08-00-010140
      stigid@rhel7: RHEL-07-010491
@@ -14148,7 +15838,7 @@ index 4579b1ff..33407d60 100644
      stigid@sle15: SLES-15-010200
      stigid@ubuntu2004: UBTU-20-010009
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml
-index 051dd5b5..f7b08d5b 100644
+index cb1aa0fef..cbfe1986a 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml
 @@ -1,6 +1,6 @@
@@ -14159,29 +15849,20 @@ index 051dd5b5..f7b08d5b 100644
  
  title: 'UEFI Boot Loader Is Not Installed On Removeable Media'
  
-@@ -31,7 +31,7 @@ ocil_clause: 'it is not'
- ocil: |-
-     To verify the system is not configured to use a boot loader on removable media,
-     run the following command:
--    
$ sudo grep "set root='hd0" /boot/efi/EFI/redhat/grub.cfg

-+    
$ sudo grep "set root='hd0" /boot/efi/EFI/almalinux/grub.cfg

-     The output should return something similar to:
-     
set root='hd0,msdos1'

-     usb0, cd, fd0, etc. are some examples of removeable
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml
-index 483e0cf9..6b3f90d7 100644
+index 708e29a69..d057e14cf 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhcos4,rhel8,rhel9,ubuntu2004
-+prodtype: rhcos4,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: rhcos4,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: rhcos4,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Enable Auditing to Start Prior to the Audit Daemon in zIPL'
  
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/correct_option.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/correct_option.pass.sh
-index 7a828837..d13ae7f5 100644
+index 7a828837f..d13ae7f52 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/correct_option.pass.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/correct_option.pass.sh
 @@ -1,5 +1,5 @@
@@ -14192,7 +15873,7 @@ index 7a828837..d13ae7f5 100644
  # Make sure boot loader entries contain audit=1
  for file in /boot/loader/entries/*.conf
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_cmdline.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_cmdline.fail.sh
-index 3af83d30..28a0af73 100644
+index 3af83d30d..28a0af739 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_cmdline.fail.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_cmdline.fail.sh
 @@ -1,5 +1,5 @@
@@ -14203,7 +15884,7 @@ index 3af83d30..28a0af73 100644
  # Make sure boot loader entries contain audit=1
  for file in /boot/loader/entries/*.conf
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_entry.fail.sh
-index 5650cc0a..1ee37320 100644
+index 5650cc0a7..1ee373205 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_entry.fail.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/tests/missing_in_entry.fail.sh
 @@ -1,5 +1,5 @@
@@ -14214,19 +15895,19 @@ index 5650cc0a..1ee37320 100644
  # Remove audit=1 from all boot entries
  sed -Ei 's/(^options.*\s)audit=1(.*?)$/\1\2/' /boot/loader/entries/*
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml
-index 7396b916..7ee2f6fb 100644
+index 98f7ec507..2b638d7e9 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhcos4,rhel8,rhel9,ubuntu2004
-+prodtype: rhcos4,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: rhcos4,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: rhcos4,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Extend Audit Backlog Limit for the Audit Daemon in zIPL'
  
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml
-index 56b634d4..3ad83680 100644
+index 56b634d4b..3ad83680a 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml
 @@ -1,6 +1,6 @@
@@ -14238,7 +15919,7 @@ index 56b634d4..3ad83680 100644
  title: 'Ensure all zIPL boot entries are BLS compliant'
  
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/image_configured.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/image_configured.fail.sh
-index e3adb996..13e5314b 100644
+index e3adb9963..13e5314b1 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/image_configured.fail.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/image_configured.fail.sh
 @@ -1,5 +1,5 @@
@@ -14249,7 +15930,7 @@ index e3adb996..13e5314b 100644
  
  # Make sure no image configured in zipl config file
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/no_image.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/no_image.pass.sh
-index 47626442..2a88d2ab 100644
+index 47626442f..2a88d2abb 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/no_image.pass.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/no_image.pass.sh
 @@ -1,5 +1,5 @@
@@ -14260,7 +15941,7 @@ index 47626442..2a88d2ab 100644
  
  # Make sure no image configured in zipl config file
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/ansible/shared.yml b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/ansible/shared.yml
-index 7f2be356..80f8b55f 100644
+index 7f2be3564..80f8b55f3 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/ansible/shared.yml
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -14270,7 +15951,7 @@ index 7f2be356..80f8b55f 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml
-index 6c7e3396..b23d9d8c 100644
+index 6c7e33965..b23d9d8cd 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml
 @@ -1,6 +1,6 @@
@@ -14282,7 +15963,7 @@ index 6c7e3396..b23d9d8c 100644
  title: 'Ensure zIPL bootmap is up to date'
  
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh
-index 728c6b7b..b06f989e 100644
+index 728c6b7bd..b06f989e6 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh
 @@ -1,5 +1,5 @@
@@ -14293,7 +15974,7 @@ index 728c6b7b..b06f989e 100644
  
  touch /etc/zipl.conf
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_zipl_conf.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_zipl_conf.fail.sh
-index 1ae4d631..0f115566 100644
+index 1ae4d631e..0f1155665 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_zipl_conf.fail.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_zipl_conf.fail.sh
 @@ -1,5 +1,5 @@
@@ -14304,7 +15985,7 @@ index 1ae4d631..0f115566 100644
  
  touch /boot/loader/entries/*.conf # Update current existing entries
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/up_to_date.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/up_to_date.pass.sh
-index 7981ba8c..8bfdce20 100644
+index 7981ba8c5..8bfdce20e 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/up_to_date.pass.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/up_to_date.pass.sh
 @@ -1,5 +1,5 @@
@@ -14315,7 +15996,7 @@ index 7981ba8c..8bfdce20 100644
  
  touch /etc/zipl.conf
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml
-index a763429f..a0e5a7ba 100644
+index a763429f1..a0e5a7baa 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml
 @@ -1,6 +1,6 @@
@@ -14327,7 +16008,7 @@ index a763429f..a0e5a7ba 100644
  title: 'Ensure SELinux Not Disabled in zIPL'
  
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
-index 50cf1b78..33cd2971 100644
+index 50cf1b78f..33cd2971b 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
 @@ -1,5 +1,5 @@
@@ -14338,7 +16019,7 @@ index 50cf1b78..33cd2971 100644
  # Make sure boot loader entries contain init_on_alloc=1
  for file in /boot/loader/entries/*.conf
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
-index 7c0d9154..f8fd73ed 100644
+index 7c0d91547..f8fd73edb 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
 @@ -1,5 +1,5 @@
@@ -14349,7 +16030,7 @@ index 7c0d9154..f8fd73ed 100644
  # Make sure boot loader entries contain init_on_alloc=1
  for file in /boot/loader/entries/*.conf
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
-index 9d330c91..62547cbb 100644
+index 9d330c919..62547cbb3 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
 @@ -1,5 +1,5 @@
@@ -14360,7 +16041,7 @@ index 9d330c91..62547cbb 100644
  # Remove init_on_alloc=1 from all boot entries
  sed -Ei 's/(^options.*\s)init_on_alloc=1(.*?)$/\1\2/' /boot/loader/entries/*
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml
-index 0cd61ae2..0d87202c 100644
+index 0cd61ae2f..0d87202c2 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml
 @@ -1,6 +1,6 @@
@@ -14372,7 +16053,7 @@ index 0cd61ae2..0d87202c 100644
  title: 'Enable page allocator poisoning in zIPL'
  
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml
-index df0f6c3e..0f1501c9 100644
+index df0f6c3ee..0f1501c91 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml
 @@ -1,6 +1,6 @@
@@ -14383,8 +16064,84 @@ index df0f6c3e..0f1501c9 100644
  
  title: 'Enable SLUB/SLAB allocator poisoning in zIPL'
  
+diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
+index 5585e0eaf..bd860eb70 100644
+--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
++++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # reboot = true
+ # strategy = configure
+ # complexity = medium
+diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh
+index 0d90d58db..dfc1a2407 100644
+--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh
++++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ # Correct BLS option using grubby, which is a thin wrapper around BLS operations
+ grubby --update-kernel=ALL --remove-args="systemd.debug-shell"
+diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/rule.yml
+index 3a442c4eb..cf24d500e 100644
+--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/rule.yml
++++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhcos4,rhel8,rhel9
++prodtype: rhcos4,rhel8,almalinux8,rhel9
+ 
+ title: 'Ensure debug-shell service is not enabled in zIPL'
+ 
+diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/argument_missing.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/argument_missing.pass.sh
+index 4649db979..fb4ec1b8a 100644
+--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/argument_missing.pass.sh
++++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/argument_missing.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+ 
+ # Make sure boot loader entries don't contain systemd.debug-shell
+ sed -Ei 's/(^options.*)\s\bsystemd.debug-shell\b\S*(.*?)$/\1\2/' /boot/loader/entries/*
+diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_cmdline.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_cmdline.fail.sh
+index faac856fb..36382a844 100644
+--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_cmdline.fail.sh
++++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_cmdline.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+ 
+ # Make sure boot loader entries doesn't contain systemd.debug-shell
+ sed -Ei 's/(^options.*)\s\bsystemd.debug-shell\b\S*(.*?)$/\1\2/' /boot/loader/entries/*
+diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_entry.fail.sh
+index fe07a37d0..52a2e9e14 100644
+--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_entry.fail.sh
++++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/configured_in_entry.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+ 
+ # Remove systemd.debug-shell from all boot entries
+ sed -Ei 's/(^options.*)\s\bsystemd.debug-shell\b\S*(.*?)$/\1\2/' /boot/loader/entries/*
+diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/multiple_configured_in_cmdline.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/multiple_configured_in_cmdline.fail.sh
+index 0c2febb03..556ea474a 100644
+--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/multiple_configured_in_cmdline.fail.sh
++++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/tests/multiple_configured_in_cmdline.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+ 
+ # Make sure boot loader entries doesn't contain systemd.debug-shell
+ sed -Ei 's/(^options.*)\s\bsystemd.debug-shell\b\S*(.*?)$/\1\2/' /boot/loader/entries/*
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml
-index 9d645c88..9ef0b3fe 100644
+index 9d645c887..9ef0b3feb 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml
 @@ -1,6 +1,6 @@
@@ -14395,8 +16152,272 @@ index 9d645c88..9ef0b3fe 100644
  
  title: 'Disable vsyscalls in zIPL'
  
+diff --git a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_latent_entropy/rule.yml b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_latent_entropy/rule.yml
+index 0eec9c5b7..fc9b014b0 100644
+--- a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_latent_entropy/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_latent_entropy/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Generate some entropy during boot and runtime'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak/rule.yml b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak/rule.yml
+index 49a147518..a3f2d4cab 100644
+--- a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Force initialization of variables containing userspace addresses'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_arm64_sw_ttbr0_pan/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_arm64_sw_ttbr0_pan/rule.yml
+index 58e688458..c80f384e8 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_arm64_sw_ttbr0_pan/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_arm64_sw_ttbr0_pan/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Emulate Privileged Access Never (PAN)'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_bug_on_data_corruption/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_bug_on_data_corruption/rule.yml
+index 33e0ef488..68761ac11 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_bug_on_data_corruption/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_bug_on_data_corruption/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Trigger a kernel BUG when data corruption is detected'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_debug_wx/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_debug_wx/rule.yml
+index 96344b8b7..a51914177 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_debug_wx/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_debug_wx/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Warn on W+X mappings found at boot'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_fortify_source/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_fortify_source/rule.yml
+index d9ba9ef4d..89e1d047f 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_fortify_source/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_fortify_source/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Harden common str/mem functions against buffer overflows'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy/rule.yml
+index 41bc3b9b7..525bcab0e 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel7,rhel8,rhel9
++prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
+ 
+ title: 'Harden memory copies between kernel and userspace'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy_fallback/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy_fallback/rule.yml
+index f0437d60f..1cc90682b 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy_fallback/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy_fallback/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Do not allow usercopy whitelist violations to fallback to object size'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_emulate/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_emulate/rule.yml
+index af38cc1c0..be425b634 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_emulate/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_emulate/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Disable vsyscall emulation'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_none/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_none/rule.yml
+index fa2b3b6dc..26b18817c 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_none/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_none/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Disable vsyscall mapping'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_modify_ldt_syscall/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_modify_ldt_syscall/rule.yml
+index ab30078a6..ccfa740a1 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_modify_ldt_syscall/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_modify_ldt_syscall/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Disable the LDT (local descriptor table)'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml
+index 016c1e2cf..0b58b5b3e 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Enable poison of pages after freeing'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_refcount_full/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_refcount_full/rule.yml
+index 8868e1738..145a15f84 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_refcount_full/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_refcount_full/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel7,rhel8,rhel9
++prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
+ 
+ title: 'Perform full reference count validation'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_sched_stack_end_check/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_sched_stack_end_check/rule.yml
+index 6a891f41a..3b0dcd26c 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_sched_stack_end_check/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_sched_stack_end_check/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Detect stack corruption on calls to schedule()'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_hardened/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_hardened/rule.yml
+index 53c970470..c05bb000c 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_hardened/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_hardened/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Harden slab freelist metadata'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_random/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_random/rule.yml
+index 6813ea28f..604e7d423 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_random/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_random/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Randomize slab freelist'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_slab_merge_default/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_slab_merge_default/rule.yml
+index 7518f1d0c..efc9beb81 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_slab_merge_default/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_slab_merge_default/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Disallow merge of slab caches'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector/rule.yml
+index 50ef83cc8..94ec19498 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Stack Protector buffer overlow detection'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector_strong/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector_strong/rule.yml
+index b9c47058a..eee2e838b 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector_strong/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector_strong/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Strong Stack Protector'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_strict_kernel_rwx/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_strict_kernel_rwx/rule.yml
+index 1ff97ebfc..e7c37503b 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_strict_kernel_rwx/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_strict_kernel_rwx/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Make the kernel text and rodata read-only'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_strict_module_rwx/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_strict_module_rwx/rule.yml
+index 6a6fdb043..6762a33c6 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_strict_module_rwx/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_strict_module_rwx/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Make the module text and rodata read-only'
+ 
+diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_vmap_stack/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_vmap_stack/rule.yml
+index a406bbe45..32a1c836e 100644
+--- a/linux_os/guide/system/kernel_build_config/kernel_config_vmap_stack/rule.yml
++++ b/linux_os/guide/system/kernel_build_config/kernel_config_vmap_stack/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'User a virtually-mapped stack'
+ 
 diff --git a/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_hostlimit/rule.yml b/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_hostlimit/rule.yml
-index 555d53cb..9c53ce53 100644
+index 555d53cbc..9c53ce537 100644
 --- a/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_hostlimit/rule.yml
 +++ b/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_hostlimit/rule.yml
 @@ -1,6 +1,6 @@
@@ -14408,7 +16429,7 @@ index 555d53cb..9c53ce53 100644
  title: 'Configure Logwatch HostLimit Line'
  
 diff --git a/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_splithosts/rule.yml b/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_splithosts/rule.yml
-index 405034e9..c1cab9d3 100644
+index 405034e95..c1cab9d33 100644
 --- a/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_splithosts/rule.yml
 +++ b/linux_os/guide/system/logging/configure_logwatch_on_logserver/logwatch_configured_splithosts/rule.yml
 @@ -1,6 +1,6 @@
@@ -14420,7 +16441,7 @@ index 405034e9..c1cab9d3 100644
  title: 'Configure Logwatch SplitHosts Line'
  
 diff --git a/linux_os/guide/system/logging/disable_logwatch_for_logserver/rule.yml b/linux_os/guide/system/logging/disable_logwatch_for_logserver/rule.yml
-index 245b9fa8..60ad4244 100644
+index 245b9fa89..60ad42446 100644
 --- a/linux_os/guide/system/logging/disable_logwatch_for_logserver/rule.yml
 +++ b/linux_os/guide/system/logging/disable_logwatch_for_logserver/rule.yml
 @@ -1,6 +1,6 @@
@@ -14432,24 +16453,24 @@ index 245b9fa8..60ad4244 100644
  title: 'Disable Logwatch on Clients if a Logserver Exists'
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
-index f9cbce52..61ea43f5 100644
+index 773f88904..6060189e7 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  if ! grep -s "^\s*cron\.\*\s*/var/log/cron$" /etc/rsyslog.conf /etc/rsyslog.d/*.conf; then
  	mkdir -p /etc/rsyslog.d
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
-index 076bda66..4deb40f8 100644
+index 8a7b722b9..36da5ed0b 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Ensure cron Is Logging To Rsyslog'
  
@@ -14463,7 +16484,7 @@ index 076bda66..4deb40f8 100644
  ocil_clause: 'cron is not logging to rsyslog'
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
-index 4e321fec..2818c4ca 100644
+index 4e321fecb..2818c4ca1 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -14473,7 +16494,7 @@ index 4e321fec..2818c4ca 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
-index e6cb34fc..004c2b45 100644
+index 3933f28b4..d71a075f1 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -14483,7 +16504,7 @@ index e6cb34fc..004c2b45 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
-index 61dadb78..4b2ba43f 100644
+index 452294e3a..b85159504 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -14495,18 +16516,8 @@ index 61dadb78..4b2ba43f 100644
  
  
  ocil_clause: '$ActionSendStreamDriverAuthMode in /etc/rsyslog.conf is not set to x509/name'
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/ansible/shared.yml
-index 80eddf0c..3e8323a5 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/ansible/shared.yml
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # reboot = false
- # strategy = configure
- # complexity = low
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
-index 52ff2bd0..7f5aaf29 100644
+index d15f2d792..65df1ee81 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -14516,20 +16527,10 @@ index 52ff2bd0..7f5aaf29 100644
 -    stigid@rhel8: RHEL-08-030710
 +    stigid@almalinux8: RHEL-08-030710
  
- ocil_clause: 'rsyslogd ActionSendStreamDriverMode not set to 1'
+ ocil_clause: 'rsyslogd ActionSendStreamDriverMode is not set to 1'
  
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/ansible/shared.yml
-index c0497e88..9d3f9c08 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/ansible/shared.yml
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # reboot = false
- # strategy = configure
- # complexity = low
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
-index 7abebfef..83df23c4 100644
+index ba1095929..400ae7b76 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -14541,332 +16542,15 @@ index 7abebfef..83df23c4 100644
  
  ocil_clause: 'rsyslogd DefaultNetstreamDriver not set to gtls'
  
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_other.fail.sh
-index 575530ef..d6d0b31c 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_other.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_other.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Check rsyslog.conf with root group-owner log from rules and
- # non root group-owner log from $IncludeConfig fails.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_root.pass.sh
-index 39efc1a4..2c9d68d8 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_root.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_root.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Check rsyslog.conf with root group-owner log from rules and
- # root group-owner log from $IncludeConfig passes.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_other.fail.sh
-index c0db7056..6b10e5d4 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_other.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_other.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
- 
- # Check rsyslog.conf with root group-owner log from rules and
- # non root group-owner log from include() fails.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root.pass.sh
-index 1feaf762..d468b4a4 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
- 
- # Check rsyslog.conf with root group-owner log from rules and
- # root group-owner log from include() passes.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_other.fail.sh
-index 9747e0b2..2b4205d6 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_other.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_other.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
- 
- # Check rsyslog.conf with root group-owner log from rules and
- # non root group-owner log from include() fails.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_root.pass.sh
-index 05dd50ed..705c7a9f 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_root.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_root.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
- 
- # Check rsyslog.conf with root group-owner log from rules and
- # root group-owner log from include() passes.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_multiline_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_multiline_is_root.pass.sh
-index 5a357d02..b130db62 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_multiline_is_root.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_multiline_is_root.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
- 
- # Check rsyslog.conf with root group-owner log from rules and
- # root group-owner log from multiline include() passes.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_other.fail.sh
-index c7c01132..43deebea 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_other.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_other.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Check if log file with non root group-owner in rsyslog.conf fails.
- 
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_root.pass.sh
-index 0ecbb35b..b67836e3 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_root.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_root.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Check if log file with root group-owner in rsyslog.conf passes.
- 
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_other.fail.sh
-index 6c82a194..a28595e7 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_other.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_other.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Check rsyslog.conf with root user log from rules and
- # non root user log from $IncludeConfig fails.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_root.pass.sh
-index b24e5e16..8bc9b6cc 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_root.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_root.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Check rsyslog.conf with root user log from rules and
- # root user log from $IncludeConfig passes.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_other.fail.sh
-index 18f43c69..b3ce3fa8 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_other.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_other.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
- 
- # Check rsyslog.conf with root user log from rules and
- # non root user log from include() fails.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root.pass.sh
-index 69dead51..1233e8a0 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
- 
- # Check rsyslog.conf with root user log from rules and
- # root user log from include() passes.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_other.fail.sh
-index e725fb4d..84cc72c8 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_other.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_other.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
- 
- # Check rsyslog.conf with root user log from rules and
- # non root user log from include() fails.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_root.pass.sh
-index ca47d453..3dc1eb21 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_root.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_root.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
- 
- # Check rsyslog.conf with root user log from rules and
- # root user log from include() passes.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_multiline_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_multiline_is_root.pass.sh
-index d68cc2e6..08526e66 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_multiline_is_root.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_multiline_is_root.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
- 
- # Check rsyslog.conf with root user log from rules and
- # root user log from multiline include() passes.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_other.fail.sh
-index 7edbb17e..bcd74022 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_other.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_other.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Check if log file with non root user in rsyslog.conf fails.
- 
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_root.pass.sh
-index e0e518bc..0586491a 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_root.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_root.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Check if log file with root user in rsyslog.conf passes.
- 
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/bash/shared.sh
-index 8846bc9a..ef07b0a1 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/bash/shared.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- 
- # List of log file paths to be inspected for correct permissions
- # * Primarily inspect log file paths listed in /etc/rsyslog.conf
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/IncludeConfig_perms_0600.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/IncludeConfig_perms_0600.pass.sh
-index a6ff6a11..22503b19 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/IncludeConfig_perms_0600.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/IncludeConfig_perms_0600.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Check rsyslog.conf with log file permissions 0600 from rules and
- # log file permissions 0600 from $IncludeConfig passes.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/IncludeConfig_perms_0601.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/IncludeConfig_perms_0601.fail.sh
-index 2ae5c89a..f4133e40 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/IncludeConfig_perms_0601.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/IncludeConfig_perms_0601.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- 
- # Check rsyslog.conf with log file permissions 0600 from rules and
- # log file permissions 0601 from $IncludeConfig fails.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_multiline_perms_0600.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_multiline_perms_0600.pass.sh
-index eabcb219..3af66e64 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_multiline_perms_0600.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_multiline_perms_0600.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
- 
- # Check rsyslog.conf with log file permissions 0600 from rules and
- # log file permissions 0600 from multiline include() passes.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600.pass.sh
-index 32cd4c33..23ec3d88 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
- 
- # Check rsyslog.conf with log file permissions 0600 from rules and
- # log file permissions 0600 from include() passes.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600_IncludeConfig_perms_0600.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600_IncludeConfig_perms_0600.pass.sh
-index 357d4f97..2f4ea8df 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600_IncludeConfig_perms_0600.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600_IncludeConfig_perms_0600.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
- 
- # Check rsyslog.conf with log file permisssions 0600 from rules and
- # log file permissions 0600 from include() passes.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600_IncludeConfig_perms_0601.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600_IncludeConfig_perms_0601.fail.sh
-index 7bdb830c..70025baa 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600_IncludeConfig_perms_0601.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600_IncludeConfig_perms_0601.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
- 
- # Check rsyslog.conf with log file permisssions 0600 from rules and
- # log file permissions 0601 from include() fails.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0601.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0601.fail.sh
-index fd3f9e92..3b31950c 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0601.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0601.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
- 
- # Check rsyslog.conf with log file permissions 0600 from rules and
- # log file permissions 0601 from include() fails.
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0600.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0600.pass.sh
-index fbdcd18f..10dac763 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0600.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0600.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Check if log file with permissions 0600 in rsyslog.conf passes.
- 
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0601.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0601.fail.sh
-index 75e9558c..ce301226 100755
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0601.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0601.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Check if log file with permissions 0601 in rsyslog.conf fails.
- 
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/ansible/shared.yml
-index 770ce1a0..de8531c3 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/ansible/shared.yml
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # reboot = false
- # strategy = configure
- # complexity = low
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
-index 86c55b65..427491bb 100644
+index bea5ed470..e4f16f70c 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9,ubuntu2004
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Ensure remote access methods are monitored in Rsyslog'
  
@@ -14879,88 +16563,44 @@ index 86c55b65..427491bb 100644
      stigid@ubuntu2004: UBTU-20-010403
  
  ocil_clause: 'remote access methods are not logging to rsyslog'
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/no_remote_methods.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/no_remote_methods.fail.sh
-index 271b2feb..f04e53d4 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/no_remote_methods.fail.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/no_remote_methods.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
- 
- declare -A REMOTE_METHODS=( ['auth.*']='^.*auth\.\*.*$' ['authpriv.*']='^.*authpriv\.\*.*$' ['daemon.*']='^.*daemon\.\*.*$' )
- RSYSLOG_CONF='/etc/rsyslog.conf'
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_multiple_configs.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_multiple_configs.pass.sh
-index 76927895..0c57f7e6 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_multiple_configs.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_multiple_configs.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
- 
- declare -A REMOTE_METHODS=( ['auth.*']='^.*auth\.\*.*$' ['authpriv.*']='^.*authpriv\.\*.*$' ['daemon.*']='^.*daemon\.\*.*$' )
- RSYSLOG_CONF='/etc/rsyslog.conf'
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_conf.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_conf.pass.sh
-index 8042172b..ffdd945e 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_conf.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_conf.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
- 
- declare -A REMOTE_METHODS=( ['auth.*']='^.*auth\.\*.*$' ['authpriv.*']='^.*authpriv\.\*.*$' ['daemon.*']='^.*daemon\.\*.*$' )
- RSYSLOG_CONF='/etc/rsyslog.conf'
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_d.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_d.pass.sh
-index 38bdf916..1b8201ef 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_d.pass.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_d.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
- 
- declare -A REMOTE_METHODS=( ['auth.*']='^.*auth\.\*.*$' ['authpriv.*']='^.*authpriv\.\*.*$' ['daemon.*']='^.*daemon\.\*.*$' )
- RSYSLOG_CONF='/etc/rsyslog.conf'
 diff --git a/linux_os/guide/system/logging/journald/journald_compress/rule.yml b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
-index c2dd21da..09516d55 100644
+index 040db3d99..18709e3c3 100644
 --- a/linux_os/guide/system/logging/journald/journald_compress/rule.yml
 +++ b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,sle15
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: alinux3,anolis8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
++prodtype: alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
  
  title: Ensure journald is configured to compress large log files
  
 diff --git a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
-index 56d9a5d5..c387ce3e 100644
+index 4586e0dde..e1b88901b 100644
 --- a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
 +++ b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9
-+prodtype: rhel7,rhel8,almalinux8,rhel9
+-prodtype: alinux3,anolis8,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: Ensure journald is configured to send logs to rsyslog
  
 diff --git a/linux_os/guide/system/logging/journald/journald_storage/rule.yml b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
-index eb814ac1..381fdb2e 100644
+index 91cbbb694..81b1a5d46 100644
 --- a/linux_os/guide/system/logging/journald/journald_storage/rule.yml
 +++ b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,sle15
-+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: alinux3,anolis8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
++prodtype: alinux3,anolis8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
  
  title: Ensure journald is configured to write log files to persistent disk
  
 diff --git a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
-index 859ea93e..9b9ea07f 100644
+index 859ea93ee..9b9ea07f7 100644
 --- a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
 +++ b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -14971,18 +16611,18 @@ index 859ea93e..9b9ea07f 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
-index 81ae57a9..2d5cb49a 100644
+index fe112b716..cfba6c177 100644
 --- a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
 +++ b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Ensure rsyslog-gnutls is installed'
  
-@@ -25,7 +25,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      ospp: FTP_ITC_EXT.1.1
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-030680
@@ -14992,10 +16632,10 @@ index 81ae57a9..2d5cb49a 100644
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
-index 7968d903..5b3ab2da 100644
+index e49c00bdb..28b7a52c5 100644
 --- a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
 +++ b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      ospp: FTP_ITC_EXT.1.1
      srg: SRG-OS-000479-GPOS-00224,SRG-OS-000051-GPOS-00024,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-030670
@@ -15005,42 +16645,42 @@ index 7968d903..5b3ab2da 100644
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
-index c73b2fb0..2427ee70 100644
+index 7eafd1ec2..53ae2a399 100644
 --- a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
 +++ b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019
+-prodtype: alinux3,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux3,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server'
  
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
-index 74270442..8e8c6fdb 100644
+index 45825e0e9..fd9b17d97 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
 +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_sle,multi_platform_ol
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ol
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
-index f34bc83e..f7c79cd3 100644
+index b80e47d30..35dc00501 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
 +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_sle,multi_platform_ol,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ol,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("rsyslog_remote_loghost_address") }}}
  
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
-index 3239b7ac..02191114 100644
+index 54485dffc..8e9b31ab4 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
 +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
-@@ -65,7 +65,7 @@ references:
+@@ -69,7 +69,7 @@ references:
      stigid@ol7: OL07-00-031000
      stigid@ol8: OL08-00-030690
      stigid@rhel7: RHEL-07-031000
@@ -15049,35 +16689,55 @@ index 3239b7ac..02191114 100644
      stigid@sle12: SLES-12-030340
      stigid@sle15: SLES-15-010580
      vmmsrg: SRG-OS-000032-VMM-000130
+diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
+index d6e2b2564..323d3ffaa 100644
+--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
++++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ # reboot = false
+ # strategy = configure
+ # complexity = low
+diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
+index ee1cbf7ea..eb4e5adc4 100644
+--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
++++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ # reboot = false
+ # strategy = configure
+ # complexity = low
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml
-index 83c6d933..073d8b24 100644
+index 86c0988cf..0aef0d4dc 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml
 +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Configure TLS for rsyslog remote logging'
  
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml
-index 818f2471..8beaebea 100644
+index 618c6c43d..f8506a338 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml
 +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Configure CA certificate for rsyslog remote logging'
  
 diff --git a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
-index 105c7dec..b21caee7 100644
+index 429a2324a..a28f5a40e 100644
 --- a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
 +++ b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.DS-4,PR.PT-1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010561
@@ -15085,41 +16745,62 @@ index 105c7dec..b21caee7 100644
 +    stigid@almalinux8: RHEL-08-010561
      stigid@ubuntu2004: UBTU-20-010432
  
- ocil: |-
+ ocil_clause: '{{{ ocil_clause_service_enabled(service="rsyslog") }}}'
+diff --git a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
+index 3bfa85008..1ab86a090 100644
+--- a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
++++ b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: ol8,ol9,rhel8,rhel9,sle15
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9,sle15
+ 
+ title: 'Configure Firewalld to Use the Nftables Backend'
+ 
+@@ -24,7 +24,7 @@ references:
+     nist: SC-5
+     srg: SRG-OS-000420-GPOS-00186
+     stigid@ol8: OL08-00-040150
+-    stigid@rhel8: RHEL-08-040150
++    stigid@almalinux8: RHEL-08-040150
+ 
+ ocil_clause: 'the "nftables" is not set as the "firewallbackend"'
+ 
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
-index 2fc0d19e..9e9fe3d2 100644
+index 2b6853afd..654eaf7bd 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Install firewalld Package'
  
-@@ -27,7 +27,7 @@ references:
-     nist@sle15: CM-7,CM-7.1(iii),CM-7(b),AC-17(1)
+@@ -39,7 +39,7 @@ references:
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115,SRG-OS-000298-GPOS-00116,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00232
+     stigid@ol7: OL07-00-040520
      stigid@ol8: OL08-00-040100
 -    stigid@rhel8: RHEL-08-040100
 +    stigid@almalinux8: RHEL-08-040100
-     stigid@sle15:  SLES-15-010220
+     stigid@sle15: SLES-15-010220
  
  ocil_clause: 'the package is not installed'
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
-index ff0f33b4..0a9a47c5 100644
+index cd2259434..5c81f3f97 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Verify firewalld Enabled'
  
-@@ -41,7 +41,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      stigid@ol7: OL07-00-040520
      stigid@ol8: OL08-00-040101
      stigid@rhel7: RHEL-07-040520
@@ -15127,20 +16808,20 @@ index ff0f33b4..0a9a47c5 100644
 +    stigid@almalinux8: RHEL-08-040101
      stigid@sle15: SLES-15-010220
  
- ocil: |-
+ ocil_clause: '{{{ ocil_clause_service_enabled("firewalld") }}}'
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
-index cbd36322..868d8994 100644
+index 5075f1e7e..37b52d4d7 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Configure the Firewalld Ports'
  
-@@ -54,7 +54,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      stigid@ol7: OL07-00-040100
      stigid@ol8: OL08-00-040030
      stigid@rhel7: RHEL-07-040100
@@ -15148,9 +16829,9 @@ index cbd36322..868d8994 100644
 +    stigid@almalinux8: RHEL-08-040030
      vmmsrg: SRG-OS-000096-VMM-000490,SRG-OS-000480-VMM-002000
  
- ocil_clause: 'the default rules are not configured'
+ ocil_clause: 'there are additional ports, protocols, or services that are not in the PPSM CLSA, or there are ports, protocols, or services that are prohibited by the PPSM Category Assurance List (CAL), or there are no firewall rules configured'
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml
-index 787eb697..b507337f 100644
+index 787eb6976..b507337f8 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -15159,56 +16840,89 @@ index 787eb697..b507337f 100644
  # reboot = false
  # strategy = configure
  # complexity = low
+diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
+index b92f6f56d..604d45c9a 100644
+--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
++++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel8,rhel9
++prodtype: rhel8,almalinux8,rhel9
+ 
+ title: 'Firewalld Must Employ a Deny-all, Allow-by-exception Policy for Allowing Connections to Other Systems'
+ 
+@@ -24,7 +24,7 @@ references:
+     nist: AC-17 (1)
+     srg: SRG-OS-000297-GPOS-00115
+     stigid@ol8: OL08-00-040090
+-    stigid@rhel8: RHEL-08-040090
++    stigid@almalinux8: RHEL-08-040090
+ 
+ ocil_clause: 'no zones are active on the interfaces or if the target is set to a different option other than "DROP"'
+ 
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
-index f4d78fb7..41f0d78d 100644
+index 96215be8c..69a680b4a 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: alinux2,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: alinux2,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Set Default firewalld Zone for Incoming Packets'
  
 diff --git a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
-index 275ae401..401629d2 100644
+index 707eb3ba5..34bbdd9a2 100644
 --- a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
 +++ b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Verify Any Configured IPSec Tunnel Connections'
  
 diff --git a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
-index 3bf641e4..6e7ad928 100644
+index 24cea91a8..fd8f68cde 100644
 --- a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
 +++ b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
  
  title: 'Install libreswan Package'
  
+diff --git a/linux_os/guide/system/network/network-iptables/package_iptables-services_installed/rule.yml b/linux_os/guide/system/network/network-iptables/package_iptables-services_installed/rule.yml
+index f21ba1609..8cc1704f8 100644
+--- a/linux_os/guide/system/network/network-iptables/package_iptables-services_installed/rule.yml
++++ b/linux_os/guide/system/network/network-iptables/package_iptables-services_installed/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel8
++prodtype: rhel8,almalinux8
+ 
+ title: 'Install iptables-services Package'
+ 
 diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/rule.yml b/linux_os/guide/system/network/network-iptables/package_iptables_installed/rule.yml
-index bd6fc70c..fc82cb6a 100644
+index 4b899abf3..d0e295a92 100644
 --- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/rule.yml
 +++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Install iptables Package'
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_default_gateway/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_default_gateway/rule.yml
-index 23dfed41..e90a8c6a 100644
+index 23dfed41d..e90a8c6af 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_default_gateway/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_default_gateway/rule.yml
 @@ -1,6 +1,6 @@
@@ -15220,7 +16934,7 @@ index 23dfed41..e90a8c6a 100644
  title: 'Manually Assign IPv6 Router Address'
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
-index d787fbbb..d209806d 100644
+index d787fbbbf..d209806d8 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -15230,7 +16944,7 @@ index d787fbbb..d209806d 100644
  # enable randomness in ipv6 address generation
  for interface in /etc/sysconfig/network-scripts/ifcfg-*
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/rule.yml
-index 5d554b2c..fad68a9b 100644
+index 5d554b2c0..fad68a9b2 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/rule.yml
 @@ -1,6 +1,6 @@
@@ -15242,7 +16956,7 @@ index 5d554b2c..fad68a9b 100644
  title: 'Use Privacy Extensions for Address'
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_static_address/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_static_address/rule.yml
-index aac0fae4..ca69e4d4 100644
+index aac0fae49..ca69e4d4f 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_static_address/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_static_address/rule.yml
 @@ -1,6 +1,6 @@
@@ -15254,7 +16968,7 @@ index aac0fae4..ca69e4d4 100644
  title: 'Manually Assign Global IPv6 Address'
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
-index 87306fed..88e2884b 100644
+index 87306fedb..88e2884bc 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15265,18 +16979,18 @@ index 87306fed..88e2884b 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
-index 9a3dad87..d688c1fb 100644
+index 948151483..6a1f236cf 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Configure Accepting Router Advertisements on All IPv6 Interfaces'
  
-@@ -33,7 +33,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040261
@@ -15286,43 +17000,43 @@ index 9a3dad87..d688c1fb 100644
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.ipv6.conf.all.accept_ra", value="0") }}}
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_defrtr/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_defrtr/rule.yml
-index 979201fc..07de17fc 100644
+index b10be0ff2..603da231d 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_defrtr/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_defrtr/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_pinfo/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_pinfo/rule.yml
-index d430df13..544c2b3f 100644
+index b03379b67..df21a9498 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_pinfo/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_pinfo/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_rtr_pref/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_rtr_pref/rule.yml
-index 8c009414..6b7852da 100644
+index dd8c7c884..49282197d 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_rtr_pref/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_rtr_pref/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
-index 8792fc66..2c7c4b02 100644
+index 8792fc668..2c7c4b025 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15333,18 +17047,18 @@ index 8792fc66..2c7c4b02 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
-index a52041c9..cf42fdd5 100644
+index ae79bcbe8..8e8d33bed 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Accepting ICMP Redirects for All IPv6 Interfaces'
  
-@@ -36,7 +36,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040280
@@ -15354,7 +17068,7 @@ index a52041c9..cf42fdd5 100644
      stigid@sle15: SLES-15-040341
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
-index e222b1c8..85b92ce9 100644
+index e222b1c88..85b92ce90 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15365,18 +17079,18 @@ index e222b1c8..85b92ce9 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
-index f93fa581..89bb2c23 100644
+index 92d5ddb81..a028c53f6 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces'
  
-@@ -46,7 +46,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      stigid@ol7: OL07-00-040830
      stigid@ol8: OL08-00-040240
      stigid@rhel7: RHEL-07-040830
@@ -15386,55 +17100,64 @@ index f93fa581..89bb2c23 100644
      stigid@sle15: SLES-15-040310
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_autoconf/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_autoconf/rule.yml
-index d0b011dd..4716dde4 100644
+index f2bf2f038..df6fa58b4 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_autoconf/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_autoconf/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
  
  title: Configure Auto Configuration on All IPv6 Interfaces
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
-index b09b2b53..8354888d 100644
+index 2629d9322..6f85c132d 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Kernel Parameter for IPv6 Forwarding'
  
+@@ -40,7 +40,7 @@ references:
+     nist-csf: DE.CM-1,PR.DS-4,PR.IP-1,PR.PT-3
+     srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040260
+-    stigid@rhel8: RHEL-08-040260
++    stigid@almalinux8: RHEL-08-040260
+     stigid@sle12: SLES-12-030364
+     stigid@sle15: SLES-15-040381
+ 
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_max_addresses/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_max_addresses/rule.yml
-index 038d4b2e..e832c9bc 100644
+index 424a0b2c0..6cfd8111e 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_max_addresses/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_max_addresses/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_router_solicitations/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_router_solicitations/rule.yml
-index 697718ee..01b7652c 100644
+index 70f5e7919..0fc7d4c34 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_router_solicitations/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_router_solicitations/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Configure Denying Router Solicitations on All IPv6 Interfaces'
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
-index 4ed2c480..f59b6d7c 100644
+index 4ed2c480c..f59b6d7c3 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15445,18 +17168,18 @@ index 4ed2c480..f59b6d7c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
-index 48f6daf6..31c41ceb 100644
+index ee39a00ca..1992e1209 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Accepting Router Advertisements on all IPv6 Interfaces by Default'
  
-@@ -33,7 +33,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040262
@@ -15466,43 +17189,43 @@ index 48f6daf6..31c41ceb 100644
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.ipv6.conf.default.accept_ra", value="0") }}}
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_defrtr/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_defrtr/rule.yml
-index 2da8c426..4d247fed 100644
+index 34f8d0d2a..adc21921d 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_defrtr/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_defrtr/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_pinfo/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_pinfo/rule.yml
-index 2865601d..2b7a44e8 100644
+index 2ebd8ca45..7de504f57 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_pinfo/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_pinfo/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_rtr_pref/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_rtr_pref/rule.yml
-index 6de9820b..e9f91a67 100644
+index 8add0b633..5d0468a3f 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_rtr_pref/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_rtr_pref/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
-index 845b013e..063776b8 100644
+index 845b013ed..063776b85 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15513,18 +17236,18 @@ index 845b013e..063776b8 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
-index c1173b53..6785d617 100644
+index 98f2787a6..f0472128c 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces'
  
-@@ -38,7 +38,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      nist@sle15: CM-6(b),CM-6.1(iv)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040210
@@ -15534,7 +17257,7 @@ index c1173b53..6785d617 100644
      stigid@sle15: SLES-15-040350
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
-index e2951d84..0335df12 100644
+index e2951d845..0335df123 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15545,19 +17268,19 @@ index e2951d84..0335df12 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
-index e2d14e3a..fc382f08 100644
+index bf84b2f7a..c671d7198 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default'
  
-@@ -44,7 +44,7 @@ references:
-     nist-csf: DE.AE-1,ID.AM-3,PR.AC-5,PR.DS-5,PR.PT-4
+@@ -49,7 +49,7 @@ references:
+     pcidss: Req-1.4.3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040250
 -    stigid@rhel8: RHEL-08-040250
@@ -15566,55 +17289,55 @@ index e2d14e3a..fc382f08 100644
      stigid@sle15: SLES-15-040321
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_autoconf/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_autoconf/rule.yml
-index 95a023ef..b0e039fc 100644
+index f25bf50e2..1ffd6163c 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_autoconf/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_autoconf/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: Configure Auto Configuration on All IPv6 Interfaces By Default
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_max_addresses/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_max_addresses/rule.yml
-index d7795727..f7627692 100644
+index 089a68d3c..924230bd2 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_max_addresses/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_max_addresses/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_router_solicitations/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_router_solicitations/rule.yml
-index d4eeebf7..16f3c9b5 100644
+index 623294f9f..b0ab2697d 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_router_solicitations/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_router_solicitations/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Configure Denying Router Solicitations on All IPv6 Interfaces By Default'
  
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml
-index 9e1ca48e..676e2f27 100644
+index 7333c6a6d..2e006d567 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure IPv6 is disabled through kernel boot parameter'
  
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh
-index 5d8daaa6..604dc02c 100644
+index 5d8daaa6b..604dc02c0 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh
 +++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh
 @@ -1,5 +1,5 @@
@@ -15625,7 +17348,7 @@ index 5d8daaa6..604dc02c 100644
  # Removes ipv6.disable argument from kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/correct_grubenv.pass.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/correct_grubenv.pass.sh
-index 0e84a458..bf898a7c 100644
+index 0e84a458c..bf898a7c9 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/correct_grubenv.pass.sh
 +++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/correct_grubenv.pass.sh
 @@ -1,4 +1,4 @@
@@ -15635,7 +17358,7 @@ index 0e84a458..bf898a7c 100644
  
  grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) ipv6.disable=1"
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel8.fail.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel8.fail.sh
-index db339c35..38d2f0d6 100644
+index db339c353..38d2f0d62 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel8.fail.sh
 +++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel8.fail.sh
 @@ -1,5 +1,5 @@
@@ -15646,7 +17369,7 @@ index db339c35..38d2f0d6 100644
  # Break the ipv6.disable argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_interfaces/rule.yml
-index 86299ffb..672d504a 100644
+index 86299ffbc..672d504af 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_interfaces/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_interfaces/rule.yml
 @@ -1,6 +1,6 @@
@@ -15658,29 +17381,29 @@ index 86299ffb..672d504a 100644
  title: 'Disable Interface Usage of IPv6'
  
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
-index 48e71c26..5a54df85 100644
+index 2bd1bdbca..63ab3fe59 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
 +++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
  
  # Drop 'tcp6' and 'udp6' entries from /etc/netconfig to prevent RPC
  # services for NFSv4 from attempting to start IPv6 network listeners
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/rule.yml b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/rule.yml
-index 2d0ac285..5d39af15 100644
+index 603b98156..107c219ec 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhv4
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhv4
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
  
  title: 'Disable Support for RPC IPv6'
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
-index 6bb6de13..1f0664a0 100644
+index 6bb6de134..1f0664a02 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15691,18 +17414,18 @@ index 6bb6de13..1f0664a0 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
-index 9393044b..07a07b2c 100644
+index 8756e21dc..eadbfdf92 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Accepting ICMP Redirects for All IPv4 Interfaces'
  
-@@ -46,7 +46,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      stigid@ol7: OL07-00-040641
      stigid@ol8: OL08-00-040279
      stigid@rhel7: RHEL-07-040641
@@ -15712,7 +17435,7 @@ index 9393044b..07a07b2c 100644
      stigid@sle15: SLES-15-040330
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
-index b3d72bb4..b89b8a35 100644
+index b3d72bb4a..b89b8a35a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15723,18 +17446,18 @@ index b3d72bb4..b89b8a35 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
-index e0dae613..545db8bf 100644
+index 2ccc27899..896712650 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces'
  
-@@ -47,7 +47,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      stigid@ol7: OL07-00-040610
      stigid@ol8: OL08-00-040239
      stigid@rhel7: RHEL-07-040610
@@ -15743,8 +17466,41 @@ index e0dae613..545db8bf 100644
      stigid@sle12: SLES-12-030360
      stigid@sle15: SLES-15-040300
  
+diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_drop_gratuitous_arp/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_drop_gratuitous_arp/rule.yml
+index 55a35774c..5ca39bda7 100644
+--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_drop_gratuitous_arp/rule.yml
++++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_drop_gratuitous_arp/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8,rhel9
++prodtype: fedora,rhel8,almalinux8,rhel9
+ 
+ title: 'Drop Gratuitious ARP frames on All IPv4 Interfaces'
+ 
+diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
+index a75bcc616..d79fa93ba 100644
+--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
++++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel7,rhel8,rhel9
++prodtype: rhel7,rhel8,almalinux8,rhel9
+ 
+ title: 'Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces'
+ 
+@@ -22,7 +22,7 @@ references:
+     disa: CCI-000366
+     nist: CM-6(b)
+     srg: SRG-OS-000480-GPOS-00227
+-    stigid@rhel8: RHEL-08-040259
++    stigid@almalinux8: RHEL-08-040259
+ 
+ ocil_clause: 'IP forwarding value is "1" and the system is not router'
+ 
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
-index 70e767cc..fbe1a27a 100644
+index 70e767cc4..fbe1a27a2 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15755,19 +17511,19 @@ index 70e767cc..fbe1a27a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
-index 14c868df..5c2a453c 100644
+index 9d84eab4d..badedb833 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces'
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
-index c64da37a..08535e5a 100644
+index c64da37a3..08535e5a1 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15778,28 +17534,50 @@ index c64da37a..08535e5a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
-index b183e3d2..7c197e6f 100644
+index e3b2b18f0..9d1c09e02 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces'
  
-@@ -41,7 +41,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-040611
      stigid@ol8: OL08-00-040285
      stigid@rhel7: RHEL-07-040611
 -    stigid@rhel8: RHEL-08-040285
 +    stigid@almalinux8: RHEL-08-040285
  
- {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.ipv4.conf.all.rp_filter", value="1") }}}
+ ocil: |-
+     The runtime status of the net.ipv4.conf.all.rp_filter parameter can be queried
+diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
+index 583b70a3b..d9bca3de6 100644
+--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
++++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
+ # Clean sysctl config directories
+ rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
+diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
+index ef545976d..bf1ccb250 100644
+--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
++++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ # Clean sysctl config directories
+ rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
-index 8b075d55..0dd17a34 100644
+index 8b075d55e..0dd17a34b 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15810,19 +17588,19 @@ index 8b075d55..0dd17a34 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
-index abb8ab51..8175b793 100644
+index 849ae47b1..7b2fa5a0a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces'
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
-index 2bfbd9e4..8ea37100 100644
+index 2bfbd9e46..8ea37100a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15833,18 +17611,18 @@ index 2bfbd9e4..8ea37100 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
-index 8942b0eb..1afc98bf 100644
+index 7bcccbb1f..6e4cda09a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces'
  
-@@ -45,7 +45,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      stigid@ol7: OL07-00-040640
      stigid@ol8: OL08-00-040209
      stigid@rhel7: RHEL-07-040640
@@ -15854,7 +17632,7 @@ index 8942b0eb..1afc98bf 100644
      stigid@sle15: SLES-15-040340
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
-index aa7d1562..08668d03 100644
+index aa7d1562b..08668d03c 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15865,18 +17643,18 @@ index aa7d1562..08668d03 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
-index 3fab05c8..42196cd9 100644
+index 9a54bbc13..cd302caa3 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default'
  
-@@ -48,7 +48,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      stigid@ol7: OL07-00-040620
      stigid@ol8: OL08-00-040249
      stigid@rhel7: RHEL-07-040620
@@ -15886,7 +17664,7 @@ index 3fab05c8..42196cd9 100644
      stigid@sle15: SLES-15-040320
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
-index 3a60ab17..728ddb81 100644
+index 3a60ab17c..728ddb817 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15897,19 +17675,19 @@ index 3a60ab17..728ddb81 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
-index c717e0eb..47d9ae27 100644
+index 6fa5a7340..417a0ef26 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Enable Kernel Paremeter to Log Martian Packets on all IPv4 Interfaces by Default'
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
-index b6e53de3..0b652c7c 100644
+index b6e53de36..0b652c7cf 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15920,19 +17698,19 @@ index b6e53de3..0b652c7c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
-index 6a0a6a27..d22fdcf0 100644
+index b688a15db..100805948 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default'
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
-index aeb67c4e..f47a8ab6 100644
+index aeb67c4e0..f47a8ab67 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15943,19 +17721,19 @@ index aeb67c4e..f47a8ab6 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
-index d8c39e65..369a83e9 100644
+index 90ef90f2a..ae26dd331 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Configure Kernel Parameter for Accepting Secure Redirects By Default'
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
-index 52d74441..08c8c256 100644
+index 52d74441b..08c8c256d 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15966,18 +17744,18 @@ index 52d74441..08c8c256 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
-index f6dcc9c2..a2564588 100644
+index 5b12a1b34..5de3f2c04 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces'
  
-@@ -43,7 +43,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-040630
      stigid@ol8: OL08-00-040230
      stigid@rhel7: RHEL-07-040630
@@ -15987,7 +17765,7 @@ index f6dcc9c2..a2564588 100644
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.ipv4.icmp_echo_ignore_broadcasts", value="1") }}}
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
-index 9e3a85af..d4f4d31c 100644
+index 9e3a85af9..d4f4d31cb 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -15998,55 +17776,55 @@ index 9e3a85af..d4f4d31c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
-index e90a6a19..215c9f65 100644
+index a5fb5f4b9..c94a0fc3f 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces'
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_ip_local_port_range/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_ip_local_port_range/rule.yml
-index 84bb9162..293a5c85 100644
+index e5bb48138..c85832264 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_ip_local_port_range/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_ip_local_port_range/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Set Kernel Parameter to Increase Local Port Range'
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml
-index 3da863c6..07f01e52 100644
+index 3104be903..47783f4a9 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,wrlinux1019
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15
  
  title: 'Configure Kernel to Rate Limit Sending of Duplicate TCP Acknowledgments'
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_rfc1337/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_rfc1337/rule.yml
-index b70279f6..d07baa1e 100644
+index f62f1616f..510e999d3 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_rfc1337/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_rfc1337/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces'
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
-index 0c8dae78..a26df0c5 100644
+index 0c8dae788..a26df0c5a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -16057,19 +17835,19 @@ index 0c8dae78..a26df0c5 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
-index b3d1d3c6..25af3587 100644
+index 31e76dd05..e3d0b1a8e 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
- title: 'Enable Kernel Parameter to Use TCP Syncookies on IPv4 Interfaces'
+ title: 'Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces'
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
-index ea1db12f..5d8b19f6 100644
+index ea1db12fe..5d8b19f68 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -16080,18 +17858,18 @@ index ea1db12f..5d8b19f6 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
-index 59f736c0..09c939c2 100644
+index 5c4347b97..a2d44c7f8 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces'
  
-@@ -45,7 +45,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-040660
      stigid@ol8: OL08-00-040220
      stigid@rhel7: RHEL-07-040660
@@ -16101,7 +17879,7 @@ index 59f736c0..09c939c2 100644
      stigid@sle15: SLES-15-040370
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
-index b54e3d12..125464d7 100644
+index b54e3d12b..125464d7a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -16112,18 +17890,18 @@ index b54e3d12..125464d7 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
-index 0936f826..d3ac1743 100644
+index fc30851a2..a7943d2bf 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default'
  
-@@ -45,7 +45,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-040650
      stigid@ol8: OL08-00-040270
      stigid@rhel7: RHEL-07-040650
@@ -16133,84 +17911,65 @@ index 0936f826..d3ac1743 100644
      stigid@sle15: SLES-15-040360
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
-index 0e696ec5..272b8bd2 100644
+index 55b91f12d..ec716bd8a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces'
  
-@@ -43,7 +43,7 @@ references:
-     stigid@ol7: OL07-00-040740
-     stigid@ol8: OL08-00-040260
-     stigid@rhel7: RHEL-07-040740
--    stigid@rhel8: RHEL-08-040260
-+    stigid@almalinux8: RHEL-08-040260
-     stigid@sle12: SLES-12-030430
-     stigid@sle15: SLES-15-040380
+diff --git a/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml b/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml
+index b3b75c819..5eef0f0da 100644
+--- a/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml
++++ b/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
++prodtype: rhel8,almalinux8,rhel9,sle15,ubuntu2004,ubuntu2204
+ 
+ title: 'Install nftables Package'
  
-diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/kubernetes/shared.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/kubernetes/shared.yml
-index 7d08edf8..f83779e3 100644
---- a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
-index 0fe216f1..8d32519c 100644
+index f995e2795..e1d8819ce 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Disable ATM Support'
  
 @@ -28,7 +28,7 @@ references:
      ospp: FMT_SMF_EXT.1
-     srg: SRG-OS-000095-GPOS-00049
+     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040021
 -    stigid@rhel8: RHEL-08-040021
 +    stigid@almalinux8: RHEL-08-040021
  
  {{{ complete_ocil_entry_module_disable(module="atm") }}}
  
-diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/kubernetes/shared.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/kubernetes/shared.yml
-index 6f5805e5..0ca4ab3b 100644
---- a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
-index 68a88a42..8b45a3fc 100644
+index 420485c11..0a36c302c 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Disable CAN Support'
  
 @@ -28,7 +28,7 @@ references:
      ospp: FMT_SMF_EXT.1
-     srg: SRG-OS-000095-GPOS-00049
+     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040022
 -    stigid@rhel8: RHEL-08-040022
 +    stigid@almalinux8: RHEL-08-040022
@@ -16218,37 +17977,37 @@ index 68a88a42..8b45a3fc 100644
  {{{ complete_ocil_entry_module_disable(module="can") }}}
  
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
-index 8d4b21be..20522980 100644
+index 8ca0279e9..dedd22909 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable DCCP Support'
  
-diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/kubernetes/shared.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/kubernetes/shared.yml
-index 61aed859..03f41b72 100644
---- a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/kubernetes/shared.yml
+diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
+index 57cc29270..4b1b2805e 100644
+--- a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
++++ b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
 @@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+ 
+ rm -f /etc/modprobe.d/dccp-blacklist.conf
+ echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
-index 3534ddc9..c9e7236f 100644
+index 0522abc15..1109e3ccb 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Disable IEEE 1394 (FireWire) Support'
  
@@ -16261,54 +18020,32 @@ index 3534ddc9..c9e7236f 100644
  
  {{{ complete_ocil_entry_module_disable(module="firewire-core") }}}
  
-diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/kubernetes/shared.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/kubernetes/shared.yml
-index 28b8952d..6e3e064a 100644
---- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
-index 3dc9ce2b..316cbd9c 100644
+index 58260bba6..6a4b1daaa 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable SCTP Support'
  
-@@ -41,7 +41,7 @@ references:
-     nist-csf: PR.IP-1,PR.PT-3
-     srg: SRG-OS-000095-GPOS-00049
+@@ -47,7 +47,7 @@ references:
+     pcidss: Req-1.4.2
+     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040023
 -    stigid@rhel8: RHEL-08-040023
 +    stigid@almalinux8: RHEL-08-040023
  
  {{{ complete_ocil_entry_module_disable(module="sctp") }}}
  
-diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/kubernetes/shared.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/kubernetes/shared.yml
-index 9761ea78..b98652b4 100644
---- a/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
-index 76bd1d52..36bd856f 100644
+index 075d86c27..5d0928edc 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040024
@@ -16317,26 +18054,15 @@ index 76bd1d52..36bd856f 100644
  
  {{{ complete_ocil_entry_module_disable(module="tipc") }}}
  
-diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/kubernetes/shared.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/kubernetes/shared.yml
-index 5aaafd12..9d05d0c5 100644
---- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
-index e5efa8df..11a5b7f8 100644
+index 847d21236..1edba79ba 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable Bluetooth Kernel Module'
  
@@ -16349,20 +18075,68 @@ index e5efa8df..11a5b7f8 100644
  
  {{{ complete_ocil_entry_module_disable(module="bluetooth") }}}
  
+diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_cfg80211_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_cfg80211_disabled/rule.yml
+index 5d3161776..29d115daf 100644
+--- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_cfg80211_disabled/rule.yml
++++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_cfg80211_disabled/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhcos4,rhel8,rhel9
++prodtype: fedora,rhcos4,rhel8,almalinux8,rhel9
+ 
+ title: 'Disable Kernel cfg80211 Module'
+ 
+diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlmvm_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlmvm_disabled/rule.yml
+index 25123181d..cc641d3f0 100644
+--- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlmvm_disabled/rule.yml
++++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlmvm_disabled/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhcos4,rhel8,rhel9
++prodtype: fedora,rhcos4,rhel8,almalinux8,rhel9
+ 
+ title: 'Disable Kernel iwlmvm Module'
+ 
+diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlwifi_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlwifi_disabled/rule.yml
+index 2ae0cd340..1f1c8ed7e 100644
+--- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlwifi_disabled/rule.yml
++++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlwifi_disabled/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhcos4,rhel8,rhel9
++prodtype: fedora,rhcos4,rhel8,almalinux8,rhel9
+ 
+ title: 'Disable Kernel iwlwifi Module'
+ 
+diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_mac80211_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_mac80211_disabled/rule.yml
+index 409baf905..5f85883e3 100644
+--- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_mac80211_disabled/rule.yml
++++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_mac80211_disabled/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhcos4,rhel8,rhel9
++prodtype: fedora,rhcos4,rhel8,almalinux8,rhel9
+ 
+ title: 'Disable Kernel mac80211 Module'
+ 
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/service_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/service_bluetooth_disabled/rule.yml
-index fea6ec50..b90ede6f 100644
+index a0a9fbc23..0d3c20a3d 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/service_bluetooth_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/service_bluetooth_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,rhel7,rhel8,rhv4
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhv4
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4
  
  title: 'Disable Bluetooth Service'
  
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_in_bios/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_in_bios/rule.yml
-index 6a541594..8c47fed5 100644
+index 6a541594f..8c47fed5a 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_in_bios/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_in_bios/rule.yml
 @@ -1,6 +1,6 @@
@@ -16374,18 +18148,18 @@ index 6a541594..8c47fed5 100644
  title: 'Disable WiFi or Bluetooth in BIOS'
  
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
-index 2104d3ea..60f11694 100644
+index fa61a9233..394f8fb42 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Deactivate Wireless Network Interfaces'
  
-@@ -62,7 +62,7 @@ references:
+@@ -64,7 +64,7 @@ references:
      stigid@ol7: OL07-00-041010
      stigid@ol8: OL08-00-040110
      stigid@rhel7: RHEL-07-041010
@@ -16395,28 +18169,47 @@ index 2104d3ea..60f11694 100644
      stigid@sle15: SLES-15-010380
      stigid@ubuntu2004: UBTU-20-010455
 diff --git a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
-index 9a583e8d..3590b4a2 100644
+index bf2339bbd..2116460e1 100644
 --- a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
 +++ b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Configure Multiple DNS Servers in /etc/resolv.conf'
  
-@@ -41,7 +41,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      stigid@ol7: OL07-00-040600
      stigid@ol8: OL08-00-010680
      stigid@rhel7: RHEL-07-040600
 -    stigid@rhel8: RHEL-08-010680
 +    stigid@almalinux8: RHEL-08-010680
  
- ocil_clause: 'it does not exist or is not properly configured or less than 2 ''nameserver'' entries exist'
+ ocil_clause: 'less than two lines are returned that are not commented out'
+ 
+diff --git a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
+index 0f2d15979..27572472b 100644
+--- a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
++++ b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
+@@ -1,3 +1,3 @@
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ source common.sh
+diff --git a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
+index 469db24e9..671a4d019 100644
+--- a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
++++ b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ source common.sh
  
 diff --git a/linux_os/guide/system/network/network_disable_ddns_interfaces/rule.yml b/linux_os/guide/system/network/network_disable_ddns_interfaces/rule.yml
-index 06a84a9d..dba6f82c 100644
+index 06a84a9df..dba6f82ce 100644
 --- a/linux_os/guide/system/network/network_disable_ddns_interfaces/rule.yml
 +++ b/linux_os/guide/system/network/network_disable_ddns_interfaces/rule.yml
 @@ -1,6 +1,6 @@
@@ -16428,7 +18221,7 @@ index 06a84a9d..dba6f82c 100644
  title: 'Disable Client Dynamic DNS Updates'
  
 diff --git a/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh b/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh
-index 6f2e6fa2..ea9c566f 100644
+index 6f2e6fa20..ea9c566f9 100644
 --- a/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh
 +++ b/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh
 @@ -1,2 +1,2 @@
@@ -16436,7 +18229,7 @@ index 6f2e6fa2..ea9c566f 100644
 +# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
  echo "NOZEROCONF=yes" >> /etc/sysconfig/network
 diff --git a/linux_os/guide/system/network/network_disable_zeroconf/rule.yml b/linux_os/guide/system/network/network_disable_zeroconf/rule.yml
-index 34f6e07e..202330a7 100644
+index 34f6e07e1..202330a73 100644
 --- a/linux_os/guide/system/network/network_disable_zeroconf/rule.yml
 +++ b/linux_os/guide/system/network/network_disable_zeroconf/rule.yml
 @@ -1,6 +1,6 @@
@@ -16448,7 +18241,7 @@ index 34f6e07e..202330a7 100644
  title: 'Disable Zeroconf Networking'
  
 diff --git a/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml b/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
-index 3f497dc7..f85aac04 100644
+index 3f497dc7b..f85aac045 100644
 --- a/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
 +++ b/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -16458,7 +18251,7 @@ index 3f497dc7..f85aac04 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/network/network_nmcli_permissions/rule.yml b/linux_os/guide/system/network/network_nmcli_permissions/rule.yml
-index 63fa589f..587a266a 100644
+index fe5704ea6..d71dee1c7 100644
 --- a/linux_os/guide/system/network/network_nmcli_permissions/rule.yml
 +++ b/linux_os/guide/system/network/network_nmcli_permissions/rule.yml
 @@ -1,6 +1,6 @@
@@ -16470,14 +18263,14 @@ index 63fa589f..587a266a 100644
  title: 'Prevent non-Privileged Users from Modifying Network Interfaces using nmcli'
  
 diff --git a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
-index 66d67584..5a31e197 100644
+index 6970bbdba..2c78e4818 100644
 --- a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure System is Not Acting as a Network Sniffer'
  
@@ -16491,38 +18284,38 @@ index 66d67584..5a31e197 100644
      stigid@sle15: SLES-15-040390
  
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/ansible/shared.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/ansible/shared.yml
-index b49e8cd0..bbbdb90b 100644
+index 51b8c53eb..6cb982f7f 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/ansible/shared.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Fedora,Oracle Linux 7,Oracle Linux 8,WRLinux 1019
-+# platform = Red Hat Virtualization 4,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Fedora,Oracle Linux 7,Oracle Linux 8,WRLinux 1019
+-# platform = Red Hat Virtualization 4,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Fedora,Oracle Linux 7,Oracle Linux 8
++# platform = Red Hat Virtualization 4,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Fedora,Oracle Linux 7,Oracle Linux 8
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
-index 33834759..efe72aa4 100644
+index 175927b3b..1e6dfd931 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure All World-Writable Directories Are Owned by root user'
  
-@@ -28,7 +28,7 @@ references:
+@@ -29,7 +29,7 @@ references:
+     anssi: BP28(R40)
      disa: CCI-000366
-     srg: SRG-OS-000480-GPOS-00227
-     stigid@ol8: OL08-00-010700
+     srg: SRG-OS-000480-GPOS-00227,SRG-OS-000138-GPOS-00069
 -    stigid@rhel8: RHEL-08-010700
 +    stigid@almalinux8: RHEL-08-010700
  
  ocil_clause: 'there is output'
  
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
-index e807cbfe..79482556 100644
+index e807cbfed..79482556b 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -16532,20 +18325,20 @@ index e807cbfe..79482556 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
-index b3395bea..56ff803b 100644
+index 91b3495c9..7f3876c49 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  df --local -P | awk '{if (NR!=1) print $6}' \
- | xargs -I '{}' find '{}' -xdev -type d \
+ | xargs -I '$6' find '$6' -xdev -type d \
  \( -perm -0002 -a ! -perm -1000 \) 2>/dev/null \
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
-index e6a01c6b..a913ea9c 100644
+index 7cd18df08..15314d2e8 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
-@@ -57,7 +57,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000138-GPOS-00069
      stigid@ol8: OL08-00-010190
@@ -16555,42 +18348,51 @@ index e6a01c6b..a913ea9c 100644
      stigid@sle15: SLES-15-010300
      stigid@ubuntu2004: UBTU-20-010411
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/rule.yml
-index 62c58d80..66a531b3 100644
+index 35c176014..65ae3c8fe 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
  
  title: 'Ensure All World-Writable Directories Are Owned by a System Account'
  
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
-index e16d3315..30f891a1 100644
+index 79457f385..221fa3e48 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,wrlinux1019
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
  
  title: 'Ensure All World-Writable Directories Are Group Owned by a System Account'
  
+@@ -40,7 +40,7 @@ references:
+     stigid@ol7: OL07-00-021030
+     stigid@ol8: OL08-00-010710
+     stigid@rhel7: RHEL-07-021030
+-    stigid@rhel8: RHEL-08-010710
++    stigid@almalinux8: RHEL-08-010710
+     stigid@sle12: SLES-12-010830
+     stigid@sle15: SLES-15-040180
+ 
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
-index 18adf450..83a12d56 100644
+index c9ed36852..e9de85764 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9,ubuntu2004
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Verify Permissions on /etc/audit/auditd.conf'
  
-@@ -27,7 +27,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      nist: AU-12(b)
      srg: SRG-OS-000063-GPOS-00032
      stigid@ol8: OL08-00-030610
@@ -16598,20 +18400,20 @@ index 18adf450..83a12d56 100644
 +    stigid@almalinux8: RHEL-08-030610
      stigid@ubuntu2004: UBTU-20-010133
  
- template:
+ ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/audit/auditd.conf", perms="-rw-r-----") }}}'
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
-index 4fcc2f5a..decdeadc 100644
+index ec3bba5b8..72fc391b9 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9,ubuntu2004
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Verify Permissions on /etc/audit/rules.d/*.rules'
  
-@@ -27,7 +27,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      nist: AU-12(b)
      srg: SRG-OS-000063-GPOS-00032
      stigid@ol8: OL08-00-030610
@@ -16619,46 +18421,46 @@ index 4fcc2f5a..decdeadc 100644
 +    stigid@almalinux8: RHEL-08-030610
      stigid@ubuntu2004: UBTU-20-010133
  
- template:
+ ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/audit/rules.d/*.rules", perms="-rw-r-----") }}}'
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
-index b3609fce..e2e48e3a 100644
+index 5683f30bc..1b1322fa1 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
 @@ -2,7 +2,7 @@ documentation_complete: true
  
  title: 'Ensure All SGID Executables Are Authorized'
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle15,wrlinux1019,wrlinux8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15,wrlinux1019,wrlinux8
+-prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,uos20
++prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,uos20
  
  description: |-
      The SGID (set group id) bit should be set only on files that were
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
-index 5e1b37ea..49191c31 100644
+index 249f97174..0500a3260 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
 @@ -2,7 +2,7 @@ documentation_complete: true
  
  title: 'Ensure All SUID Executables Are Authorized'
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle15,wrlinux1019,wrlinux8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15,wrlinux1019,wrlinux8
+-prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,uos20
++prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,uos20
  
  description: |-
      The SUID (set user id) bit should be set only on files that were
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
-index 2dab2757..ce9d67a3 100644
+index 7ba335626..4e9ddab00 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2204
  
  title: 'Ensure All Files Are Owned by a Group'
  
-@@ -50,7 +50,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      stigid@ol7: OL07-00-020330
      stigid@ol8: OL08-00-010790
      stigid@rhel7: RHEL-07-020330
@@ -16668,18 +18470,18 @@ index 2dab2757..ce9d67a3 100644
      stigid@sle15: SLES-15-040410
  
 diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
-index 92351d16..a6b33200 100644
+index 71c8dad9a..c2c328cae 100644
 --- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
 +++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure All Files Are Owned by a User'
  
-@@ -51,7 +51,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      stigid@ol7: OL07-00-020320
      stigid@ol8: OL08-00-010780
      stigid@rhel7: RHEL-07-020320
@@ -16689,7 +18491,7 @@ index 92351d16..a6b33200 100644
      stigid@sle15: SLES-15-040400
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
-index 927d08d0..ebc327b2 100644
+index c8132dc06..f62b5f5c7 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
 @@ -26,7 +26,7 @@ references:
@@ -16702,7 +18504,7 @@ index 927d08d0..ebc327b2 100644
  
  ocil_clause: '{{{ ocil_clause_file_group_owner(file="/var/log", group=gid) }}}'
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
-index f561000e..1df9dd2e 100644
+index 0abe21a0d..d39daeff2 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
 @@ -18,7 +18,7 @@ references:
@@ -16715,7 +18517,7 @@ index f561000e..1df9dd2e 100644
  ocil_clause: '{{{ ocil_clause_file_group_owner(file="/var/log/messages", group="root") }}}'
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
-index 364ddd3c..51808f3d 100644
+index 0d7118ea9..4a544643b 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
 @@ -19,7 +19,7 @@ references:
@@ -16728,7 +18530,7 @@ index 364ddd3c..51808f3d 100644
  
  ocil_clause: '{{{ ocil_clause_file_owner(file="/var/log", owner="root") }}}'
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
-index 1face69c..f8d10128 100644
+index f0d63e361..21c82f341 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
 @@ -18,7 +18,7 @@ references:
@@ -16741,10 +18543,10 @@ index 1face69c..f8d10128 100644
  ocil_clause: '{{{ ocil_clause_file_owner(file="/var/log/messages", owner="root") }}}'
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
-index 5c826250..bb7ce6a4 100644
+index 94d663b9e..f57f0431b 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
-@@ -20,7 +20,7 @@ references:
+@@ -21,7 +21,7 @@ references:
      disa: CCI-001314
      srg: SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-010240
@@ -16754,7 +18556,7 @@ index 5c826250..bb7ce6a4 100644
  
  ocil_clause: '{{{ ocil_clause_file_permissions(file="/var/log", perms="drwxr-xr-x") }}}'
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
-index a1faf8be..178d7f8b 100644
+index d0cded9af..5125eb59e 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
 @@ -19,7 +19,7 @@ references:
@@ -16767,195 +18569,157 @@ index a1faf8be..178d7f8b 100644
  ocil_clause: '{{{ ocil_clause_file_permissions(file="/var/log/messages", perms="-rw-r-----") }}}'
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
-index 3a6167a5..d8a687b5 100644
+index 8831095b9..132d2346f 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Verify that Shared Library Directories Have Root Group Ownership'
  
 @@ -39,7 +39,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
-     stigid@ol8: OL08-00-010350
+     stigid@ol8: OL08-00-010351
 -    stigid@rhel8: RHEL-08-010351
 +    stigid@almalinux8: RHEL-08-010351
      stigid@sle12: SLES-12-010876
      stigid@sle15: SLES-15-010356
      stigid@ubuntu2004: UBTU-20-010431
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/all_dirs_ok.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/all_dirs_ok.pass.sh
-index 6a05a2b8..ba70bf50 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/all_dirs_ok.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/all_dirs_ok.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- DIRS="/lib /lib64 /usr/lib /usr/lib64"
- for dirPath in $DIRS; do
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/correct_groupowner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/correct_groupowner.pass.sh
-index 6a05a2b8..ba70bf50 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/correct_groupowner.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/correct_groupowner.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- DIRS="/lib /lib64 /usr/lib /usr/lib64"
- for dirPath in $DIRS; do
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner.fail.sh
-index 36461f5e..d3ab88b9 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- DIRS="/lib /lib64 /usr/lib /usr/lib64"
- for dirPath in $DIRS; do
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner_2.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner_2.fail.sh
-index 3f09e3dd..9d78a30e 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner_2.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner_2.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- DIRS="/lib /lib64 /usr/lib /usr/lib64"
- for dirPath in $DIRS; do
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/nobody_group_owned_dir_on_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/nobody_group_owned_dir_on_lib.fail.sh
-index 36461f5e..d3ab88b9 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/nobody_group_owned_dir_on_lib.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/nobody_group_owned_dir_on_lib.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- DIRS="/lib /lib64 /usr/lib /usr/lib64"
- for dirPath in $DIRS; do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
-index f0781b30..bee598ce 100644
+index c5d67497f..1214cbbde 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
-@@ -36,7 +36,7 @@ references:
-     disa: CCI-001499
+@@ -37,7 +37,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
+     stigid@ol8: OL08-00-010341
 -    stigid@rhel8: RHEL-08-010341
 +    stigid@almalinux8: RHEL-08-010341
      stigid@sle12: SLES-12-010874
      stigid@sle15: SLES-15-010354
      stigid@ubuntu2004: UBTU-20-010429
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
-index a0d49905..396f228e 100644
+index d2b47d989..9f25146b9 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  DIRS="/lib /lib64 /usr/lib /usr/lib64"
  for dirPath in $DIRS; do
  	find "$dirPath" -type d -exec chown root '{}' \;
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
-index f366c2d7..e8291c26 100644
+index 542184ae8..9cdfbf737 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  groupadd nogroup
  DIRS="/lib /lib64"
  for dirPath in $DIRS; do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
-index 6e62e8c6..f26b4350 100644
+index 68230eb4b..d9808b10a 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
-@@ -43,7 +43,7 @@ references:
-     nerc-cip: CIP-003-8 R6
+@@ -44,7 +44,7 @@ references:
      nist: CM-5,CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
+     stigid@ol8: OL08-00-010331
 -    stigid@rhel8: RHEL-08-010331
 +    stigid@almalinux8: RHEL-08-010331
      stigid@sle12: SLES-12-010872
      stigid@sle15: SLES-15-010352
      stigid@ubuntu2004: UBTU-20-010427
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
-index 6e957c30..3743441b 100644
+index 5f8dcd2eb..7980d87b5 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  DIRS="/lib /lib64 /usr/lib /usr/lib64"
  for dirPath in $DIRS; do
  	find "$dirPath" -perm /022 -type d -exec chmod go-w '{}' \;
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
-index 55ff9ceb..93e11a14 100644
+index c3cd0944b..3c41df40c 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  DIRS="/lib /lib64 /usr/lib /usr/lib64"
  for dirPath in $DIRS; do
      chmod -R 755 "$dirPath"
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
-index c2b5b6bf..c6d40fa0 100644
+index 90ae74be6..243a8e16e 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  DIRS="/lib /lib64"
  for dirPath in $DIRS; do
  	mkdir -p "$dirPath/testme" && chmod 777  "$dirPath/testme"
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
-index 40e6c42c..8634e33c 100644
+index ebaf9b766..858020d51 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  DIRS="/usr/lib /usr/lib64"
  for dirPath in $DIRS; do
  	mkdir -p "$dirPath/testme" && chmod 777 "$dirPath/testme"
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml
+index e8c2cfa13..63ece0bf0 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
+ 
+ title: 'Verify that audit tools are owned by group root'
+ 
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
-index eec7485f..698722f7 100644
+index 8f479451b..21a923e63 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Oracle Linux 8,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_sle,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # reboot = false
  # strategy = restrict
  # complexity = medium
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
-index e352dd34..dc8fa8b2 100644
+index b9bbe4dbe..2652ea041 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Oracle Linux 8,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
-+# platform = multi_platform_sle,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
+-# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
++# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
  
  for SYSCMDFILES in /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin
  do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
-index 8fc75390..e0f73c01 100644
+index d50a7162e..41968db17 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
- title: 'Verify that system commands files are group owned by root '
+ title: 'Verify that system commands files are group owned by root or a system account'
  
-@@ -43,7 +43,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010320
@@ -16964,8 +18728,20 @@ index 8fc75390..e0f73c01 100644
      stigid@sle12: SLES-12-010882
      stigid@sle15: SLES-15-010361
      stigid@ubuntu2004: UBTU-20-010458
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml
+index e1caace87..556d69b87 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
+ 
+ title: 'Verify that audit tools are owned by root'
+ 
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
-index 04178f48..ce116710 100644
+index 04178f485..ce116710e 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -16975,7 +18751,7 @@ index 04178f48..ce116710 100644
  # strategy = restrict
  # complexity = medium
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
-index 5471f360..1a2c2a9f 100644
+index 5471f360f..1a2c2a9fa 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -16985,7 +18761,7 @@ index 5471f360..1a2c2a9f 100644
  /usr/bin/ \
  /usr/local/bin/ \
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
-index b0006b2c..cc3bad25 100644
+index 32b2d523d..390c82540 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
 @@ -43,7 +43,7 @@ references:
@@ -16998,7 +18774,7 @@ index b0006b2c..cc3bad25 100644
      stigid@sle15: SLES-15-010359
      stigid@ubuntu2004: UBTU-20-010457
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
-index b6bc18e8..6630189c 100644
+index bc1f3caff..e0bf781b4 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
 @@ -44,7 +44,7 @@ references:
@@ -17011,27 +18787,59 @@ index b6bc18e8..6630189c 100644
      stigid@sle15: SLES-15-010353
      stigid@ubuntu2004: UBTU-20-010428
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
-index 92c6a088..f5601ebd 100644
+index 9c3fa6fe9..78ab97152 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
  do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
-index 84da71f4..f52ddfbb 100644
+index 02867684c..8b274eded 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
  
  useradd user_test
  for TESTFILE in /lib/test_me /lib64/test_me /usr/lib/test_me /usr/lib64/test_me
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
+index 0e380cb21..ef3993070 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ 
+ useradd user_test
+ 
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
+index 3382568ce..b4f4bd0a0 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ 
+ useradd user_test
+ 
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml
+index f87b5094a..6eb6e3866 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
+ 
+ title: 'Verify that audit tools Have Mode 0755 or less'
+ 
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
-index 33196965..b0572f9d 100644
+index 33196965d..b0572f9da 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -17041,7 +18849,7 @@ index 33196965..b0572f9d 100644
  # strategy = restrict
  # complexity = medium
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
-index ab89b277..f4a7c33a 100644
+index ab89b277a..f4a7c33a9 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -17051,7 +18859,7 @@ index ab89b277..f4a7c33a 100644
  for dirPath in $DIRS; do
  	find "$dirPath" -perm /022 -exec chmod go-w '{}' \;
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
-index 43ba90a6..8ff566c5 100644
+index aed33a494..50ceca9a3 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
 @@ -43,7 +43,7 @@ references:
@@ -17064,7 +18872,7 @@ index 43ba90a6..8ff566c5 100644
      stigid@sle15: SLES-15-010358
      stigid@ubuntu2004: UBTU-20-010456
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
-index 5a708cf7..0301d7b2 100644
+index f497a602a..26766e94b 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
 @@ -44,7 +44,7 @@ references:
@@ -17077,14 +18885,14 @@ index 5a708cf7..0301d7b2 100644
      stigid@sle15: SLES-15-010351
      stigid@ubuntu2004: UBTU-20-010426
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
-index ec135b52..1bd33e47 100644
+index 539b42740..84335b1e5 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: |-
      Verify the system-wide library files in directories
@@ -17098,7 +18906,7 @@ index ec135b52..1bd33e47 100644
      stigid@sle15: SLES-15-010355
      stigid@ubuntu2004: UBTU-20-01430
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
-index 5356d374..a85c8800 100644
+index 5356d3742..a85c88001 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
 @@ -1,4 +1,4 @@
@@ -17108,7 +18916,7 @@ index 5356d374..a85c8800 100644
  for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
  do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
-index 7352b60a..fc84e065 100644
+index 7352b60aa..fc84e065c 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
 @@ -1,4 +1,4 @@
@@ -17118,7 +18926,7 @@ index 7352b60a..fc84e065 100644
  groupadd group_test
  for TESTFILE in /lib/test_me /lib64/test_me /usr/lib/test_me /usr/lib64/test_me
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
-index b0d59400..4a71eccd 100644
+index b0d594003..4a71eccda 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -17129,12 +18937,12 @@ index b0d59400..4a71eccd 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
-index 12c48f27..d184e3e7 100644
+index 710fc0bf6..bb5efb398 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
 +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
-@@ -25,7 +25,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      nist: CM-6(a),AC-6(1)
-     srg: SRG-OS-000324-GPOS-00125
+     srg: SRG-OS-000312-GPOS-00122,SRG-OS-000312-GPOS-00123,SRG-OS-000324-GPOS-00125
      stigid@ol8: OL08-00-010374
 -    stigid@rhel8: RHEL-08-010374
 +    stigid@almalinux8: RHEL-08-010374
@@ -17142,7 +18950,7 @@ index 12c48f27..d184e3e7 100644
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="fs.protected_hardlinks", value="1") }}}
  
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
-index 5ce0decb..b7a4243e 100644
+index 5ce0decba..b7a4243e4 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -17153,12 +18961,12 @@ index 5ce0decb..b7a4243e 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
-index 32ab388f..0273088d 100644
+index 3b66b3c9b..11eb7181a 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
 +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      nist: CM-6(a),AC-6(1)
-     srg: SRG-OS-000324-GPOS-00125
+     srg: SRG-OS-000312-GPOS-00122,SRG-OS-000312-GPOS-00123,SRG-OS-000324-GPOS-00125
      stigid@ol8: OL08-00-010373
 -    stigid@rhel8: RHEL-08-010373
 +    stigid@almalinux8: RHEL-08-010373
@@ -17166,7 +18974,7 @@ index 32ab388f..0273088d 100644
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="fs.protected_symlinks", value="1") }}}
  
 diff --git a/linux_os/guide/system/permissions/mounting/bios_assign_password/rule.yml b/linux_os/guide/system/permissions/mounting/bios_assign_password/rule.yml
-index 184a746f..0807776c 100644
+index 184a746ff..0807776c6 100644
 --- a/linux_os/guide/system/permissions/mounting/bios_assign_password/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/bios_assign_password/rule.yml
 @@ -1,6 +1,6 @@
@@ -17178,7 +18986,7 @@ index 184a746f..0807776c 100644
  title: 'Assign Password to Prevent Changes to Boot Firmware Configuration'
  
 diff --git a/linux_os/guide/system/permissions/mounting/bios_disable_usb_boot/rule.yml b/linux_os/guide/system/permissions/mounting/bios_disable_usb_boot/rule.yml
-index 311ae83b..a11f1d66 100644
+index 311ae83b6..a11f1d66d 100644
 --- a/linux_os/guide/system/permissions/mounting/bios_disable_usb_boot/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/bios_disable_usb_boot/rule.yml
 @@ -1,6 +1,6 @@
@@ -17190,41 +18998,30 @@ index 311ae83b..a11f1d66 100644
  title: 'Disable Booting from USB Devices in Boot Firmware'
  
 diff --git a/linux_os/guide/system/permissions/mounting/grub2_nousb_argument/rule.yml b/linux_os/guide/system/permissions/mounting/grub2_nousb_argument/rule.yml
-index 848e7338..8f7db86a 100644
+index f06e24767..5951a4402 100644
 --- a/linux_os/guide/system/permissions/mounting/grub2_nousb_argument/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/grub2_nousb_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,rhel7,rhel8
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8
+-prodtype: alinux2,fedora,rhcos4,rhel7,rhel8
++prodtype: alinux2,fedora,rhcos4,rhel7,rhel8,almalinux8
  
  title: 'Disable Kernel Support for USB via Bootloader Configuration'
  
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/kubernetes/shared.yml
-index 44c5bffe..2eb544c7 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
-index a6e1bec4..fe2889b5 100644
+index 664c7364e..9e6c956b3 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004
+-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
++prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
  
  title: 'Disable Mounting of cramfs'
  
-@@ -44,7 +44,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040025
@@ -17233,168 +19030,91 @@ index a6e1bec4..fe2889b5 100644
  
  {{{ complete_ocil_entry_module_disable(module="cramfs") }}}
  
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/kubernetes/shared.yml
-index f53ca7e3..7decd700 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/rule.yml
-index cf38af75..b27990b7 100644
+index ce22f6058..fdc397ade 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
  
  title: 'Disable Mounting of freevxfs'
  
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/kubernetes/shared.yml
-index ef0e24a3..829121c2 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/rule.yml
-index fd08e9fa..68318195 100644
+index ec81e6f9a..d565d6bd3 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004
+-prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
++prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
  
  title: 'Disable Mounting of hfs'
  
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/kubernetes/shared.yml
-index a20bc997..8106f54c 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/rule.yml
-index 74f69a23..ef0bdbc4 100644
+index f6080cd7b..f1506bd6a 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004
+-prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
++prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
  
  title: 'Disable Mounting of hfsplus'
  
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/kubernetes/shared.yml
-index 77723846..fd3ece4c 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/rule.yml
-index b2203d3f..2c0bc01e 100644
+index b311a36be..6433b07a8 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
  
  title: 'Disable Mounting of jffs2'
  
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/kubernetes/shared.yml
-index be4526c5..febc07d2 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
-index 3380c193..459c2f31 100644
+index 54f0218f3..6a79fe57b 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
  
  title: 'Disable Mounting of squashfs'
  
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/kubernetes/shared.yml
-index ba69e9bf..615e5db4 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml
-index ba9f91f4..0c2db132 100644
+index 7b1f0c300..2a3d78941 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004
+-prodtype: alinux3,fedora,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
++prodtype: alinux3,fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
  
  title: 'Disable Mounting of udf'
  
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/kubernetes/shared.yml
-index 32e39f20..a00da355 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
-index bd560d77..47fb22d8 100644
+index 8cbcf66dc..c04a4295c 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Modprobe Loading of USB Storage Driver'
  
-@@ -45,7 +45,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-020100
      stigid@ol8: OL08-00-040080
      stigid@rhel7: RHEL-07-020100
@@ -17403,31 +19123,20 @@ index bd560d77..47fb22d8 100644
      stigid@sle12: SLES-12-010580
      stigid@sle15: SLES-15-010480
  
-diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/kubernetes/shared.yml
-index 2be4cc35..a50aa726 100644
---- a/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/rule.yml
-index 5af0cf51..34618357 100644
+index 3eb2828f6..dd7b566ca 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Disable Mounting of vFAT filesystems'
  
 diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/kubernetes/shared.yml
-index 41352695..8b69802a 100644
+index 41352695f..8b69802ab 100644
 --- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -17438,18 +19147,18 @@ index 41352695..8b69802a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
-index 2035b36d..bbcd052a 100644
+index 86c428a68..4e81a631c 100644
 --- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204,uos20
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204,uos20
  
  title: 'Disable the Automounter'
  
-@@ -53,7 +53,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-020110
      stigid@ol8: OL08-00-040070
      stigid@rhel7: RHEL-07-020110
@@ -17458,55 +19167,76 @@ index 2035b36d..bbcd052a 100644
      stigid@sle12: SLES-12-010590
      stigid@sle15: SLES-15-010240
  
+diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
+index 310f0de84..9f61c3e69 100644
+--- a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
++++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: ol8,rhel8,rhel9
++prodtype: ol8,rhel8,almalinux8,rhel9
+ 
+ title: 'Add nosuid Option to /boot/efi'
+ 
+@@ -27,7 +27,7 @@ references:
+     nist: CM-6(b),CM-6.1(iv)
+     srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010572
+-    stigid@rhel8: RHEL-08-010572
++    stigid@almalinux8: RHEL-08-010572
+ 
+ platform: machine and uefi
+ 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_noauto/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_noauto/rule.yml
-index da7833ee..47c3af4c 100644
+index e7e5ef074..cfee0e0ea 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_noauto/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_noauto/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Add noauto Option to /boot'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
-index da96d7e5..1c278823 100644
+index 9ea1c41ed..32177918c 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Add nodev Option to /boot'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_noexec/rule.yml
-index e6f8d284..d35ad835 100644
+index 64df08b9e..4167a7efd 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_noexec/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Add noexec Option to /boot'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
-index 8f8c2fd5..cb1400e1 100644
+index bd05306ce..756b2377c 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Add nosuid Option to /boot'
  
-@@ -31,7 +31,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010571
@@ -17516,31 +19246,31 @@ index 8f8c2fd5..cb1400e1 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
-index 304b2c32..b5b9afd6 100644
+index 8e03d1265..c3e8a35dc 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
-@@ -42,7 +42,7 @@ references:
-     stigid@ol7: OL07-00-021022
+@@ -48,7 +48,7 @@ references:
+     stigid@ol7: OL07-00-021024
      stigid@ol8: OL08-00-040120
-     stigid@rhel7: RHEL-07-021022
+     stigid@rhel7: RHEL-07-021024
 -    stigid@rhel8: RHEL-08-040120
 +    stigid@almalinux8: RHEL-08-040120
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
-index d99aa5f8..85ce4e1e 100644
+index fec79aeca..034fb5b86 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
  
  title: 'Add noexec Option to /dev/shm'
  
-@@ -45,7 +45,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      stigid@ol7: OL07-00-021024
      stigid@ol8: OL08-00-040122
      stigid@rhel7: RHEL-07-021024
@@ -17550,39 +19280,51 @@ index d99aa5f8..85ce4e1e 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
-index 29d43609..8498dd16 100644
+index 270100d1b..8bc04e203 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
-@@ -42,7 +42,7 @@ references:
-     stigid@ol7: OL07-00-021023
+@@ -48,7 +48,7 @@ references:
+     stigid@ol7: OL07-00-021024
      stigid@ol8: OL08-00-040121
-     stigid@rhel7: RHEL-07-021023
+     stigid@rhel7: RHEL-07-021024
 -    stigid@rhel8: RHEL-08-040121
 +    stigid@almalinux8: RHEL-08-040121
  
  platform: machine
  
+diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_grpquota/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_grpquota/rule.yml
+index b045cd942..9080e4121 100644
+--- a/linux_os/guide/system/permissions/partitions/mount_option_home_grpquota/rule.yml
++++ b/linux_os/guide/system/permissions/partitions/mount_option_home_grpquota/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
+ 
+ title: 'Add grpquota Option to /home'
+ 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
-index ad7a6cb0..9ca0d640 100644
+index e7416dec1..bee38591b 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804
+-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2204
++prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2204
  
  title: 'Add nodev Option to /home'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
-index 17fd0250..c47cd692 100644
+index 85bebc775..df22b2a7c 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Add noexec Option to /home'
  
@@ -17596,18 +19338,18 @@ index 17fd0250..c47cd692 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
-index efcf8b6b..3be724a5 100644
+index 24af2ab93..98d82d848 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
++prodtype: alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2204
  
  title: 'Add nosuid Option to /home'
  
-@@ -40,7 +40,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-021000
      stigid@ol8: OL08-00-010570
      stigid@rhel7: RHEL-07-021000
@@ -17616,19 +19358,31 @@ index efcf8b6b..3be724a5 100644
      stigid@sle12: SLES-12-010790
      stigid@sle15: SLES-15-040140
  
+diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml
+index 7ffa9379d..f2e583238 100644
+--- a/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml
++++ b/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
+ 
+ title: 'Add usrquota Option to /home'
+ 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
-index 16d7fc54..c020eca2 100644
+index a22d24b1a..05dba6105 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Add nodev Option to Non-Root Local Partitions'
  
-@@ -45,6 +45,6 @@ references:
+@@ -47,7 +47,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010580
@@ -17636,19 +19390,20 @@ index 16d7fc54..c020eca2 100644
 +    stigid@almalinux8: RHEL-08-010580
  
  platform: machine
+ 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
-index 01adc4dd..2c2a8634 100644
+index d06852da9..67d3c85cf 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804
  
  title: 'Add nodev Option to Removable Media Partitions'
  
-@@ -43,7 +43,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist-csf: PR.AC-3,PR.AC-6,PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010600
@@ -17658,18 +19413,18 @@ index 01adc4dd..2c2a8634 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
-index cb8b510e..40ec8601 100644
+index 75934b9d7..d1da5bbc3 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804
  
  title: 'Add noexec Option to Removable Media Partitions'
  
-@@ -40,7 +40,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      nist-csf: PR.AC-3,PR.AC-6,PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010610
@@ -17679,14 +19434,14 @@ index cb8b510e..40ec8601 100644
  ocil_clause: 'removable media partitions are present'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
-index aacc7fc8..a824cca5 100644
+index 2ae9f064c..b9ce16e9d 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804
  
  title: 'Add nosuid Option to Removable Media Partitions'
  
@@ -17700,105 +19455,117 @@ index aacc7fc8..a824cca5 100644
      stigid@sle15: SLES-15-040150
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_opt_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_opt_nosuid/rule.yml
-index b67d96ba..c97be491 100644
+index 3d417e40c..9d2cf2ea3 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_opt_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_opt_nosuid/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Add nosuid Option to /opt'
  
+diff --git a/linux_os/guide/system/permissions/partitions/mount_option_proc_hidepid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_proc_hidepid/rule.yml
+index 9d56bdd57..5116b247e 100644
+--- a/linux_os/guide/system/permissions/partitions/mount_option_proc_hidepid/rule.yml
++++ b/linux_os/guide/system/permissions/partitions/mount_option_proc_hidepid/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel7,rhel8,rhel9
++prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
+ 
+ title: 'Add hidepid Option to /proc'
+ 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_srv_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_srv_nosuid/rule.yml
-index 022dee6d..50d8fc14 100644
+index eb4d1422c..bba908938 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_srv_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_srv_nosuid/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Add nosuid Option to /srv'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
-index 91d2e4b1..445580c3 100644
+index eee06e09d..e508628bd 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2204
  
  title: 'Add nodev Option to /tmp'
  
-@@ -41,7 +41,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040123
 -    stigid@rhel8: RHEL-08-040123
 +    stigid@almalinux8: RHEL-08-040123
  
- platform: machine
+ platform: machine and partition-tmp
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
-index d256935d..aeae4648 100644
+index 09b7aec4a..d5d40b95f 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
  
  title: 'Add noexec Option to /tmp'
  
-@@ -40,7 +40,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040125
 -    stigid@rhel8: RHEL-08-040125
 +    stigid@almalinux8: RHEL-08-040125
  
- platform: machine
+ platform: machine and partition-tmp
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
-index 20a28c3e..495398f3 100644
+index 77ef92a5a..df49ffa90 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2204
  
  title: 'Add nosuid Option to /tmp'
  
-@@ -41,7 +41,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040124
 -    stigid@rhel8: RHEL-08-040124
 +    stigid@almalinux8: RHEL-08-040124
  
- platform: machine
+ platform: machine and partition-tmp
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
-index ed5fb24d..bbfcb20d 100644
+index 289511bfa..ebf776a59 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
  
  title: 'Add nodev Option to /var/log/audit'
  
-@@ -32,7 +32,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040129
@@ -17808,18 +19575,18 @@ index ed5fb24d..bbfcb20d 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
-index afbb7621..b68aaa18 100644
+index b58554891..ee80c5c93 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
  
  title: 'Add noexec Option to /var/log/audit'
  
-@@ -30,7 +30,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040131
@@ -17829,18 +19596,18 @@ index afbb7621..b68aaa18 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
-index 69cdfe29..51352833 100644
+index 5ae834740..135d854ad 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
  
  title: 'Add nosuid Option to /var/log/audit'
  
-@@ -31,7 +31,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040130
@@ -17850,18 +19617,18 @@ index 69cdfe29..51352833 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
-index eacb16c9..1bbcda2d 100644
+index 2da6e25a8..e6f7b9513 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
  
  title: 'Add nodev Option to /var/log'
  
-@@ -32,7 +32,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040126
@@ -17871,18 +19638,18 @@ index eacb16c9..1bbcda2d 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
-index 95af813f..35c4dd04 100644
+index b8f0be9b2..71143163f 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
  
  title: 'Add noexec Option to /var/log'
  
-@@ -31,7 +31,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040128
@@ -17892,18 +19659,18 @@ index 95af813f..35c4dd04 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
-index cb3ea8a7..b3dfafe8 100644
+index a1c4a5b46..4348bed02 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
  
  title: 'Add nosuid Option to /var/log'
  
-@@ -32,7 +32,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040127
@@ -17913,43 +19680,43 @@ index cb3ea8a7..b3dfafe8 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
-index fc144ac6..df807e2b 100644
+index a178cd462..a3529356f 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
  
  title: 'Add nodev Option to /var'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_noexec/rule.yml
-index 7119419e..eb43ae82 100644
+index 1c8c7ab5e..78adc3ea3 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_noexec/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Add noexec Option to /var'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml
-index ca3e15f3..a16ad330 100644
+index e6e912b01..d250a0b13 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
++prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
  
  title: 'Add nosuid Option to /var'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
-index 59e39270..5c154d33 100644
+index 59e39270d..5c154d333 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -17959,7 +19726,7 @@ index 59e39270..5c154d33 100644
  # Delete particular /etc/fstab's row if /var/tmp is already configured to
  # represent a mount point (for some device or filesystem other than /tmp)
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml
-index 133e7727..0ec19fa7 100644
+index 05992df4b..ddd97e10f 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml
 @@ -1,6 +1,6 @@
@@ -17971,70 +19738,70 @@ index 133e7727..0ec19fa7 100644
  title: 'Bind Mount /var/tmp To /tmp'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
-index 4fc4e4ef..071873cb 100644
+index b870dee01..99f4fec05 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804
+-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2204
++prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2204
  
  title: 'Add nodev Option to /var/tmp'
  
-@@ -34,7 +34,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      disa: CCI-001764
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040132
 -    stigid@rhel8: RHEL-08-040132
 +    stigid@almalinux8: RHEL-08-040132
  
- platform: machine
- 
+ platforms:
+   - machine and partition-var-tmp
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
-index b499ccb8..99d3ce64 100644
+index 22b8d6ad5..9870d5c7e 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804
+-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2204
++prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2204
  
  title: 'Add noexec Option to /var/tmp'
  
-@@ -34,7 +34,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      disa: CCI-001764
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040134
 -    stigid@rhel8: RHEL-08-040134
 +    stigid@almalinux8: RHEL-08-040134
  
- platform: machine
+ platform: machine and partition-var-tmp
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
-index e0f00b5f..50e848be 100644
+index 5414eba58..012b77a0a 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804
+-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2204
++prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2204
  
  title: 'Add nosuid Option to /var/tmp'
  
-@@ -34,7 +34,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      disa: CCI-001764
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040133
 -    stigid@rhel8: RHEL-08-040133
 +    stigid@almalinux8: RHEL-08-040133
  
- platform: machine
+ platform: machine and partition-var-tmp
  
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
-index d9480227..554e34e0 100644
+index d94802273..554e34e00 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18045,20 +19812,20 @@ index d9480227..554e34e0 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
-index cb2a8972..edef6641 100644
+index dfaeaa7ec..9e1ee9159 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010675
 -    stigid@rhel8: RHEL-08-010675
 +    stigid@almalinux8: RHEL-08-010675
  
- ocil_clause: ProcessSizeMax is not set to zero
+ ocil_clause: 'the "ProcessSizeMax" item is missing, commented out, or the value is anything other than "0" and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core" item assigned'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
-index d9480227..554e34e0 100644
+index d94802273..554e34e00 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18069,30 +19836,30 @@ index d9480227..554e34e0 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
-index ede0cc9e..9ad57977 100644
+index 19cf6c759..e1e6bc21a 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010674
 -    stigid@rhel8: RHEL-08-010674
 +    stigid@almalinux8: RHEL-08-010674
  
- ocil_clause: Storage is not set to none
+ ocil_clause: Storage is not set to none or is commented out and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core" item assigned
  
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
-index 5d6b55f0..97f8f558 100644
+index 32651fa92..b68ea1c66 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  SECURITY_LIMITS_FILE="/etc/security/limits.conf"
  
- if grep -qE '\*\s+hard\s+core' $SECURITY_LIMITS_FILE; then
+ if grep -qE '^\s*\*\s+hard\s+core' $SECURITY_LIMITS_FILE; then
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
-index 41cbd119..481afa58 100644
+index 41cbd1197..481afa583 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18103,35 +19870,35 @@ index 41cbd119..481afa58 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
-index f61b48fc..3916b7cd 100644
+index 96ccbe728..f12b6dcaa 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Disable Core Dumps for All Users'
  
-@@ -38,7 +38,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      nist-csf: DE.CM-1,PR.DS-4
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010673
 -    stigid@rhel8: RHEL-08-010673
 +    stigid@almalinux8: RHEL-08-010673
  
- ocil_clause: 'it is not'
+ ocil_clause: 'the "core" item is missing, commented out, or the value is anything other than "0" and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core"'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
-index 1dfdc3d2..00805dfe 100644
+index 61030d4d2..cccba50fa 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Disable acquiring, saving, and processing core dumps'
  
@@ -18145,7 +19912,7 @@ index 1dfdc3d2..00805dfe 100644
  ocil_clause: unit systemd-coredump.socket is not masked or running
  
 diff --git a/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/bash/shared.sh b/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/bash/shared.sh
-index a51038bb..13f289b8 100644
+index a51038bb8..13f289b8f 100644
 --- a/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -18155,7 +19922,7 @@ index a51038bb..13f289b8 100644
  {{{ bash_instantiate_variables("var_umask_for_daemons") }}}
  
 diff --git a/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/rule.yml b/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/rule.yml
-index 6b2922e1..6cccb08a 100644
+index 6b2922e13..6cccb08ad 100644
 --- a/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/rule.yml
 @@ -1,6 +1,6 @@
@@ -18167,19 +19934,19 @@ index 6b2922e1..6cccb08a 100644
  title: 'Set Daemon Umask'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
-index 579b8641..4dc86daf 100644
+index febe85cac..f149b5897 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Enable ExecShield via sysctl'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
-index 415b0486..02b1e991 100644
+index 415b0486d..02b1e991a 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18190,7 +19957,7 @@ index 415b0486..02b1e991 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
-index 0bc8511f..6f33bcaa 100644
+index 367934b56..939da659b 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
 @@ -28,7 +28,7 @@ references:
@@ -18202,8 +19969,30 @@ index 0bc8511f..6f33bcaa 100644
      stigid@sle12: SLES-12-030320
      stigid@sle15: SLES-15-010540
  
+diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
+index 70189666c..22f9e966b 100644
+--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
++++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ # Clean sysctl config directories
+ rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
+diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
+index 209395fa9..23cce30a8 100644
+--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
++++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ # Clean sysctl config directories
+ rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
-index 7a4c107b..22e20912 100644
+index 7a4c107b2..22e209120 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18214,10 +20003,10 @@ index 7a4c107b..22e20912 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
-index 805bf34b..c7ebb832 100644
+index 9567cdae7..2bf890930 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-040201
      stigid@ol8: OL08-00-010430
      stigid@rhel7: RHEL-07-040201
@@ -18227,19 +20016,19 @@ index 805bf34b..c7ebb832 100644
      stigid@sle15: SLES-15-010550
      stigid@ubuntu2004: UBTU-20-010448
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
-index fabf9f88..7834d0ea 100644
+index c09aefe25..0b99d0773 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Enable NX or XD Support in the BIOS'
  
-@@ -37,7 +37,7 @@ references:
-     nist-csf: PR.IP-1
+@@ -40,7 +40,7 @@ references:
+     pcidss: Req-2.2.1
      srg: SRG-OS-000433-GPOS-00192
      stigid@ol8: OL08-00-010420
 -    stigid@rhel8: RHEL-08-010420
@@ -18248,29 +20037,29 @@ index fabf9f88..7834d0ea 100644
  
  platform: machine
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
-index 2df5dfbe..bfb97daf 100755
+index 6d87da5f2..021acd31f 100755
 --- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
 +++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # remediation = none
  
  cp /proc/cpuinfo /tmp/cpuinfo
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
-index 37f4870f..1d82fec3 100755
+index 3260539b3..29d22d491 100755
 --- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
 +++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # remediation = none
  
  cp /proc/cpuinfo /tmp/cpuinfo
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/install_PAE_kernel_on_x86-32/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_nx/install_PAE_kernel_on_x86-32/rule.yml
-index 88ffe875..e0f80820 100644
+index a7adc1027..b85718ddb 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_nx/install_PAE_kernel_on_x86-32/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_nx/install_PAE_kernel_on_x86-32/rule.yml
 @@ -1,6 +1,6 @@
@@ -18281,15 +20070,28 @@ index 88ffe875..e0f80820 100644
  
  title: 'Install PAE Kernel on Supported 32-bit x86 Systems'
  
+diff --git a/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
+index 972743474..01eed5505 100644
+--- a/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
++++ b/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
+@@ -20,7 +20,7 @@ references:
+     nist: CM-7 (a),CM-7 (5) (b)
+     srg: SRG-OS-000095-GPOS-00049,SRG-OS-000370-GPOS-00155
+     stigid@l8: OL08-00-040020
+-    stigid@rhel8: RHEL-08-040020
++    stigid@almalinux8: RHEL-08-040020
+ 
+ platform: machine
+ 
 diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
-index 1ad6c6b3..25b0ffd9 100644
+index f35b9537d..6e0f427bb 100644
 --- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Enable page allocator poisoning'
  
@@ -18303,14 +20105,14 @@ index 1ad6c6b3..25b0ffd9 100644
  ocil_clause: 'page allocator poisoning is not enabled'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
-index e40f5377..9c93f7d0 100644
+index a9605bf9b..9000f3096 100644
 --- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Enable SLUB/SLAB allocator poisoning'
  
@@ -18324,7 +20126,7 @@ index e40f5377..9c93f7d0 100644
  ocil_clause: 'SLUB/SLAB poisoning is not enabled'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
-index 88c68344..fa9b2020 100644
+index 88c683445..fa9b2020d 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18335,28 +20137,40 @@ index 88c68344..fa9b2020 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-index efbcaa13..f9ba918e 100644
+index e36985406..5a3a5583b 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Disable storing core dumps'
  
-@@ -24,7 +24,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010671
 -    stigid@rhel8: RHEL-08-010671
 +    stigid@almalinux8: RHEL-08-010671
  
- {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.core_pattern", value="|/bin/false") }}}
+ ocil_clause:  |-
+     the returned line does not have a value of "|/bin/false", or a line is not
+diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_uses_pid/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_uses_pid/rule.yml
+index 8f51f97c1..439a8ba93 100644
+--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_uses_pid/rule.yml
++++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_uses_pid/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
+ 
+ title: 'Configure file name of core dumps'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
-index 36e025cc..e97acde1 100644
+index 36e025cc3..e97acde11 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18367,28 +20181,28 @@ index 36e025cc..e97acde1 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
-index e21ace56..9305a888 100644
+index 8dab1d048..9ddd9d587 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Restrict Access to Kernel Message Buffer'
  
-@@ -27,7 +27,7 @@ references:
-     nist: SI-11(a),SI-11(b)
+@@ -29,7 +29,7 @@ references:
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069
      stigid@ol8: OL08-00-010375
+     stigid@rhel7: RHEL-07-010375
 -    stigid@rhel8: RHEL-08-010375
 +    stigid@almalinux8: RHEL-08-010375
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.dmesg_restrict", value="1") }}}
  
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
-index 505b3c12..cdf18e6d 100644
+index 505b3c12b..cdf18e6dd 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18399,14 +20213,14 @@ index 505b3c12..cdf18e6d 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
-index 1fb1ef38..cc928d9d 100644
+index 4e68361c2..4147b3046 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Disable Kernel Image Loading'
  
@@ -18420,43 +20234,43 @@ index 1fb1ef38..cc928d9d 100644
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.kexec_load_disabled", value="1") }}}
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_modules_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_modules_disabled/rule.yml
-index 1722b937..03e919ac 100644
+index 7ddced284..42131cf8e 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_modules_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_modules_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Disable loading and unloading of kernel modules'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_cpu_time_max_percent/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_cpu_time_max_percent/rule.yml
-index 52456967..c4915c47 100644
+index 6accbf9b0..94dbf56fe 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_cpu_time_max_percent/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_cpu_time_max_percent/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Limit CPU consumption of the Perf system'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_max_sample_rate/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_max_sample_rate/rule.yml
-index f78db1b0..53059efc 100644
+index a5f2dda78..cc25348e1 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_max_sample_rate/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_max_sample_rate/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Limit sampling frequency of the Perf system'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
-index 0541e59a..50020c28 100644
+index 0541e59a7..50020c28c 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18467,18 +20281,18 @@ index 0541e59a..50020c28 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
-index 136f3b39..a49ce809 100644
+index 05535b7b5..cbf7228fe 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Disallow kernel profiling by unprivileged users'
  
-@@ -24,7 +24,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069
      stigid@ol8: OL08-00-010376
@@ -18488,31 +20302,31 @@ index 136f3b39..a49ce809 100644
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.perf_event_paranoid", value="2") }}}
  
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_pid_max/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_pid_max/rule.yml
-index 4299f35b..56bb333d 100644
+index 939a02998..bce4141e4 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_pid_max/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_pid_max/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Configure maximum number of process identifiers'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml
-index f17eeb7a..31e51854 100644
+index bf2e14302..c0bfb1a64 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Disallow magic SysRq key'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
-index 2e24d921..7b706bb3 100644
+index 2e24d9211..7b706bb32 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18523,14 +20337,14 @@ index 2e24d921..7b706bb3 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
-index e45cfd16..2958b708 100644
+index 9e5920b09..19bcb1045 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Disable Access to Network bpf() Syscall From Unprivileged Processes'
  
@@ -18544,7 +20358,7 @@ index e45cfd16..2958b708 100644
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.unprivileged_bpf_disabled", value="1") }}}
  
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
-index ceafd483..7006e206 100644
+index ceafd4839..7006e2066 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18555,18 +20369,18 @@ index ceafd483..7006e206 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
-index 6b3f295e..d39a9e6f 100644
+index e03106c01..375cf36e8 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Restrict usage of ptrace to descendant processes'
  
-@@ -26,7 +26,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      nist: SC-7(10)
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040282
@@ -18576,7 +20390,7 @@ index 6b3f295e..d39a9e6f 100644
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.yama.ptrace_scope", value="1") }}}
  
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
-index 7519b774..af6c30ab 100644
+index 7519b7740..af6c30abd 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18587,14 +20401,14 @@ index 7519b774..af6c30ab 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
-index 173e8678..25cfa284 100644
+index 1c1907f05..ffe602a19 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Harden the operation of the BPF just-in-time compiler'
  
@@ -18608,7 +20422,7 @@ index 173e8678..25cfa284 100644
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.core.bpf_jit_harden", value="2") }}}
  
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
-index fdd4fb83..3274d5b3 100644
+index fdd4fb83e..3274d5b36 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -18619,40 +20433,40 @@ index fdd4fb83..3274d5b3 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
-index 7671cca5..bf75a83b 100644
+index 2932ebe23..ca071eafe 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9
  
  title: 'Disable the use of user namespaces'
  
-@@ -32,7 +32,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040284
 -    stigid@rhel8: RHEL-08-040284
 +    stigid@almalinux8: RHEL-08-040284
  
- {{{ complete_ocil_entry_sysctl_option_value(sysctl="user.max_user_namespaces", value="0") }}}
- 
+ ocil: |
+     Verify that {{{ full_name }}} disables the use of user namespaces with the following commands:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_vm_mmap_min_addr/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_vm_mmap_min_addr/rule.yml
-index 93a11ee5..61e87801 100644
+index ba7269b99..5e6426594 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_vm_mmap_min_addr/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_vm_mmap_min_addr/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Prevent applications from mapping low portion of virtual memory'
  
 diff --git a/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml b/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml
-index 352e1c4e..5b4baa10 100644
+index 352e1c4e7..5b4baa103 100644
 --- a/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml
 +++ b/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml
 @@ -1,6 +1,6 @@
@@ -18664,7 +20478,7 @@ index 352e1c4e..5b4baa10 100644
  title: 'Ensure SELinux Not Disabled in the kernel arguments'
  
 diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml b/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
-index e9ff094d..f0a8bcdb 100644
+index 4be24a89d..76c0cc6df 100644
 --- a/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
 +++ b/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -18674,7 +20488,7 @@ index e9ff094d..f0a8bcdb 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh b/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh
-index 735354a2..0c13b196 100644
+index 735354a2d..0c13b196e 100644
 --- a/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh
 +++ b/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -18684,44 +20498,33 @@ index 735354a2..0c13b196 100644
  sed -i --follow-symlinks "s/selinux=0//gI" /etc/default/grub /etc/grub2.cfg /etc/grub.d/*
  sed -i --follow-symlinks "s/enforcing=0//gI" /etc/default/grub /etc/grub2.cfg /etc/grub.d/*
 diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml b/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
-index 27903c9e..0bb95ceb 100644
+index 04547b496..01531b365 100644
 --- a/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
 +++ b/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Ensure SELinux Not Disabled in /etc/default/grub'
  
 diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml b/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
-index d38f1829..c6e06cb7 100644
+index 21702856f..97a22db41 100644
 --- a/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
 +++ b/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Install libselinux Package'
  
-diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-installed-removed.fail.sh b/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-installed-removed.fail.sh
-index ea0437f5..8759a6ce 100644
---- a/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-installed-removed.fail.sh
-+++ b/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-installed-removed.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- # Package libselinux cannot be uninstalled normally
- # as it would cause removal of sudo package which is
-diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-removed.fail.sh b/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-removed.fail.sh
-index ea0437f5..8759a6ce 100644
---- a/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-removed.fail.sh
-+++ b/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-removed.fail.sh
+diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
+index ea0437f5b..8759a6ce0 100644
+--- a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
++++ b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_rhel,multi_platform_fedora
@@ -18730,124 +20533,124 @@ index ea0437f5..8759a6ce 100644
  # Package libselinux cannot be uninstalled normally
  # as it would cause removal of sudo package which is
 diff --git a/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml b/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
-index 81f72105..f5fa640c 100644
+index f11bd265b..de204f528 100644
 --- a/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
 +++ b/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: alinux2,alinux3,fedora,rhel7,rhel8,rhel9,sle15
++prodtype: alinux2,alinux3,fedora,rhel7,rhel8,almalinux8,rhel9,sle15
  
  title: 'Uninstall mcstrans Package'
  
 diff --git a/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml
-index 74c92194..4bf954c8 100644
+index eb5f39b45..caa6811b0 100644
 --- a/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml
 +++ b/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhel8,rhel9
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Install policycoreutils-python-utils package'
  
 diff --git a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
-index f16a8ebe..e41c2c37 100644
+index 71e5c70a6..33de1a128 100644
 --- a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
 +++ b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Install policycoreutils Package'
  
 @@ -32,7 +32,7 @@ references:
      disa: CCI-001084
-     srg: SRG-OS-000480-GPOS-00227
+     srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
      stigid@ol8: OL08-00-010171
 -    stigid@rhel8: RHEL-08-010171
 +    stigid@almalinux8: RHEL-08-010171
  
- ocil_clause: 'the package is not installed'
+ ocil_clause: 'the policycoreutils package is not installed'
  
 diff --git a/linux_os/guide/system/selinux/package_setroubleshoot-plugins_removed/rule.yml b/linux_os/guide/system/selinux/package_setroubleshoot-plugins_removed/rule.yml
-index d20c1116..78446be3 100644
+index d43a519f7..c66fdfb51 100644
 --- a/linux_os/guide/system/selinux/package_setroubleshoot-plugins_removed/rule.yml
 +++ b/linux_os/guide/system/selinux/package_setroubleshoot-plugins_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Uninstall setroubleshoot-plugins Package'
  
 diff --git a/linux_os/guide/system/selinux/package_setroubleshoot-server_removed/rule.yml b/linux_os/guide/system/selinux/package_setroubleshoot-server_removed/rule.yml
-index c5fec06d..ff4e6b57 100644
+index 3c1fddd4b..b2644dc30 100644
 --- a/linux_os/guide/system/selinux/package_setroubleshoot-server_removed/rule.yml
 +++ b/linux_os/guide/system/selinux/package_setroubleshoot-server_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Uninstall setroubleshoot-server Package'
  
 diff --git a/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml b/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml
-index 8992283a..f6cabc95 100644
+index f8852e965..42d0c440c 100644
 --- a/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml
 +++ b/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Uninstall setroubleshoot Package'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_anon_write/rule.yml
-index 8cf0b59e..d09e423c 100644
+index 73493cc19..930e08716 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_anon_write/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
  
  title: 'Disable the abrt_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_handle_event/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_handle_event/rule.yml
-index 96a33aa5..0446f71e 100644
+index c7ac3bd2a..43464994f 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_handle_event/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_handle_event/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
  
  title: 'Disable the abrt_handle_event SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_upload_watch_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_upload_watch_anon_write/rule.yml
-index 8bb491c3..6bea1884 100644
+index a05ef583a..fa0c94ca7 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_upload_watch_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_upload_watch_anon_write/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4
  
  title: 'Disable the abrt_upload_watch_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_can_scan_system/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_can_scan_system/rule.yml
-index 9059fdf0..2f1dd2ed 100644
+index 9059fdf0f..2f1dd2ed9 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_can_scan_system/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_can_scan_system/rule.yml
 @@ -1,6 +1,6 @@
@@ -18859,7 +20662,7 @@ index 9059fdf0..2f1dd2ed 100644
  title: 'Enable the antivirus_can_scan_system SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_use_jit/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_use_jit/rule.yml
-index ebbce6ed..fec2f5d6 100644
+index ebbce6ed1..fec2f5d6d 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_use_jit/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_use_jit/rule.yml
 @@ -1,6 +1,6 @@
@@ -18871,19 +20674,19 @@ index ebbce6ed..fec2f5d6 100644
  title: 'Disable the antivirus_use_jit SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_auditadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_auditadm_exec_content/rule.yml
-index f3be1c78..405ac2f7 100644
+index ad4e91f50..89a9cf9db 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_auditadm_exec_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_auditadm_exec_content/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the auditadm_exec_content SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_nsswitch_use_ldap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_nsswitch_use_ldap/rule.yml
-index 1de5f715..c45f45d5 100644
+index 1de5f715d..c45f45d5b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_nsswitch_use_ldap/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_nsswitch_use_ldap/rule.yml
 @@ -1,6 +1,6 @@
@@ -18895,7 +20698,7 @@ index 1de5f715..c45f45d5 100644
  title: 'Disable the authlogin_nsswitch_use_ldap SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_radius/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_radius/rule.yml
-index 57cb33c8..00e5d2e7 100644
+index 57cb33c8d..00e5d2e79 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_radius/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_radius/rule.yml
 @@ -1,6 +1,6 @@
@@ -18907,7 +20710,7 @@ index 57cb33c8..00e5d2e7 100644
  title: 'Disable the authlogin_radius SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_yubikey/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_yubikey/rule.yml
-index fc7a5770..b937eb9a 100644
+index fc7a57709..b937eb9a7 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_yubikey/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_yubikey/rule.yml
 @@ -1,6 +1,6 @@
@@ -18919,7 +20722,7 @@ index fc7a5770..b937eb9a 100644
  title: 'Disable the authlogin_yubikey SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_awstats_purge_apache_log_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_awstats_purge_apache_log_files/rule.yml
-index e6c6bbe3..b3411ada 100644
+index e6c6bbe3b..b3411ada1 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_awstats_purge_apache_log_files/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_awstats_purge_apache_log_files/rule.yml
 @@ -1,6 +1,6 @@
@@ -18931,7 +20734,7 @@ index e6c6bbe3..b3411ada 100644
  title: 'Disable the awstats_purge_apache_log_files SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_boinc_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_boinc_execmem/rule.yml
-index 8cba7a6c..e6fe999d 100644
+index 8cba7a6c1..e6fe999d7 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_boinc_execmem/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_boinc_execmem/rule.yml
 @@ -1,6 +1,6 @@
@@ -18943,7 +20746,7 @@ index 8cba7a6c..e6fe999d 100644
  title: 'Disable the boinc_execmem SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cdrecord_read_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cdrecord_read_content/rule.yml
-index 6d1ab1fb..b657ac12 100644
+index 6d1ab1fb9..b657ac124 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cdrecord_read_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cdrecord_read_content/rule.yml
 @@ -1,6 +1,6 @@
@@ -18955,7 +20758,7 @@ index 6d1ab1fb..b657ac12 100644
  title: 'Disable the cdrecord_read_content SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_can_network_connect/rule.yml
-index d38be936..09cc2e6e 100644
+index d38be9368..09cc2e6e0 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_can_network_connect/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_can_network_connect/rule.yml
 @@ -1,6 +1,6 @@
@@ -18967,7 +20770,7 @@ index d38be936..09cc2e6e 100644
  title: 'Disable the cluster_can_network_connect SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_manage_all_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_manage_all_files/rule.yml
-index a6558b75..acb9fd61 100644
+index a6558b754..acb9fd610 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_manage_all_files/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_manage_all_files/rule.yml
 @@ -1,6 +1,6 @@
@@ -18979,7 +20782,7 @@ index a6558b75..acb9fd61 100644
  title: 'Disable the cluster_manage_all_files SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_use_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_use_execmem/rule.yml
-index 4dba59fc..8d2948e6 100644
+index 4dba59fcc..8d2948e65 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_use_execmem/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_use_execmem/rule.yml
 @@ -1,6 +1,6 @@
@@ -18991,7 +20794,7 @@ index 4dba59fc..8d2948e6 100644
  title: 'Disable the cluster_use_execmem SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_anon_write/rule.yml
-index 9c405241..11375b94 100644
+index 9c4052419..11375b947 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_anon_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -19003,7 +20806,7 @@ index 9c405241..11375b94 100644
  title: 'Disable the cobbler_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_can_network_connect/rule.yml
-index 96c0e256..08ea062a 100644
+index 96c0e2564..08ea062ac 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_can_network_connect/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_can_network_connect/rule.yml
 @@ -1,6 +1,6 @@
@@ -19015,7 +20818,7 @@ index 96c0e256..08ea062a 100644
  title: 'Disable the cobbler_can_network_connect SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_cifs/rule.yml
-index 93bdc97c..3b2b401d 100644
+index 93bdc97c0..3b2b401df 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_cifs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_cifs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19027,7 +20830,7 @@ index 93bdc97c..3b2b401d 100644
  title: 'Disable the cobbler_use_cifs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_nfs/rule.yml
-index a7d6e9e7..02a7c4db 100644
+index a7d6e9e76..02a7c4dbf 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19039,7 +20842,7 @@ index a7d6e9e7..02a7c4db 100644
  title: 'Disable the cobbler_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_collectd_tcp_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_collectd_tcp_network_connect/rule.yml
-index d2c8b686..f9c7e326 100644
+index d2c8b686a..f9c7e326b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_collectd_tcp_network_connect/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_collectd_tcp_network_connect/rule.yml
 @@ -1,6 +1,6 @@
@@ -19051,7 +20854,7 @@ index d2c8b686..f9c7e326 100644
  title: 'Disable the collectd_tcp_network_connect SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_condor_tcp_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_condor_tcp_network_connect/rule.yml
-index 1f560285..38809dd3 100644
+index 1f5602853..38809dd30 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_condor_tcp_network_connect/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_condor_tcp_network_connect/rule.yml
 @@ -1,6 +1,6 @@
@@ -19063,7 +20866,7 @@ index 1f560285..38809dd3 100644
  title: 'Disable the condor_tcp_network_connect SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_conman_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_conman_can_network/rule.yml
-index c880bf74..cc1d9b92 100644
+index c880bf747..cc1d9b922 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_conman_can_network/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_conman_can_network/rule.yml
 @@ -1,6 +1,6 @@
@@ -19075,7 +20878,7 @@ index c880bf74..cc1d9b92 100644
  title: 'Disable the conman_can_network SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_container_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_container_connect_any/rule.yml
-index e9051bb9..e4bd1074 100644
+index e9051bb95..e4bd10748 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_container_connect_any/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_container_connect_any/rule.yml
 @@ -1,6 +1,6 @@
@@ -19087,43 +20890,43 @@ index e9051bb9..e4bd1074 100644
  title: 'Disable the container_connect_any SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_can_relabel/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_can_relabel/rule.yml
-index 8030890f..ebdcc1a5 100644
+index f01af3d61..44e260128 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_can_relabel/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_can_relabel/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the cron_can_relabel SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_system_cronjob_use_shares/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_system_cronjob_use_shares/rule.yml
-index 1c0270c0..d605ca51 100644
+index c1d20f8e7..7888d3a9b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_system_cronjob_use_shares/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_system_cronjob_use_shares/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the cron_system_cronjob_use_shares SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_userdomain_transition/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_userdomain_transition/rule.yml
-index db921dc0..ba593d16 100644
+index f4daf0a69..a10e7531f 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_userdomain_transition/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_userdomain_transition/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the cron_userdomain_transition SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cups_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cups_execmem/rule.yml
-index d1d7ded6..4fb4bf2c 100644
+index d1d7ded60..4fb4bf2c1 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cups_execmem/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cups_execmem/rule.yml
 @@ -1,6 +1,6 @@
@@ -19135,7 +20938,7 @@ index d1d7ded6..4fb4bf2c 100644
  title: 'Disable the cups_execmem SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cvs_read_shadow/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cvs_read_shadow/rule.yml
-index af5727d6..6cae839d 100644
+index af5727d6e..6cae839d9 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cvs_read_shadow/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cvs_read_shadow/rule.yml
 @@ -1,6 +1,6 @@
@@ -19147,19 +20950,19 @@ index af5727d6..6cae839d 100644
  title: 'Disable the cvs_read_shadow SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_dump_core/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_dump_core/rule.yml
-index 7ef9fda5..02fbacc4 100644
+index e2f136bf0..2cd35d862 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_dump_core/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_dump_core/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the daemons_dump_core SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_enable_cluster_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_enable_cluster_mode/rule.yml
-index 07ef4320..0a1a11d7 100644
+index 07ef43204..0a1a11d7c 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_enable_cluster_mode/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_enable_cluster_mode/rule.yml
 @@ -1,6 +1,6 @@
@@ -19171,31 +20974,31 @@ index 07ef4320..0a1a11d7 100644
  title: 'Disable the daemons_enable_cluster_mode SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tcp_wrapper/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tcp_wrapper/rule.yml
-index 64be1daf..c5e1f925 100644
+index f84422911..27257edfb 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tcp_wrapper/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tcp_wrapper/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the daemons_use_tcp_wrapper SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tty/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tty/rule.yml
-index 9a92ccdd..dce9bc4b 100644
+index 02622dcd4..b1194c39d 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tty/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tty/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the daemons_use_tty SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_exec_content/rule.yml
-index c75cce8a..cb56c79e 100644
+index c75cce8ad..cb56c79e6 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_exec_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_exec_content/rule.yml
 @@ -1,6 +1,6 @@
@@ -19207,7 +21010,7 @@ index c75cce8a..cb56c79e 100644
  title: 'Enable the dbadm_exec_content SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_manage_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_manage_user_files/rule.yml
-index 2b9a11ba..3e1236fb 100644
+index 2b9a11bad..3e1236fb0 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_manage_user_files/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_manage_user_files/rule.yml
 @@ -1,6 +1,6 @@
@@ -19219,7 +21022,7 @@ index 2b9a11ba..3e1236fb 100644
  title: 'Disable the dbadm_manage_user_files SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_read_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_read_user_files/rule.yml
-index 707d7113..82b8a228 100644
+index 707d71132..82b8a2282 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_read_user_files/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_read_user_files/rule.yml
 @@ -1,6 +1,6 @@
@@ -19231,31 +21034,31 @@ index 707d7113..82b8a228 100644
  title: 'Disable the dbadm_read_user_files SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_execmem/rule.yml
-index 2a35a2db..d9aefa8c 100644
+index cc97623af..6fb9f4b51 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_execmem/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_execmem/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
- title: 'Enable the deny_execmem SELinux Boolean'
+ title: 'Configure the deny_execmem SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_ptrace/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_ptrace/rule.yml
-index 1dd4eef6..1356b6fd 100644
+index 89693152e..c6564ac45 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_ptrace/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_ptrace/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the deny_ptrace SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpc_exec_iptables/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpc_exec_iptables/rule.yml
-index 9b4bfe10..d648713f 100644
+index 9b4bfe10d..d648713f9 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpc_exec_iptables/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpc_exec_iptables/rule.yml
 @@ -1,6 +1,6 @@
@@ -19267,7 +21070,7 @@ index 9b4bfe10..d648713f 100644
  title: 'Disable the dhcpc_exec_iptables SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpd_use_ldap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpd_use_ldap/rule.yml
-index 75f044c4..c2cec43e 100644
+index 75f044c45..c2cec43e9 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpd_use_ldap/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpd_use_ldap/rule.yml
 @@ -1,6 +1,6 @@
@@ -19279,31 +21082,31 @@ index 75f044c4..c2cec43e 100644
  title: 'Disable the dhcpd_use_ldap SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_fd_use/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_fd_use/rule.yml
-index a5acdd0f..b208f50b 100644
+index 5afdc364c..b02f2c50e 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_fd_use/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_fd_use/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the domain_fd_use SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_kernel_load_modules/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_kernel_load_modules/rule.yml
-index bbc2a154..84c0a25c 100644
+index 90f835f04..8774054ce 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_kernel_load_modules/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_kernel_load_modules/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the domain_kernel_load_modules SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_entropyd_use_audio/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_entropyd_use_audio/rule.yml
-index 2c75b117..a87eabb4 100644
+index 2c75b1176..a87eabb48 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_entropyd_use_audio/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_entropyd_use_audio/rule.yml
 @@ -1,6 +1,6 @@
@@ -19315,7 +21118,7 @@ index 2c75b117..a87eabb4 100644
  title: 'Disable the entropyd_use_audio SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_can_connect_db/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_can_connect_db/rule.yml
-index 12305e08..3d287f7c 100644
+index 12305e08a..3d287f7c0 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_can_connect_db/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_can_connect_db/rule.yml
 @@ -1,6 +1,6 @@
@@ -19327,7 +21130,7 @@ index 12305e08..3d287f7c 100644
  title: 'Disable the exim_can_connect_db SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_manage_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_manage_user_files/rule.yml
-index 2d54130d..3c3d3645 100644
+index 2d54130dd..3c3d36451 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_manage_user_files/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_manage_user_files/rule.yml
 @@ -1,6 +1,6 @@
@@ -19339,7 +21142,7 @@ index 2d54130d..3c3d3645 100644
  title: 'Disable the exim_manage_user_files SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_read_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_read_user_files/rule.yml
-index b240c116..93ecd94c 100644
+index b240c1161..93ecd94c5 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_read_user_files/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_read_user_files/rule.yml
 @@ -1,6 +1,6 @@
@@ -19351,7 +21154,7 @@ index b240c116..93ecd94c 100644
  title: 'Disable the exim_read_user_files SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_fcron_crond/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_fcron_crond/rule.yml
-index 9b3cf756..f8ea2f6c 100644
+index 9b3cf7564..f8ea2f6ca 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_fcron_crond/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_fcron_crond/rule.yml
 @@ -1,6 +1,6 @@
@@ -19363,7 +21166,7 @@ index 9b3cf756..f8ea2f6c 100644
  title: 'Disable the fcron_crond SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_network_connect/rule.yml
-index 1f71bedb..3316263f 100644
+index 1f71bedb2..3316263f4 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_network_connect/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_network_connect/rule.yml
 @@ -1,6 +1,6 @@
@@ -19375,7 +21178,7 @@ index 1f71bedb..3316263f 100644
  title: 'Disable the fenced_can_network_connect SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_ssh/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_ssh/rule.yml
-index cac41de7..96edf0ff 100644
+index cac41de7b..96edf0ff1 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_ssh/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_ssh/rule.yml
 @@ -1,6 +1,6 @@
@@ -19387,19 +21190,19 @@ index cac41de7..96edf0ff 100644
  title: 'Disable the fenced_can_ssh SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_fips_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_fips_mode/rule.yml
-index 5851293f..ec0a9345 100644
+index 57686707b..4728a291f 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_fips_mode/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_fips_mode/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the fips_mode SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_anon_write/rule.yml
-index dbf31b53..2b2f5bc3 100644
+index dbf31b534..2b2f5bc31 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_anon_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -19411,7 +21214,7 @@ index dbf31b53..2b2f5bc3 100644
  title: 'Disable the ftpd_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_all_unreserved/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_all_unreserved/rule.yml
-index 579ac3f5..7ebfb8bd 100644
+index 579ac3f59..7ebfb8bd4 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_all_unreserved/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_all_unreserved/rule.yml
 @@ -1,6 +1,6 @@
@@ -19423,7 +21226,7 @@ index 579ac3f5..7ebfb8bd 100644
  title: 'Disable the ftpd_connect_all_unreserved SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_db/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_db/rule.yml
-index f2d973ba..b473ef96 100644
+index f2d973bab..b473ef966 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_db/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_db/rule.yml
 @@ -1,6 +1,6 @@
@@ -19435,7 +21238,7 @@ index f2d973ba..b473ef96 100644
  title: 'Disable the ftpd_connect_db SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_full_access/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_full_access/rule.yml
-index cf9e7826..017cfec4 100644
+index cf9e78266..017cfec40 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_full_access/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_full_access/rule.yml
 @@ -1,6 +1,6 @@
@@ -19447,7 +21250,7 @@ index cf9e7826..017cfec4 100644
  title: 'Disable the ftpd_full_access SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_cifs/rule.yml
-index 14b1f752..73153bbf 100644
+index 14b1f7526..73153bbfc 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_cifs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_cifs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19459,7 +21262,7 @@ index 14b1f752..73153bbf 100644
  title: 'Disable the ftpd_use_cifs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_fusefs/rule.yml
-index 6cb9d9df..896fb999 100644
+index 6cb9d9df4..896fb999b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_fusefs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_fusefs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19471,7 +21274,7 @@ index 6cb9d9df..896fb999 100644
  title: 'Disable the ftpd_use_fusefs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_nfs/rule.yml
-index 4035d4f8..e9e734e1 100644
+index 4035d4f83..e9e734e1a 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19483,7 +21286,7 @@ index 4035d4f8..e9e734e1 100644
  title: 'Disable the ftpd_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_passive_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_passive_mode/rule.yml
-index c1236064..f2276697 100644
+index c12360649..f22766973 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_passive_mode/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_passive_mode/rule.yml
 @@ -1,6 +1,6 @@
@@ -19495,7 +21298,7 @@ index c1236064..f2276697 100644
  title: 'Disable the ftpd_use_passive_mode SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_enable_homedirs/rule.yml
-index 47e9b420..86d7f819 100644
+index 47e9b420c..86d7f8193 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_enable_homedirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_enable_homedirs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19507,7 +21310,7 @@ index 47e9b420..86d7f819 100644
  title: 'Disable the git_cgi_enable_homedirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_cifs/rule.yml
-index ca5a2bcd..cc91e16f 100644
+index ca5a2bcdf..cc91e16f6 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_cifs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_cifs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19519,7 +21322,7 @@ index ca5a2bcd..cc91e16f 100644
  title: 'Disable the git_cgi_use_cifs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_nfs/rule.yml
-index f8b5c912..cee5cb7a 100644
+index f8b5c912a..cee5cb7ac 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19531,7 +21334,7 @@ index f8b5c912..cee5cb7a 100644
  title: 'Disable the git_cgi_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_bind_all_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_bind_all_unreserved_ports/rule.yml
-index 8dffa1dd..855a231f 100644
+index 8dffa1dd3..855a231f5 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_bind_all_unreserved_ports/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_bind_all_unreserved_ports/rule.yml
 @@ -1,6 +1,6 @@
@@ -19543,7 +21346,7 @@ index 8dffa1dd..855a231f 100644
  title: 'Disable the git_session_bind_all_unreserved_ports SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_users/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_users/rule.yml
-index f4dca61a..7c8c3dd2 100644
+index f4dca61aa..7c8c3dd29 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_users/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_users/rule.yml
 @@ -1,6 +1,6 @@
@@ -19555,7 +21358,7 @@ index f4dca61a..7c8c3dd2 100644
  title: 'Disable the git_session_users SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_enable_homedirs/rule.yml
-index 170fcfdf..31ad34ce 100644
+index 170fcfdfd..31ad34ce6 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_enable_homedirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_enable_homedirs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19567,7 +21370,7 @@ index 170fcfdf..31ad34ce 100644
  title: 'Disable the git_system_enable_homedirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_cifs/rule.yml
-index c46e622e..8935f832 100644
+index c46e622e3..8935f8320 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_cifs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_cifs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19579,7 +21382,7 @@ index c46e622e..8935f832 100644
  title: 'Disable the git_system_use_cifs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_nfs/rule.yml
-index b149744b..4006fe66 100644
+index b149744b9..4006fe665 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19591,7 +21394,7 @@ index b149744b..4006fe66 100644
  title: 'Disable the git_system_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gitosis_can_sendmail/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gitosis_can_sendmail/rule.yml
-index 2fa3db75..dba2c36f 100644
+index 2fa3db75f..dba2c36f0 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gitosis_can_sendmail/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gitosis_can_sendmail/rule.yml
 @@ -1,6 +1,6 @@
@@ -19603,7 +21406,7 @@ index 2fa3db75..dba2c36f 100644
  title: 'Disable the gitosis_can_sendmail SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_api_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_api_can_network/rule.yml
-index f8324918..790d5167 100644
+index f83249183..790d5167a 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_api_can_network/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_api_can_network/rule.yml
 @@ -1,6 +1,6 @@
@@ -19615,7 +21418,7 @@ index f8324918..790d5167 100644
  title: 'Disable the glance_api_can_network SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_execmem/rule.yml
-index ee835d3e..24ee3fae 100644
+index ee835d3e6..24ee3fae5 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_execmem/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_execmem/rule.yml
 @@ -1,6 +1,6 @@
@@ -19627,7 +21430,7 @@ index ee835d3e..24ee3fae 100644
  title: 'Disable the glance_use_execmem SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_fusefs/rule.yml
-index 70546358..3146c801 100644
+index 70546358d..3146c8019 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_fusefs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_fusefs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19639,7 +21442,7 @@ index 70546358..3146c801 100644
  title: 'Disable the glance_use_fusefs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_global_ssp/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_global_ssp/rule.yml
-index 12cb7bdc..ec058a02 100644
+index 12cb7bdcd..ec058a020 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_global_ssp/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_global_ssp/rule.yml
 @@ -1,6 +1,6 @@
@@ -19651,7 +21454,7 @@ index 12cb7bdc..ec058a02 100644
  title: 'Disable the global_ssp SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_anon_write/rule.yml
-index 19903fc9..31bf578d 100644
+index 19903fc98..31bf578dc 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_anon_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -19663,7 +21466,7 @@ index 19903fc9..31bf578d 100644
  title: 'Disable the gluster_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_ro/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_ro/rule.yml
-index c586752c..3eac3ab0 100644
+index c586752c0..3eac3ab03 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_ro/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_ro/rule.yml
 @@ -1,6 +1,6 @@
@@ -19675,7 +21478,7 @@ index c586752c..3eac3ab0 100644
  title: 'Disable the gluster_export_all_ro SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_rw/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_rw/rule.yml
-index 953d6f51..445c6f2a 100644
+index 953d6f515..445c6f2ab 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_rw/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_rw/rule.yml
 @@ -1,6 +1,6 @@
@@ -19687,19 +21490,19 @@ index 953d6f51..445c6f2a 100644
  title: 'Configure the gluster_export_all_rw SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gpg_web_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gpg_web_anon_write/rule.yml
-index fc5c20b9..5e4d075c 100644
+index d5d68c103..d21a0ec41 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gpg_web_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gpg_web_anon_write/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the gpg_web_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gssd_read_tmp/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gssd_read_tmp/rule.yml
-index 9cf94d26..fe53e4a3 100644
+index 9cf94d269..fe53e4a30 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gssd_read_tmp/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gssd_read_tmp/rule.yml
 @@ -1,6 +1,6 @@
@@ -19711,19 +21514,19 @@ index 9cf94d26..fe53e4a3 100644
  title: 'Enable the gssd_read_tmp SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_guest_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_guest_exec_content/rule.yml
-index fb0b8f6e..6b64581a 100644
+index d889a510c..2d4332665 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_guest_exec_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_guest_exec_content/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the guest_exec_content SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_haproxy_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_haproxy_connect_any/rule.yml
-index f5e5a38e..f96727ff 100644
+index f5e5a38ea..f96727fff 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_haproxy_connect_any/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_haproxy_connect_any/rule.yml
 @@ -1,6 +1,6 @@
@@ -19735,7 +21538,7 @@ index f5e5a38e..f96727ff 100644
  title: 'Disable the haproxy_connect_any SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_anon_write/rule.yml
-index 7ac8bcac..8717ac94 100644
+index 7ac8bcaca..8717ac94b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_anon_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -19747,7 +21550,7 @@ index 7ac8bcac..8717ac94 100644
  title: 'Disable the httpd_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_builtin_scripting/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_builtin_scripting/rule.yml
-index 9d1fbe43..e2eef2ad 100644
+index 9d1fbe439..e2eef2adc 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_builtin_scripting/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_builtin_scripting/rule.yml
 @@ -1,6 +1,6 @@
@@ -19759,7 +21562,7 @@ index 9d1fbe43..e2eef2ad 100644
  title: 'Configure the httpd_builtin_scripting SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_check_spam/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_check_spam/rule.yml
-index f08b0711..4c2f3603 100644
+index f08b0711b..4c2f36035 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_check_spam/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_check_spam/rule.yml
 @@ -1,6 +1,6 @@
@@ -19771,7 +21574,7 @@ index f08b0711..4c2f3603 100644
  title: 'Disable the httpd_can_check_spam SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ftp/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ftp/rule.yml
-index 6511bfe2..6f07db4d 100644
+index 6511bfe2c..6f07db4d0 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ftp/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ftp/rule.yml
 @@ -1,6 +1,6 @@
@@ -19783,7 +21586,7 @@ index 6511bfe2..6f07db4d 100644
  title: 'Disable the httpd_can_connect_ftp SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ldap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ldap/rule.yml
-index 9d088182..5f01b615 100644
+index 9d088182d..5f01b6158 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ldap/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ldap/rule.yml
 @@ -1,6 +1,6 @@
@@ -19795,7 +21598,7 @@ index 9d088182..5f01b615 100644
  title: 'Disable the httpd_can_connect_ldap SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_mythtv/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_mythtv/rule.yml
-index fe8400ee..c292070a 100644
+index fe8400ee8..c292070a3 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_mythtv/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_mythtv/rule.yml
 @@ -1,6 +1,6 @@
@@ -19807,7 +21610,7 @@ index fe8400ee..c292070a 100644
  title: 'Disable the httpd_can_connect_mythtv SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_zabbix/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_zabbix/rule.yml
-index d8282606..3d80037c 100644
+index d82826068..3d80037c9 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_zabbix/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_zabbix/rule.yml
 @@ -1,6 +1,6 @@
@@ -19819,7 +21622,7 @@ index d8282606..3d80037c 100644
  title: 'Disable the httpd_can_connect_zabbix SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect/rule.yml
-index 51f2d075..ea465e8c 100644
+index 51f2d075d..ea465e8c7 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect/rule.yml
 @@ -1,6 +1,6 @@
@@ -19831,7 +21634,7 @@ index 51f2d075..ea465e8c 100644
  title: 'Disable the httpd_can_network_connect SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_cobbler/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_cobbler/rule.yml
-index 04ffe7de..d45f0d7d 100644
+index 04ffe7de1..d45f0d7d0 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_cobbler/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_cobbler/rule.yml
 @@ -1,6 +1,6 @@
@@ -19843,7 +21646,7 @@ index 04ffe7de..d45f0d7d 100644
  title: 'Disable the httpd_can_network_connect_cobbler SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_db/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_db/rule.yml
-index 38b2cbfe..2b40a15c 100644
+index 38b2cbfe4..2b40a15cc 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_db/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_db/rule.yml
 @@ -1,6 +1,6 @@
@@ -19855,7 +21658,7 @@ index 38b2cbfe..2b40a15c 100644
  title: 'Disable the httpd_can_network_connect_db SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_memcache/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_memcache/rule.yml
-index d844dcdb..d45a0031 100644
+index d844dcdb3..d45a00310 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_memcache/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_memcache/rule.yml
 @@ -1,6 +1,6 @@
@@ -19867,7 +21670,7 @@ index d844dcdb..d45a0031 100644
  title: 'Disable the httpd_can_network_memcache SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_relay/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_relay/rule.yml
-index bff3c8ce..8dad299f 100644
+index bff3c8cef..8dad299f6 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_relay/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_relay/rule.yml
 @@ -1,6 +1,6 @@
@@ -19879,7 +21682,7 @@ index bff3c8ce..8dad299f 100644
  title: 'Disable the httpd_can_network_relay SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_sendmail/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_sendmail/rule.yml
-index 8d73dd26..3582c1a4 100644
+index 8d73dd264..3582c1a4b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_sendmail/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_sendmail/rule.yml
 @@ -1,6 +1,6 @@
@@ -19891,7 +21694,7 @@ index 8d73dd26..3582c1a4 100644
  title: 'Disable the httpd_can_sendmail SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_avahi/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_avahi/rule.yml
-index 3cfbca8a..de20f874 100644
+index 3cfbca8a6..de20f8747 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_avahi/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_avahi/rule.yml
 @@ -1,6 +1,6 @@
@@ -19903,7 +21706,7 @@ index 3cfbca8a..de20f874 100644
  title: 'Disable the httpd_dbus_avahi SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_sssd/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_sssd/rule.yml
-index da62291c..398bc8c7 100644
+index da62291cf..398bc8c7c 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_sssd/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_sssd/rule.yml
 @@ -1,6 +1,6 @@
@@ -19915,7 +21718,7 @@ index da62291c..398bc8c7 100644
  title: 'Disable the httpd_dbus_sssd SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dontaudit_search_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dontaudit_search_dirs/rule.yml
-index dc9651f9..2fec140e 100644
+index dc9651f93..2fec140e9 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dontaudit_search_dirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dontaudit_search_dirs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19927,7 +21730,7 @@ index dc9651f9..2fec140e 100644
  title: 'Disable the httpd_dontaudit_search_dirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_cgi/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_cgi/rule.yml
-index 63eb6e1e..21df0707 100644
+index 63eb6e1e9..21df07074 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_cgi/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_cgi/rule.yml
 @@ -1,6 +1,6 @@
@@ -19939,7 +21742,7 @@ index 63eb6e1e..21df0707 100644
  title: 'Configure the httpd_enable_cgi SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_ftp_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_ftp_server/rule.yml
-index 677ed3ce..4f1a4791 100644
+index 677ed3ce7..4f1a47910 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_ftp_server/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_ftp_server/rule.yml
 @@ -1,6 +1,6 @@
@@ -19951,7 +21754,7 @@ index 677ed3ce..4f1a4791 100644
  title: 'Disable the httpd_enable_ftp_server SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_homedirs/rule.yml
-index a2b05231..c0d75670 100644
+index a2b052311..c0d756708 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_homedirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_homedirs/rule.yml
 @@ -1,6 +1,6 @@
@@ -19963,7 +21766,7 @@ index a2b05231..c0d75670 100644
  title: 'Disable the httpd_enable_homedirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_execmem/rule.yml
-index ee05eba7..bf3793e5 100644
+index ee05eba77..bf3793e58 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_execmem/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_execmem/rule.yml
 @@ -1,6 +1,6 @@
@@ -19975,7 +21778,7 @@ index ee05eba7..bf3793e5 100644
  title: 'Disable the httpd_execmem SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_graceful_shutdown/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_graceful_shutdown/rule.yml
-index b5a42076..fd15c031 100644
+index b5a42076c..fd15c0316 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_graceful_shutdown/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_graceful_shutdown/rule.yml
 @@ -1,6 +1,6 @@
@@ -19987,7 +21790,7 @@ index b5a42076..fd15c031 100644
  title: 'Enable the httpd_graceful_shutdown SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_manage_ipa/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_manage_ipa/rule.yml
-index d8453a7d..5fcb23b5 100644
+index d8453a7d0..5fcb23b5e 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_manage_ipa/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_manage_ipa/rule.yml
 @@ -1,6 +1,6 @@
@@ -19999,7 +21802,7 @@ index d8453a7d..5fcb23b5 100644
  title: 'Disable the httpd_manage_ipa SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_ntlm_winbind/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_ntlm_winbind/rule.yml
-index 0b2ad316..3347f027 100644
+index 0b2ad316e..3347f0274 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_ntlm_winbind/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_ntlm_winbind/rule.yml
 @@ -1,6 +1,6 @@
@@ -20011,7 +21814,7 @@ index 0b2ad316..3347f027 100644
  title: 'Disable the httpd_mod_auth_ntlm_winbind SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_pam/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_pam/rule.yml
-index eaf8ea4d..2adfa1ac 100644
+index eaf8ea4de..2adfa1ac8 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_pam/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_pam/rule.yml
 @@ -1,6 +1,6 @@
@@ -20023,7 +21826,7 @@ index eaf8ea4d..2adfa1ac 100644
  title: 'Disable the httpd_mod_auth_pam SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_read_user_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_read_user_content/rule.yml
-index e258ff54..cf04e5bb 100644
+index e258ff541..cf04e5bbb 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_read_user_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_read_user_content/rule.yml
 @@ -1,6 +1,6 @@
@@ -20035,7 +21838,7 @@ index e258ff54..cf04e5bb 100644
  title: 'Disable the httpd_read_user_content SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_ipa/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_ipa/rule.yml
-index d8b3f4e6..c17c8a97 100644
+index d8b3f4e6c..c17c8a973 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_ipa/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_ipa/rule.yml
 @@ -1,6 +1,6 @@
@@ -20047,7 +21850,7 @@ index d8b3f4e6..c17c8a97 100644
  title: 'Disable the httpd_run_ipa SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_preupgrade/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_preupgrade/rule.yml
-index 413472cb..f96365f8 100644
+index 413472cbb..f96365f8f 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_preupgrade/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_preupgrade/rule.yml
 @@ -1,6 +1,6 @@
@@ -20059,7 +21862,7 @@ index 413472cb..f96365f8 100644
  title: 'Disable the httpd_run_preupgrade SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_stickshift/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_stickshift/rule.yml
-index 4cc54284..3c320028 100644
+index 4cc542849..3c320028b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_stickshift/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_stickshift/rule.yml
 @@ -1,6 +1,6 @@
@@ -20071,7 +21874,7 @@ index 4cc54284..3c320028 100644
  title: 'Disable the httpd_run_stickshift SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_serve_cobbler_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_serve_cobbler_files/rule.yml
-index 27a979c8..6200f0a0 100644
+index 27a979c82..6200f0a0d 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_serve_cobbler_files/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_serve_cobbler_files/rule.yml
 @@ -1,6 +1,6 @@
@@ -20083,7 +21886,7 @@ index 27a979c8..6200f0a0 100644
  title: 'Disable the httpd_serve_cobbler_files SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_setrlimit/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_setrlimit/rule.yml
-index e09231f7..08f76037 100644
+index e09231f7a..08f760376 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_setrlimit/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_setrlimit/rule.yml
 @@ -1,6 +1,6 @@
@@ -20095,7 +21898,7 @@ index e09231f7..08f76037 100644
  title: 'Disable the httpd_setrlimit SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_ssi_exec/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_ssi_exec/rule.yml
-index 81ee3798..c00302d0 100644
+index 81ee37989..c00302d06 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_ssi_exec/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_ssi_exec/rule.yml
 @@ -1,6 +1,6 @@
@@ -20107,7 +21910,7 @@ index 81ee3798..c00302d0 100644
  title: 'Disable the httpd_ssi_exec SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_sys_script_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_sys_script_anon_write/rule.yml
-index 61140b8d..16585685 100644
+index 61140b8d5..165856858 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_sys_script_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_sys_script_anon_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -20119,7 +21922,7 @@ index 61140b8d..16585685 100644
  title: 'Disable the httpd_sys_script_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tmp_exec/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tmp_exec/rule.yml
-index ad6c2ea7..c8a12f68 100644
+index ad6c2ea72..c8a12f680 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tmp_exec/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tmp_exec/rule.yml
 @@ -1,6 +1,6 @@
@@ -20131,7 +21934,7 @@ index ad6c2ea7..c8a12f68 100644
  title: 'Disable the httpd_tmp_exec SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tty_comm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tty_comm/rule.yml
-index 12b4dcc1..04841fb3 100644
+index 12b4dcc14..04841fb30 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tty_comm/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tty_comm/rule.yml
 @@ -1,6 +1,6 @@
@@ -20143,7 +21946,7 @@ index 12b4dcc1..04841fb3 100644
  title: 'Disable the httpd_tty_comm SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_unified/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_unified/rule.yml
-index ffcda8a2..364640ad 100644
+index ffcda8a2b..364640adc 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_unified/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_unified/rule.yml
 @@ -1,6 +1,6 @@
@@ -20155,7 +21958,7 @@ index ffcda8a2..364640ad 100644
  title: 'Disable the httpd_unified SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_cifs/rule.yml
-index 4a5c7bdc..88d0bf75 100644
+index 4a5c7bdc1..88d0bf75f 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_cifs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_cifs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20167,7 +21970,7 @@ index 4a5c7bdc..88d0bf75 100644
  title: 'Disable the httpd_use_cifs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_fusefs/rule.yml
-index 79c4149f..3df100b7 100644
+index 79c4149f4..3df100b7b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_fusefs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_fusefs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20179,7 +21982,7 @@ index 79c4149f..3df100b7 100644
  title: 'Disable the httpd_use_fusefs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_gpg/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_gpg/rule.yml
-index d022811e..1e157cfa 100644
+index d022811e8..1e157cfa5 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_gpg/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_gpg/rule.yml
 @@ -1,6 +1,6 @@
@@ -20191,7 +21994,7 @@ index d022811e..1e157cfa 100644
  title: 'Disable the httpd_use_gpg SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_nfs/rule.yml
-index 4080ca05..b872c1a8 100644
+index 4080ca052..b872c1a88 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20203,7 +22006,7 @@ index 4080ca05..b872c1a8 100644
  title: 'Disable the httpd_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_openstack/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_openstack/rule.yml
-index dbbb07cf..d0477e44 100644
+index dbbb07cfe..d0477e449 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_openstack/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_openstack/rule.yml
 @@ -1,6 +1,6 @@
@@ -20215,7 +22018,7 @@ index dbbb07cf..d0477e44 100644
  title: 'Disable the httpd_use_openstack SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_sasl/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_sasl/rule.yml
-index fe0840e2..f88ad485 100644
+index fe0840e27..f88ad4855 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_sasl/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_sasl/rule.yml
 @@ -1,6 +1,6 @@
@@ -20227,7 +22030,7 @@ index fe0840e2..f88ad485 100644
  title: 'Disable the httpd_use_sasl SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_verify_dns/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_verify_dns/rule.yml
-index 61def0aa..6bfb1a2c 100644
+index 61def0aac..6bfb1a2c0 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_verify_dns/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_verify_dns/rule.yml
 @@ -1,6 +1,6 @@
@@ -20239,7 +22042,7 @@ index 61def0aa..6bfb1a2c 100644
  title: 'Disable the httpd_verify_dns SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_icecast_use_any_tcp_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_icecast_use_any_tcp_ports/rule.yml
-index 724cbbce..97bd40b0 100644
+index 724cbbce6..97bd40b0e 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_icecast_use_any_tcp_ports/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_icecast_use_any_tcp_ports/rule.yml
 @@ -1,6 +1,6 @@
@@ -20251,7 +22054,7 @@ index 724cbbce..97bd40b0 100644
  title: 'Disable the icecast_use_any_tcp_ports SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_irc_use_any_tcp_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_irc_use_any_tcp_ports/rule.yml
-index a7da73c3..66621010 100644
+index a7da73c3e..666210100 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_irc_use_any_tcp_ports/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_irc_use_any_tcp_ports/rule.yml
 @@ -1,6 +1,6 @@
@@ -20263,7 +22066,7 @@ index a7da73c3..66621010 100644
  title: 'Disable the irc_use_any_tcp_ports SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_irssi_use_full_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_irssi_use_full_network/rule.yml
-index d82f9ff2..d14ca236 100644
+index d82f9ff24..d14ca2364 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_irssi_use_full_network/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_irssi_use_full_network/rule.yml
 @@ -1,6 +1,6 @@
@@ -20275,7 +22078,7 @@ index d82f9ff2..d14ca236 100644
  title: 'Disable the irssi_use_full_network SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_kdumpgui_run_bootloader/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_kdumpgui_run_bootloader/rule.yml
-index fdb0a982..4573675c 100644
+index fdb0a982d..4573675cf 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_kdumpgui_run_bootloader/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_kdumpgui_run_bootloader/rule.yml
 @@ -1,6 +1,6 @@
@@ -20287,19 +22090,19 @@ index fdb0a982..4573675c 100644
  title: 'Disable the kdumpgui_run_bootloader SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_kerberos_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_kerberos_enabled/rule.yml
-index f154f106..e53861bb 100644
+index 37235acc6..b97790cc1 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_kerberos_enabled/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_kerberos_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the kerberos_enabled SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_cifs/rule.yml
-index eb32deaf..48b83090 100644
+index eb32deaf5..48b830901 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_cifs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_cifs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20311,7 +22114,7 @@ index eb32deaf..48b83090 100644
  title: 'Disable the ksmtuned_use_cifs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_nfs/rule.yml
-index 86376cba..74e8dfb6 100644
+index 86376cba8..74e8dfb6a 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20323,31 +22126,31 @@ index 86376cba..74e8dfb6 100644
  title: 'Disable the ksmtuned_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logadm_exec_content/rule.yml
-index ec2cec98..dfe4a75d 100644
+index 5b5dd95a9..d43a379c7 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logadm_exec_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logadm_exec_content/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the logadm_exec_content SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_can_sendmail/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_can_sendmail/rule.yml
-index dad98e38..b45bdc4b 100644
+index b515961c1..a159839a0 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_can_sendmail/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_can_sendmail/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the logging_syslogd_can_sendmail SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_run_nagios_plugins/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_run_nagios_plugins/rule.yml
-index 3c520540..6acdf661 100644
+index 3c520540b..6acdf6615 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_run_nagios_plugins/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_run_nagios_plugins/rule.yml
 @@ -1,6 +1,6 @@
@@ -20359,31 +22162,31 @@ index 3c520540..6acdf661 100644
  title: 'Disable the logging_syslogd_run_nagios_plugins SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_use_tty/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_use_tty/rule.yml
-index b55c01f0..1b05386f 100644
+index 7b90abe8a..68a43994e 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_use_tty/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_use_tty/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the logging_syslogd_use_tty SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_login_console_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_login_console_enabled/rule.yml
-index 1e423f46..064a77ef 100644
+index 3112822f5..ea43946dc 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_login_console_enabled/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_login_console_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the login_console_enabled SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logrotate_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logrotate_use_nfs/rule.yml
-index 8e327772..e5b4122d 100644
+index 8e3277728..e5b4122de 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logrotate_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logrotate_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20395,7 +22198,7 @@ index 8e327772..e5b4122d 100644
  title: 'Disable the logrotate_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logwatch_can_network_connect_mail/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logwatch_can_network_connect_mail/rule.yml
-index d5e181b9..5da3e9c0 100644
+index d5e181b98..5da3e9c0a 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logwatch_can_network_connect_mail/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logwatch_can_network_connect_mail/rule.yml
 @@ -1,6 +1,6 @@
@@ -20407,7 +22210,7 @@ index d5e181b9..5da3e9c0 100644
  title: 'Disable the logwatch_can_network_connect_mail SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_lsmd_plugin_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_lsmd_plugin_connect_any/rule.yml
-index 4d3c7838..32b05be7 100644
+index 4d3c78388..32b05be7a 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_lsmd_plugin_connect_any/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_lsmd_plugin_connect_any/rule.yml
 @@ -1,6 +1,6 @@
@@ -20419,7 +22222,7 @@ index 4d3c7838..32b05be7 100644
  title: 'Disable the lsmd_plugin_connect_any SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mailman_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mailman_use_fusefs/rule.yml
-index 6dfb2e01..5eb9727d 100644
+index 6dfb2e01a..5eb9727d0 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mailman_use_fusefs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mailman_use_fusefs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20431,7 +22234,7 @@ index 6dfb2e01..5eb9727d 100644
  title: 'Disable the mailman_use_fusefs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_client/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_client/rule.yml
-index d235fe6f..95b28e43 100644
+index d235fe6f6..95b28e437 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_client/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_client/rule.yml
 @@ -1,6 +1,6 @@
@@ -20443,7 +22246,7 @@ index d235fe6f..95b28e43 100644
  title: 'Disable the mcelog_client SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_exec_scripts/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_exec_scripts/rule.yml
-index 46c9d61a..706520e3 100644
+index 46c9d61a1..706520e30 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_exec_scripts/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_exec_scripts/rule.yml
 @@ -1,6 +1,6 @@
@@ -20455,7 +22258,7 @@ index 46c9d61a..706520e3 100644
  title: 'Enable the mcelog_exec_scripts SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_foreground/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_foreground/rule.yml
-index 80757940..86ada5a3 100644
+index 807579406..86ada5a32 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_foreground/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_foreground/rule.yml
 @@ -1,6 +1,6 @@
@@ -20467,7 +22270,7 @@ index 80757940..86ada5a3 100644
  title: 'Disable the mcelog_foreground SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_server/rule.yml
-index 48cc45cb..8a59bf4c 100644
+index 48cc45cbc..8a59bf4c3 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_server/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_server/rule.yml
 @@ -1,6 +1,6 @@
@@ -20479,7 +22282,7 @@ index 48cc45cb..8a59bf4c 100644
  title: 'Disable the mcelog_server SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_minidlna_read_generic_user_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_minidlna_read_generic_user_content/rule.yml
-index 040edc1f..068785b4 100644
+index 040edc1fb..068785b40 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_minidlna_read_generic_user_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_minidlna_read_generic_user_content/rule.yml
 @@ -1,6 +1,6 @@
@@ -20491,43 +22294,43 @@ index 040edc1f..068785b4 100644
  title: 'Disable the minidlna_read_generic_user_content SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mmap_low_allowed/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mmap_low_allowed/rule.yml
-index 134cb824..52a2a0cb 100644
+index 9429d9431..f7ff9e504 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mmap_low_allowed/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mmap_low_allowed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the mmap_low_allowed SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mock_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mock_enable_homedirs/rule.yml
-index 7302201a..9a1666c2 100644
+index 7f95fd02d..e141cd1e4 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mock_enable_homedirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mock_enable_homedirs/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the mock_enable_homedirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mount_anyfile/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mount_anyfile/rule.yml
-index 8354e36e..c85174c8 100644
+index 3fa8cfdf0..e0c3580de 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mount_anyfile/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mount_anyfile/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the mount_anyfile SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_bind_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_bind_unreserved_ports/rule.yml
-index a461e301..5a57d162 100644
+index a461e3018..5a57d1622 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_bind_unreserved_ports/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_bind_unreserved_ports/rule.yml
 @@ -1,6 +1,6 @@
@@ -20539,7 +22342,7 @@ index a461e301..5a57d162 100644
  title: 'Disable the mozilla_plugin_bind_unreserved_ports SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_can_network_connect/rule.yml
-index b544dd12..17206906 100644
+index b544dd129..17206906c 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_can_network_connect/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_can_network_connect/rule.yml
 @@ -1,6 +1,6 @@
@@ -20551,7 +22354,7 @@ index b544dd12..17206906 100644
  title: 'Disable the mozilla_plugin_can_network_connect SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_bluejeans/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_bluejeans/rule.yml
-index 878c10bd..69c810a9 100644
+index 878c10bd9..69c810a9b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_bluejeans/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_bluejeans/rule.yml
 @@ -1,6 +1,6 @@
@@ -20563,7 +22366,7 @@ index 878c10bd..69c810a9 100644
  title: 'Disable the mozilla_plugin_use_bluejeans SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_gps/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_gps/rule.yml
-index eba60ff3..66ab4c43 100644
+index eba60ff34..66ab4c430 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_gps/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_gps/rule.yml
 @@ -1,6 +1,6 @@
@@ -20575,7 +22378,7 @@ index eba60ff3..66ab4c43 100644
  title: 'Disable the mozilla_plugin_use_gps SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_spice/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_spice/rule.yml
-index a5655a34..ba398fec 100644
+index a5655a348..ba398fec4 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_spice/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_spice/rule.yml
 @@ -1,6 +1,6 @@
@@ -20587,7 +22390,7 @@ index a5655a34..ba398fec 100644
  title: 'Disable the mozilla_plugin_use_spice SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_read_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_read_content/rule.yml
-index 8d8407db..b56b3b40 100644
+index 8d8407db2..b56b3b40e 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_read_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_read_content/rule.yml
 @@ -1,6 +1,6 @@
@@ -20599,7 +22402,7 @@ index 8d8407db..b56b3b40 100644
  title: 'Disable the mozilla_read_content SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_enable_homedirs/rule.yml
-index db538e06..7c6f98ea 100644
+index db538e06f..7c6f98ea2 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_enable_homedirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_enable_homedirs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20611,7 +22414,7 @@ index db538e06..7c6f98ea 100644
  title: 'Disable the mpd_enable_homedirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_cifs/rule.yml
-index 5bff3c99..d359d281 100644
+index 5bff3c990..d359d2819 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_cifs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_cifs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20623,7 +22426,7 @@ index 5bff3c99..d359d281 100644
  title: 'Disable the mpd_use_cifs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_nfs/rule.yml
-index 97140465..a4af6e2d 100644
+index 97140465f..a4af6e2d0 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20635,7 +22438,7 @@ index 97140465..a4af6e2d 100644
  title: 'Disable the mpd_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mplayer_execstack/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mplayer_execstack/rule.yml
-index bb5e5948..a412fc8b 100644
+index bb5e59484..a412fc8b8 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mplayer_execstack/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mplayer_execstack/rule.yml
 @@ -1,6 +1,6 @@
@@ -20647,7 +22450,7 @@ index bb5e5948..a412fc8b 100644
  title: 'Disable the mplayer_execstack SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mysql_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mysql_connect_any/rule.yml
-index 98a1ebcf..cce1c87e 100644
+index 98a1ebcf9..cce1c87e1 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mysql_connect_any/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mysql_connect_any/rule.yml
 @@ -1,6 +1,6 @@
@@ -20659,7 +22462,7 @@ index 98a1ebcf..cce1c87e 100644
  title: 'Disable the mysql_connect_any SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_pnp4nagios/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_pnp4nagios/rule.yml
-index 70347807..2d91a12f 100644
+index 70347807f..2d91a12ff 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_pnp4nagios/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_pnp4nagios/rule.yml
 @@ -1,6 +1,6 @@
@@ -20671,7 +22474,7 @@ index 70347807..2d91a12f 100644
  title: 'Disable the nagios_run_pnp4nagios SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_sudo/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_sudo/rule.yml
-index 489a099a..7d208a85 100644
+index 489a099a9..7d208a858 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_sudo/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_sudo/rule.yml
 @@ -1,6 +1,6 @@
@@ -20683,7 +22486,7 @@ index 489a099a..7d208a85 100644
  title: 'Disable the nagios_run_sudo SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_named_tcp_bind_http_port/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_named_tcp_bind_http_port/rule.yml
-index a51fbbea..1f31780a 100644
+index a51fbbeac..1f31780ad 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_named_tcp_bind_http_port/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_named_tcp_bind_http_port/rule.yml
 @@ -1,6 +1,6 @@
@@ -20695,7 +22498,7 @@ index a51fbbea..1f31780a 100644
  title: 'Disable the named_tcp_bind_http_port SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_named_write_master_zones/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_named_write_master_zones/rule.yml
-index c9d54a98..b4bb8d07 100644
+index c9d54a988..b4bb8d074 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_named_write_master_zones/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_named_write_master_zones/rule.yml
 @@ -1,6 +1,6 @@
@@ -20707,7 +22510,7 @@ index c9d54a98..b4bb8d07 100644
  title: 'Disable the named_write_master_zones SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_neutron_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_neutron_can_network/rule.yml
-index b543c733..3df85ab6 100644
+index b543c7330..3df85ab6d 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_neutron_can_network/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_neutron_can_network/rule.yml
 @@ -1,6 +1,6 @@
@@ -20719,7 +22522,7 @@ index b543c733..3df85ab6 100644
  title: 'Disable the neutron_can_network SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_ro/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_ro/rule.yml
-index c0718a62..4ade28e7 100644
+index c0718a62c..4ade28e78 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_ro/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_ro/rule.yml
 @@ -1,6 +1,6 @@
@@ -20731,7 +22534,7 @@ index c0718a62..4ade28e7 100644
  title: 'Enable the nfs_export_all_ro SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_rw/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_rw/rule.yml
-index 0355bad7..7d4a3dfc 100644
+index 0355bad7c..7d4a3dfc7 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_rw/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_rw/rule.yml
 @@ -1,6 +1,6 @@
@@ -20743,7 +22546,7 @@ index 0355bad7..7d4a3dfc 100644
  title: 'Enable the nfs_export_all_rw SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfsd_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfsd_anon_write/rule.yml
-index 8d21a80b..0b0a2ee5 100644
+index 8d21a80bb..0b0a2ee52 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfsd_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfsd_anon_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -20755,7 +22558,7 @@ index 8d21a80b..0b0a2ee5 100644
  title: 'Disable the nfsd_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nis_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nis_enabled/rule.yml
-index 9ae527ee..b9324567 100644
+index 9ae527eef..b93245675 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nis_enabled/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nis_enabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -20767,7 +22570,7 @@ index 9ae527ee..b9324567 100644
  title: 'Disable the nis_enabled SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nscd_use_shm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nscd_use_shm/rule.yml
-index 2223ef84..abb41046 100644
+index 2223ef849..abb410463 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nscd_use_shm/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nscd_use_shm/rule.yml
 @@ -1,6 +1,6 @@
@@ -20779,7 +22582,7 @@ index 2223ef84..abb41046 100644
  title: 'Enable the nscd_use_shm SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_openshift_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_openshift_use_nfs/rule.yml
-index 1c4fa8c1..9c06f296 100644
+index 1c4fa8c18..9c06f2965 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_openshift_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_openshift_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20791,7 +22594,7 @@ index 1c4fa8c1..9c06f296 100644
  title: 'Disable the openshift_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_can_network_connect/rule.yml
-index affa929a..b0ba05f1 100644
+index affa929a5..b0ba05f19 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_can_network_connect/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_can_network_connect/rule.yml
 @@ -1,6 +1,6 @@
@@ -20803,7 +22606,7 @@ index affa929a..b0ba05f1 100644
  title: 'Disable the openvpn_can_network_connect SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_enable_homedirs/rule.yml
-index 425be626..20e4922a 100644
+index 425be626d..20e4922a8 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_enable_homedirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_enable_homedirs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20815,7 +22618,7 @@ index 425be626..20e4922a 100644
  title: 'Disable the openvpn_enable_homedirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_run_unconfined/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_run_unconfined/rule.yml
-index 8ebfe542..04fcdf6d 100644
+index 8ebfe5426..04fcdf6db 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_run_unconfined/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_run_unconfined/rule.yml
 @@ -1,6 +1,6 @@
@@ -20827,7 +22630,7 @@ index 8ebfe542..04fcdf6d 100644
  title: 'Disable the openvpn_run_unconfined SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_bind_all_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_bind_all_unreserved_ports/rule.yml
-index c1a13523..fe23e776 100644
+index c1a13523f..fe23e7765 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_bind_all_unreserved_ports/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_bind_all_unreserved_ports/rule.yml
 @@ -1,6 +1,6 @@
@@ -20839,7 +22642,7 @@ index c1a13523..fe23e776 100644
  title: 'Disable the pcp_bind_all_unreserved_ports SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_read_generic_logs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_read_generic_logs/rule.yml
-index 9f902520..a76d4523 100644
+index 9f902520a..a76d45235 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_read_generic_logs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_read_generic_logs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20851,7 +22654,7 @@ index 9f902520..a76d4523 100644
  title: 'Disable the pcp_read_generic_logs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_piranha_lvs_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_piranha_lvs_can_network_connect/rule.yml
-index bf1ea51c..3c76e1fc 100644
+index bf1ea51c4..3c76e1fcd 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_piranha_lvs_can_network_connect/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_piranha_lvs_can_network_connect/rule.yml
 @@ -1,6 +1,6 @@
@@ -20863,7 +22666,7 @@ index bf1ea51c..3c76e1fc 100644
  title: 'Disable the piranha_lvs_can_network_connect SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_connect_all_unreserved/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_connect_all_unreserved/rule.yml
-index 7e628966..82442a13 100644
+index 7e628966d..82442a136 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_connect_all_unreserved/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_connect_all_unreserved/rule.yml
 @@ -1,6 +1,6 @@
@@ -20875,7 +22678,7 @@ index 7e628966..82442a13 100644
  title: 'Disable the polipo_connect_all_unreserved SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_bind_all_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_bind_all_unreserved_ports/rule.yml
-index fa974402..39da107d 100644
+index fa974402e..39da107db 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_bind_all_unreserved_ports/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_bind_all_unreserved_ports/rule.yml
 @@ -1,6 +1,6 @@
@@ -20887,7 +22690,7 @@ index fa974402..39da107d 100644
  title: 'Disable the polipo_session_bind_all_unreserved_ports SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_users/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_users/rule.yml
-index f2f93ba3..2993b2f9 100644
+index f2f93ba30..2993b2f91 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_users/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_users/rule.yml
 @@ -1,6 +1,6 @@
@@ -20899,7 +22702,7 @@ index f2f93ba3..2993b2f9 100644
  title: 'Disable the polipo_session_users SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_cifs/rule.yml
-index 0f0fe5d6..bd263df1 100644
+index 0f0fe5d6c..bd263df1b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_cifs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_cifs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20911,7 +22714,7 @@ index 0f0fe5d6..bd263df1 100644
  title: 'Disable the polipo_use_cifs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_nfs/rule.yml
-index 1c1d302e..7353b3ab 100644
+index 1c1d302e5..7353b3ab8 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -20923,19 +22726,19 @@ index 1c1d302e..7353b3ab 100644
  title: 'Disable the polipo_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polyinstantiation_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polyinstantiation_enabled/rule.yml
-index 53f154e7..969390fd 100644
+index 29a752033..35ec69678 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polyinstantiation_enabled/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polyinstantiation_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
- title: 'Disable the polyinstantiation_enabled SELinux Boolean'
+ title: 'Configure the polyinstantiation_enabled SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postfix_local_write_mail_spool/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postfix_local_write_mail_spool/rule.yml
-index 1c061280..f607bdc2 100644
+index 1c0612800..f607bdc22 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postfix_local_write_mail_spool/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postfix_local_write_mail_spool/rule.yml
 @@ -1,6 +1,6 @@
@@ -20947,7 +22750,7 @@ index 1c061280..f607bdc2 100644
  title: 'Enable the postfix_local_write_mail_spool SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_can_rsync/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_can_rsync/rule.yml
-index 2d4f2e59..dcfcc5b4 100644
+index 2d4f2e59f..dcfcc5b4a 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_can_rsync/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_can_rsync/rule.yml
 @@ -1,6 +1,6 @@
@@ -20959,7 +22762,7 @@ index 2d4f2e59..dcfcc5b4 100644
  title: 'Disable the postgresql_can_rsync SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_transmit_client_label/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_transmit_client_label/rule.yml
-index f7fdf042..e2bde893 100644
+index f7fdf042b..e2bde893b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_transmit_client_label/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_transmit_client_label/rule.yml
 @@ -1,6 +1,6 @@
@@ -20971,7 +22774,7 @@ index f7fdf042..e2bde893 100644
  title: 'Disable the postgresql_selinux_transmit_client_label SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_unconfined_dbadm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_unconfined_dbadm/rule.yml
-index e4e888a8..0935fa0f 100644
+index e4e888a81..0935fa0f3 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_unconfined_dbadm/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_unconfined_dbadm/rule.yml
 @@ -1,6 +1,6 @@
@@ -20983,7 +22786,7 @@ index e4e888a8..0935fa0f 100644
  title: 'Enable the postgresql_selinux_unconfined_dbadm SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_users_ddl/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_users_ddl/rule.yml
-index 215daf93..c8f70c02 100644
+index 215daf937..c8f70c020 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_users_ddl/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_users_ddl/rule.yml
 @@ -1,6 +1,6 @@
@@ -20995,7 +22798,7 @@ index 215daf93..c8f70c02 100644
  title: 'Enable the postgresql_selinux_users_ddl SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_can_insmod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_can_insmod/rule.yml
-index 9ff99173..6e8c37d1 100644
+index 9ff991731..6e8c37d12 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_can_insmod/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_can_insmod/rule.yml
 @@ -1,6 +1,6 @@
@@ -21007,7 +22810,7 @@ index 9ff99173..6e8c37d1 100644
  title: 'Disable the pppd_can_insmod SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_for_user/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_for_user/rule.yml
-index ef5d648f..a3f5a525 100644
+index ef5d648f7..a3f5a525a 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_for_user/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_for_user/rule.yml
 @@ -1,6 +1,6 @@
@@ -21019,7 +22822,7 @@ index ef5d648f..a3f5a525 100644
  title: 'Disable the pppd_for_user SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_privoxy_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_privoxy_connect_any/rule.yml
-index b9f04990..320d69e0 100644
+index b9f049901..320d69e0b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_privoxy_connect_any/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_privoxy_connect_any/rule.yml
 @@ -1,6 +1,6 @@
@@ -21031,7 +22834,7 @@ index b9f04990..320d69e0 100644
  title: 'Disable the privoxy_connect_any SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_prosody_bind_http_port/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_prosody_bind_http_port/rule.yml
-index ec8fa105..3f3d870e 100644
+index ec8fa105b..3f3d870e6 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_prosody_bind_http_port/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_prosody_bind_http_port/rule.yml
 @@ -1,6 +1,6 @@
@@ -21043,7 +22846,7 @@ index ec8fa105..3f3d870e 100644
  title: 'Disable the prosody_bind_http_port SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetagent_manage_all_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetagent_manage_all_files/rule.yml
-index ce7bc2f5..f1b87a1d 100644
+index ce7bc2f5f..f1b87a1db 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetagent_manage_all_files/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetagent_manage_all_files/rule.yml
 @@ -1,6 +1,6 @@
@@ -21055,7 +22858,7 @@ index ce7bc2f5..f1b87a1d 100644
  title: 'Disable the puppetagent_manage_all_files SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetmaster_use_db/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetmaster_use_db/rule.yml
-index 894fed16..7f85d5e0 100644
+index 894fed16b..7f85d5e05 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetmaster_use_db/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetmaster_use_db/rule.yml
 @@ -1,6 +1,6 @@
@@ -21067,7 +22870,7 @@ index 894fed16..7f85d5e0 100644
  title: 'Disable the puppetmaster_use_db SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_racoon_read_shadow/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_racoon_read_shadow/rule.yml
-index 2cae0d28..4120691c 100644
+index 2cae0d28b..4120691cf 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_racoon_read_shadow/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_racoon_read_shadow/rule.yml
 @@ -1,6 +1,6 @@
@@ -21079,7 +22882,7 @@ index 2cae0d28..4120691c 100644
  title: 'Disable the racoon_read_shadow SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_anon_write/rule.yml
-index 8720c030..614c4e60 100644
+index 8720c0306..614c4e604 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_anon_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -21091,7 +22894,7 @@ index 8720c030..614c4e60 100644
  title: 'Disable the rsync_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_client/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_client/rule.yml
-index 58878837..5ea8dc21 100644
+index 588788376..5ea8dc21c 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_client/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_client/rule.yml
 @@ -1,6 +1,6 @@
@@ -21103,7 +22906,7 @@ index 58878837..5ea8dc21 100644
  title: 'Disable the rsync_client SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_export_all_ro/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_export_all_ro/rule.yml
-index 154646cf..4aec9d3e 100644
+index 154646cfa..4aec9d3ed 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_export_all_ro/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_export_all_ro/rule.yml
 @@ -1,6 +1,6 @@
@@ -21115,7 +22918,7 @@ index 154646cf..4aec9d3e 100644
  title: 'Disable the rsync_export_all_ro SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_full_access/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_full_access/rule.yml
-index 832dfa25..2de80cb7 100644
+index 832dfa25a..2de80cb7a 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_full_access/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_full_access/rule.yml
 @@ -1,6 +1,6 @@
@@ -21127,7 +22930,7 @@ index 832dfa25..2de80cb7 100644
  title: 'Disable the rsync_full_access SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_create_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_create_home_dirs/rule.yml
-index 85b65a88..207d77e8 100644
+index 85b65a88f..207d77e85 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_create_home_dirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_create_home_dirs/rule.yml
 @@ -1,6 +1,6 @@
@@ -21139,7 +22942,7 @@ index 85b65a88..207d77e8 100644
  title: 'Disable the samba_create_home_dirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_domain_controller/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_domain_controller/rule.yml
-index c67f1f86..8cd0f5e0 100644
+index c67f1f86c..8cd0f5e0c 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_domain_controller/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_domain_controller/rule.yml
 @@ -1,6 +1,6 @@
@@ -21151,7 +22954,7 @@ index c67f1f86..8cd0f5e0 100644
  title: 'Disable the samba_domain_controller SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_enable_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_enable_home_dirs/rule.yml
-index 1698ed1d..90798fe7 100644
+index 1698ed1d4..90798fe79 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_enable_home_dirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_enable_home_dirs/rule.yml
 @@ -1,6 +1,6 @@
@@ -21163,7 +22966,7 @@ index 1698ed1d..90798fe7 100644
  title: 'Disable the samba_enable_home_dirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_ro/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_ro/rule.yml
-index 9a21f5f6..b3efb3e9 100644
+index 9a21f5f63..b3efb3e96 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_ro/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_ro/rule.yml
 @@ -1,6 +1,6 @@
@@ -21175,7 +22978,7 @@ index 9a21f5f6..b3efb3e9 100644
  title: 'Disable the samba_export_all_ro SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_rw/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_rw/rule.yml
-index fd52c836..49a8ec85 100644
+index fd52c836b..49a8ec859 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_rw/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_rw/rule.yml
 @@ -1,6 +1,6 @@
@@ -21187,7 +22990,7 @@ index fd52c836..49a8ec85 100644
  title: 'Disable the samba_export_all_rw SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_load_libgfapi/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_load_libgfapi/rule.yml
-index 826beddf..5a08118e 100644
+index 826beddf1..5a08118ea 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_load_libgfapi/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_load_libgfapi/rule.yml
 @@ -1,6 +1,6 @@
@@ -21199,7 +23002,7 @@ index 826beddf..5a08118e 100644
  title: 'Disable the samba_load_libgfapi SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_portmapper/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_portmapper/rule.yml
-index d901e686..9073796e 100644
+index d901e6866..9073796ef 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_portmapper/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_portmapper/rule.yml
 @@ -1,6 +1,6 @@
@@ -21211,7 +23014,7 @@ index d901e686..9073796e 100644
  title: 'Disable the samba_portmapper SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_run_unconfined/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_run_unconfined/rule.yml
-index c409c6bb..9729d7fa 100644
+index c409c6bb0..9729d7fa3 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_run_unconfined/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_run_unconfined/rule.yml
 @@ -1,6 +1,6 @@
@@ -21223,7 +23026,7 @@ index c409c6bb..9729d7fa 100644
  title: 'Disable the samba_run_unconfined SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_fusefs/rule.yml
-index cc2efcfb..707659d6 100644
+index cc2efcfb9..707659d6b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_fusefs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_fusefs/rule.yml
 @@ -1,6 +1,6 @@
@@ -21235,7 +23038,7 @@ index cc2efcfb..707659d6 100644
  title: 'Disable the samba_share_fusefs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_nfs/rule.yml
-index 085f7118..0230e13e 100644
+index 085f7118f..0230e13e1 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -21247,7 +23050,7 @@ index 085f7118..0230e13e 100644
  title: 'Disable the samba_share_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_fusefs/rule.yml
-index 07428064..aa479f16 100644
+index 074280640..aa479f165 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_fusefs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_fusefs/rule.yml
 @@ -1,6 +1,6 @@
@@ -21259,7 +23062,7 @@ index 07428064..aa479f16 100644
  title: 'Disable the sanlock_use_fusefs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_nfs/rule.yml
-index c1a64ba8..550a22a0 100644
+index c1a64ba85..550a22a0f 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -21271,7 +23074,7 @@ index c1a64ba8..550a22a0 100644
  title: 'Disable the sanlock_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_samba/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_samba/rule.yml
-index c413f111..6b4110bf 100644
+index c413f111f..6b4110bf2 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_samba/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_samba/rule.yml
 @@ -1,6 +1,6 @@
@@ -21283,7 +23086,7 @@ index c413f111..6b4110bf 100644
  title: 'Disable the sanlock_use_samba SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_saslauthd_read_shadow/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_saslauthd_read_shadow/rule.yml
-index f0d4bbc9..def16a42 100644
+index f0d4bbc9b..def16a427 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_saslauthd_read_shadow/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_saslauthd_read_shadow/rule.yml
 @@ -1,6 +1,6 @@
@@ -21295,199 +23098,199 @@ index f0d4bbc9..def16a42 100644
  title: 'Disable the saslauthd_read_shadow SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secadm_exec_content/rule.yml
-index fe166c84..613e2054 100644
+index d781baab8..69b4ab65b 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secadm_exec_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secadm_exec_content/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Enable the secadm_exec_content SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml
-index 8812aab5..58433655 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the secure_mode SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml
-index 428bb90b..5416bfa6 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
 -prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
 +prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
- title: 'Disable the secure_mode_insmod SELinux Boolean'
+ title: 'Enable the secadm_exec_content SELinux Boolean'
+ 
+diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml
+index 36c8756dd..20316bcee 100644
+--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml
++++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+ 
+ title: 'Disable the secure_mode SELinux Boolean'
+ 
+diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml
+index 0e36376e1..a85cb90c8 100644
+--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml
++++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
+ 
+ title: 'Configure the secure_mode_insmod SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_policyload/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_policyload/rule.yml
-index cf06eb5e..a156f971 100644
+index 062b9686f..f46ca75eb 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_policyload/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_policyload/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the secure_mode_policyload SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_direct_dri_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_direct_dri_enabled/rule.yml
-index d9918450..702adbee 100644
+index 7e58c5f26..589e30e49 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_direct_dri_enabled/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_direct_dri_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Configure the selinuxuser_direct_dri_enabled SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
-index dd87bfe5..313e4ef6 100644
+index e2bb4d6cf..04a3cbd81 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Disable the selinuxuser_execheap SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
-index 26617b23..85eef9d2 100644
+index 46f76ce22..e1288fdd3 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Enable the selinuxuser_execmod SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
-index 4a78c892..13b80855 100644
+index 440b1f859..16c273eb1 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'disable the selinuxuser_execstack SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_mysql_connect_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_mysql_connect_enabled/rule.yml
-index 273c5ac0..4a4a181c 100644
+index 88a2a92d6..3cdf3685a 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_mysql_connect_enabled/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_mysql_connect_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the selinuxuser_mysql_connect_enabled SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_ping/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_ping/rule.yml
-index 0645deb5..36f1e961 100644
+index 79b96246b..05a7d02cf 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_ping/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_ping/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the selinuxuser_ping SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_postgresql_connect_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_postgresql_connect_enabled/rule.yml
-index b71a1ff7..17bb3478 100644
+index 6d70e9d53..0f9bbc688 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_postgresql_connect_enabled/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_postgresql_connect_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the selinuxuser_postgresql_connect_enabled SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_rw_noexattrfile/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_rw_noexattrfile/rule.yml
-index cc3ae761..45665fea 100644
+index 7092bbffc..dd0877542 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_rw_noexattrfile/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_rw_noexattrfile/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the selinuxuser_rw_noexattrfile SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_share_music/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_share_music/rule.yml
-index 46b98953..118af784 100644
+index fb492e6d3..38bed7a64 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_share_music/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_share_music/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the selinuxuser_share_music SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_tcp_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_tcp_server/rule.yml
-index 692df86c..cb301be6 100644
+index 3dcf75440..9fea8784c 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_tcp_server/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_tcp_server/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the selinuxuser_tcp_server SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_udp_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_udp_server/rule.yml
-index 016131f1..f8ed8c83 100644
+index 89bb3dc5e..2bc5697c9 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_udp_server/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_udp_server/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the selinuxuser_udp_server SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_use_ssh_chroot/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_use_ssh_chroot/rule.yml
-index 5fcf435e..49176ecf 100644
+index 518bd1745..f2d8bbc1d 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_use_ssh_chroot/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_use_ssh_chroot/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the selinuxuser_use_ssh_chroot SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_domain_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_domain_can_network_connect/rule.yml
-index 17054b75..da8b92c6 100644
+index 17054b75b..da8b92c6c 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_domain_can_network_connect/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_domain_can_network_connect/rule.yml
 @@ -1,6 +1,6 @@
@@ -21499,7 +23302,7 @@ index 17054b75..da8b92c6 100644
  title: 'Disable the sge_domain_can_network_connect SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_use_nfs/rule.yml
-index df44870b..1ad1905a 100644
+index df44870be..1ad1905af 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -21511,7 +23314,7 @@ index df44870b..1ad1905a 100644
  title: 'Disable the sge_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_smartmon_3ware/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_smartmon_3ware/rule.yml
-index 03a20026..8496b412 100644
+index 03a20026b..8496b4125 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_smartmon_3ware/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_smartmon_3ware/rule.yml
 @@ -1,6 +1,6 @@
@@ -21523,7 +23326,7 @@ index 03a20026..8496b412 100644
  title: 'Disable the smartmon_3ware SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_smbd_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_smbd_anon_write/rule.yml
-index a597045a..b9f168ca 100644
+index a597045a1..b9f168cab 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_smbd_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_smbd_anon_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -21535,7 +23338,7 @@ index a597045a..b9f168ca 100644
  title: 'Disable the smbd_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_spamassassin_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_spamassassin_can_network/rule.yml
-index 04514bde..570b320f 100644
+index 04514bdec..570b320f1 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_spamassassin_can_network/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_spamassassin_can_network/rule.yml
 @@ -1,6 +1,6 @@
@@ -21547,7 +23350,7 @@ index 04514bde..570b320f 100644
  title: 'Disable the spamassassin_can_network SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_spamd_enable_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_spamd_enable_home_dirs/rule.yml
-index 3f743cbf..32ec94a0 100644
+index 3f743cbf1..32ec94a08 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_spamd_enable_home_dirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_spamd_enable_home_dirs/rule.yml
 @@ -1,6 +1,6 @@
@@ -21559,7 +23362,7 @@ index 3f743cbf..32ec94a0 100644
  title: 'Enable the spamd_enable_home_dirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_connect_any/rule.yml
-index ec5c45e7..6345f86a 100644
+index ec5c45e7e..6345f86af 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_connect_any/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_connect_any/rule.yml
 @@ -1,6 +1,6 @@
@@ -21571,7 +23374,7 @@ index ec5c45e7..6345f86a 100644
  title: 'Disable the squid_connect_any SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_use_tproxy/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_use_tproxy/rule.yml
-index dd156deb..e39be3fd 100644
+index dd156deb2..e39be3fdc 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_use_tproxy/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_use_tproxy/rule.yml
 @@ -1,6 +1,6 @@
@@ -21583,55 +23386,55 @@ index dd156deb..e39be3fd 100644
  title: 'Disable the squid_use_tproxy SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_chroot_rw_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_chroot_rw_homedirs/rule.yml
-index ef2338c1..57cd8389 100644
+index df38b35f8..2f5198960 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_chroot_rw_homedirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_chroot_rw_homedirs/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the ssh_chroot_rw_homedirs SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml
-index 5ab6b17e..ac0457bf 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
- 
- title: 'Disable the ssh_keysign SELinux Boolean'
- 
-diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
-index d54bcf54..e44a05c6 100644
---- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
-+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
 -prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
 +prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
+ title: 'Disable the ssh_chroot_rw_homedirs SELinux Boolean'
+ 
+diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml
+index 60b99ed0a..30eb252ce 100644
+--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml
++++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+ 
+ title: 'Disable the ssh_keysign SELinux Boolean'
+ 
+diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
+index 79b12b381..daf679049 100644
+--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
++++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
+ 
  title: 'Disable the ssh_sysadm_login SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_exec_content/rule.yml
-index 6afbfdf2..761f9f99 100644
+index 2292c61e9..844c40180 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_exec_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_exec_content/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the staff_exec_content SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_use_svirt/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_use_svirt/rule.yml
-index 4cb6582d..83c50aef 100644
+index 4cb6582d4..83c50aef7 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_use_svirt/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_use_svirt/rule.yml
 @@ -1,6 +1,6 @@
@@ -21643,7 +23446,7 @@ index 4cb6582d..83c50aef 100644
  title: 'Disable the staff_use_svirt SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_swift_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_swift_can_network/rule.yml
-index 60ac4523..5bea5bed 100644
+index 60ac4523f..5bea5bedf 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_swift_can_network/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_swift_can_network/rule.yml
 @@ -1,6 +1,6 @@
@@ -21655,19 +23458,19 @@ index 60ac4523..5bea5bed 100644
  title: 'Disable the swift_can_network SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sysadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sysadm_exec_content/rule.yml
-index d3dfd51e..3ba9d15d 100644
+index 0fc83bc14..8d996d407 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sysadm_exec_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sysadm_exec_content/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the sysadm_exec_content SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_connect_all_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_connect_all_ports/rule.yml
-index d4d469d2..4ecc3659 100644
+index d4d469d26..4ecc36599 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_connect_all_ports/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_connect_all_ports/rule.yml
 @@ -1,6 +1,6 @@
@@ -21679,7 +23482,7 @@ index d4d469d2..4ecc3659 100644
  title: 'Disable the telepathy_connect_all_ports SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_tcp_connect_generic_network_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_tcp_connect_generic_network_ports/rule.yml
-index 1321809a..24257e70 100644
+index 1321809ab..24257e703 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_tcp_connect_generic_network_ports/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_tcp_connect_generic_network_ports/rule.yml
 @@ -1,6 +1,6 @@
@@ -21691,7 +23494,7 @@ index 1321809a..24257e70 100644
  title: 'Disable the telepathy_tcp_connect_generic_network_ports SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_anon_write/rule.yml
-index 7d8a2cc2..a9448683 100644
+index 7d8a2cc23..a94486834 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_anon_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -21703,7 +23506,7 @@ index 7d8a2cc2..a9448683 100644
  title: 'Disable the tftp_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_home_dir/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_home_dir/rule.yml
-index 9b553ff7..e3b67bd5 100644
+index 9b553ff79..e3b67bd51 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_home_dir/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_home_dir/rule.yml
 @@ -1,6 +1,6 @@
@@ -21715,7 +23518,7 @@ index 9b553ff7..e3b67bd5 100644
  title: 'Disable the tftp_home_dir SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_nfs/rule.yml
-index 1d6ea593..fe961347 100644
+index 1d6ea593c..fe9613475 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -21727,7 +23530,7 @@ index 1d6ea593..fe961347 100644
  title: 'Disable the tmpreaper_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_samba/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_samba/rule.yml
-index 0981d8bb..768670d4 100644
+index 0981d8bb7..768670d40 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_samba/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_samba/rule.yml
 @@ -1,6 +1,6 @@
@@ -21739,7 +23542,7 @@ index 0981d8bb..768670d4 100644
  title: 'Disable the tmpreaper_use_samba SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_bind_all_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_bind_all_unreserved_ports/rule.yml
-index df86f451..8f307e56 100644
+index df86f4519..8f307e565 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_bind_all_unreserved_ports/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_bind_all_unreserved_ports/rule.yml
 @@ -1,6 +1,6 @@
@@ -21751,7 +23554,7 @@ index df86f451..8f307e56 100644
  title: 'Disable the tor_bind_all_unreserved_ports SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_can_network_relay/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_can_network_relay/rule.yml
-index 86e08e38..7e863ca9 100644
+index 86e08e388..7e863ca92 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_can_network_relay/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_can_network_relay/rule.yml
 @@ -1,6 +1,6 @@
@@ -21763,7 +23566,7 @@ index 86e08e38..7e863ca9 100644
  title: 'Disable the tor_can_network_relay SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_chrome_sandbox_transition/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_chrome_sandbox_transition/rule.yml
-index f0556d17..b6c44d72 100644
+index f0556d174..b6c44d72e 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_chrome_sandbox_transition/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_chrome_sandbox_transition/rule.yml
 @@ -1,6 +1,6 @@
@@ -21775,19 +23578,19 @@ index f0556d17..b6c44d72 100644
  title: 'Enable the unconfined_chrome_sandbox_transition SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_login/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_login/rule.yml
-index 403ec891..b2db23d6 100644
+index 839767ab2..c19863dc9 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_login/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_login/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the unconfined_login SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_mozilla_plugin_transition/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_mozilla_plugin_transition/rule.yml
-index d8f69ced..45d778d2 100644
+index d8f69ced2..45d778d20 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_mozilla_plugin_transition/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_mozilla_plugin_transition/rule.yml
 @@ -1,6 +1,6 @@
@@ -21799,7 +23602,7 @@ index d8f69ced..45d778d2 100644
  title: 'Enable the unconfined_mozilla_plugin_transition SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_unprivuser_use_svirt/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_unprivuser_use_svirt/rule.yml
-index b9ea2bbe..cda7f281 100644
+index b9ea2bbe1..cda7f2813 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_unprivuser_use_svirt/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_unprivuser_use_svirt/rule.yml
 @@ -1,6 +1,6 @@
@@ -21811,19 +23614,19 @@ index b9ea2bbe..cda7f281 100644
  title: 'Disable the unprivuser_use_svirt SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_ecryptfs_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_ecryptfs_home_dirs/rule.yml
-index 7620ff49..224241b1 100644
+index 74b827fc1..42e7272ad 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_ecryptfs_home_dirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_ecryptfs_home_dirs/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the use_ecryptfs_home_dirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_fusefs_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_fusefs_home_dirs/rule.yml
-index 0b74be73..fde9d57e 100644
+index 0b74be730..fde9d57ea 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_fusefs_home_dirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_fusefs_home_dirs/rule.yml
 @@ -1,6 +1,6 @@
@@ -21835,7 +23638,7 @@ index 0b74be73..fde9d57e 100644
  title: 'Disable the use_fusefs_home_dirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_lpd_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_lpd_server/rule.yml
-index ec79d2ec..dd36abc1 100644
+index ec79d2ec8..dd36abc18 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_lpd_server/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_lpd_server/rule.yml
 @@ -1,6 +1,6 @@
@@ -21847,7 +23650,7 @@ index ec79d2ec..dd36abc1 100644
  title: 'Disable the use_lpd_server SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_nfs_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_nfs_home_dirs/rule.yml
-index fdfad24e..8708942e 100644
+index fdfad24e7..8708942ec 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_nfs_home_dirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_nfs_home_dirs/rule.yml
 @@ -1,6 +1,6 @@
@@ -21859,7 +23662,7 @@ index fdfad24e..8708942e 100644
  title: 'Disable the use_nfs_home_dirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_samba_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_samba_home_dirs/rule.yml
-index 4da19ea4..32b01588 100644
+index 4da19ea45..32b015882 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_samba_home_dirs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_samba_home_dirs/rule.yml
 @@ -1,6 +1,6 @@
@@ -21871,19 +23674,19 @@ index 4da19ea4..32b01588 100644
  title: 'Disable the use_samba_home_dirs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_user_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_user_exec_content/rule.yml
-index ecb2e959..ea2e5df8 100644
+index 2ba42daf6..84cbc6cc3 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_user_exec_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_user_exec_content/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Enable the user_exec_content SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_varnishd_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_varnishd_connect_any/rule.yml
-index 0b2097dc..0619143c 100644
+index 0b2097dc3..0619143c6 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_varnishd_connect_any/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_varnishd_connect_any/rule.yml
 @@ -1,6 +1,6 @@
@@ -21895,7 +23698,7 @@ index 0b2097dc..0619143c 100644
  title: 'Disable the varnishd_connect_any SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_read_qemu_ga_data/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_read_qemu_ga_data/rule.yml
-index 7899bd3b..f7a88517 100644
+index 7899bd3b7..f7a88517a 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_read_qemu_ga_data/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_read_qemu_ga_data/rule.yml
 @@ -1,6 +1,6 @@
@@ -21907,7 +23710,7 @@ index 7899bd3b..f7a88517 100644
  title: 'Disable the virt_read_qemu_ga_data SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_rw_qemu_ga_data/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_rw_qemu_ga_data/rule.yml
-index 822b9894..8f57e4e5 100644
+index 822b9894f..8f57e4e5d 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_rw_qemu_ga_data/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_rw_qemu_ga_data/rule.yml
 @@ -1,6 +1,6 @@
@@ -21919,7 +23722,7 @@ index 822b9894..8f57e4e5 100644
  title: 'Disable the virt_rw_qemu_ga_data SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_all_caps/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_all_caps/rule.yml
-index df5c0c82..559cd12b 100644
+index df5c0c827..559cd12b5 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_all_caps/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_all_caps/rule.yml
 @@ -1,6 +1,6 @@
@@ -21931,7 +23734,7 @@ index df5c0c82..559cd12b 100644
  title: 'Disable the virt_sandbox_use_all_caps SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_audit/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_audit/rule.yml
-index f0009fe4..df761480 100644
+index f0009fe45..df761480f 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_audit/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_audit/rule.yml
 @@ -1,6 +1,6 @@
@@ -21943,7 +23746,7 @@ index f0009fe4..df761480 100644
  title: 'Enable the virt_sandbox_use_audit SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_mknod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_mknod/rule.yml
-index 03b024c0..7689f05a 100644
+index 03b024c0e..7689f05a4 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_mknod/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_mknod/rule.yml
 @@ -1,6 +1,6 @@
@@ -21955,7 +23758,7 @@ index 03b024c0..7689f05a 100644
  title: 'Disable the virt_sandbox_use_mknod SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_netlink/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_netlink/rule.yml
-index 1891511d..3b80c5e8 100644
+index 1891511d2..3b80c5e81 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_netlink/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_netlink/rule.yml
 @@ -1,6 +1,6 @@
@@ -21967,7 +23770,7 @@ index 1891511d..3b80c5e8 100644
  title: 'Disable the virt_sandbox_use_netlink SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_sys_admin/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_sys_admin/rule.yml
-index b7fcd58a..a1577449 100644
+index b7fcd58a9..a15774495 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_sys_admin/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_sys_admin/rule.yml
 @@ -1,6 +1,6 @@
@@ -21979,7 +23782,7 @@ index b7fcd58a..a1577449 100644
  title: 'Disable the virt_sandbox_use_sys_admin SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_transition_userdomain/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_transition_userdomain/rule.yml
-index 3a54abbb..25d71216 100644
+index 3a54abbba..25d71216d 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_transition_userdomain/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_transition_userdomain/rule.yml
 @@ -1,6 +1,6 @@
@@ -21991,7 +23794,7 @@ index 3a54abbb..25d71216 100644
  title: 'Disable the virt_transition_userdomain SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_comm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_comm/rule.yml
-index bef0f9a8..901dc85e 100644
+index bef0f9a8f..901dc85eb 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_comm/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_comm/rule.yml
 @@ -1,6 +1,6 @@
@@ -22003,7 +23806,7 @@ index bef0f9a8..901dc85e 100644
  title: 'Disable the virt_use_comm SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_execmem/rule.yml
-index b4c890c4..baa86e1b 100644
+index b4c890c43..baa86e1ba 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_execmem/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_execmem/rule.yml
 @@ -1,6 +1,6 @@
@@ -22015,7 +23818,7 @@ index b4c890c4..baa86e1b 100644
  title: 'Disable the virt_use_execmem SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_fusefs/rule.yml
-index f92f814f..1ef74b8a 100644
+index f92f814f0..1ef74b8a6 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_fusefs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_fusefs/rule.yml
 @@ -1,6 +1,6 @@
@@ -22027,7 +23830,7 @@ index f92f814f..1ef74b8a 100644
  title: 'Disable the virt_use_fusefs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_nfs/rule.yml
-index 7db9e5b3..1e0cd0f5 100644
+index 7db9e5b36..1e0cd0f56 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -22039,7 +23842,7 @@ index 7db9e5b3..1e0cd0f5 100644
  title: 'Disable the virt_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_rawip/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_rawip/rule.yml
-index ea059d54..23c6e632 100644
+index ea059d549..23c6e6325 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_rawip/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_rawip/rule.yml
 @@ -1,6 +1,6 @@
@@ -22051,7 +23854,7 @@ index ea059d54..23c6e632 100644
  title: 'Disable the virt_use_rawip SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_samba/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_samba/rule.yml
-index bd6cccac..b664f299 100644
+index bd6cccac2..b664f2999 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_samba/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_samba/rule.yml
 @@ -1,6 +1,6 @@
@@ -22063,7 +23866,7 @@ index bd6cccac..b664f299 100644
  title: 'Disable the virt_use_samba SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_sanlock/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_sanlock/rule.yml
-index 7db733fe..9707ac1c 100644
+index 7db733fe8..9707ac1cf 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_sanlock/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_sanlock/rule.yml
 @@ -1,6 +1,6 @@
@@ -22075,7 +23878,7 @@ index 7db733fe..9707ac1c 100644
  title: 'Disable the virt_use_sanlock SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_usb/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_usb/rule.yml
-index bc2e3350..cb103a38 100644
+index bc2e3350b..cb103a38e 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_usb/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_usb/rule.yml
 @@ -1,6 +1,6 @@
@@ -22087,7 +23890,7 @@ index bc2e3350..cb103a38 100644
  title: 'Disable the virt_use_usb SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_xserver/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_xserver/rule.yml
-index 8420fe49..ed9094f4 100644
+index 8420fe493..ed9094f45 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_xserver/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_xserver/rule.yml
 @@ -1,6 +1,6 @@
@@ -22099,7 +23902,7 @@ index 8420fe49..ed9094f4 100644
  title: 'Disable the virt_use_xserver SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_manage_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_manage_user_files/rule.yml
-index 3d69f6b2..bf19fbb8 100644
+index 3d69f6b2a..bf19fbb8c 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_manage_user_files/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_manage_user_files/rule.yml
 @@ -1,6 +1,6 @@
@@ -22111,7 +23914,7 @@ index 3d69f6b2..bf19fbb8 100644
  title: 'Disable the webadm_manage_user_files SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_read_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_read_user_files/rule.yml
-index c8859dd0..e0d5a9d1 100644
+index c8859dd0e..e0d5a9d1f 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_read_user_files/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_read_user_files/rule.yml
 @@ -1,6 +1,6 @@
@@ -22123,7 +23926,7 @@ index c8859dd0..e0d5a9d1 100644
  title: 'Disable the webadm_read_user_files SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_wine_mmap_zero_ignore/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_wine_mmap_zero_ignore/rule.yml
-index 46ea5e90..f9940356 100644
+index 46ea5e901..f9940356e 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_wine_mmap_zero_ignore/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_wine_mmap_zero_ignore/rule.yml
 @@ -1,6 +1,6 @@
@@ -22135,55 +23938,55 @@ index 46ea5e90..f9940356 100644
  title: 'Disable the wine_mmap_zero_ignore SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_bind_vnc_tcp_port/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_bind_vnc_tcp_port/rule.yml
-index d777db4e..18d4819d 100644
+index 456b95fa5..6efc0b8c7 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_bind_vnc_tcp_port/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_bind_vnc_tcp_port/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the xdm_bind_vnc_tcp_port SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_exec_bootloader/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_exec_bootloader/rule.yml
-index 6200ed21..db68ab72 100644
+index 0e2d6630e..f71120b85 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_exec_bootloader/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_exec_bootloader/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the xdm_exec_bootloader SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_sysadm_login/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_sysadm_login/rule.yml
-index 2142a35e..6fb378c1 100644
+index 5c7983247..f30ee9fb9 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_sysadm_login/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_sysadm_login/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the xdm_sysadm_login SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_write_home/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_write_home/rule.yml
-index 19c1b27d..79b1a8af 100644
+index 1231f32f4..97eb45c83 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_write_home/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_write_home/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the xdm_write_home SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xen_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xen_use_nfs/rule.yml
-index 38ff90e0..c6fd91eb 100644
+index 38ff90e0a..c6fd91eb9 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xen_use_nfs/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xen_use_nfs/rule.yml
 @@ -1,6 +1,6 @@
@@ -22195,7 +23998,7 @@ index 38ff90e0..c6fd91eb 100644
  title: 'Disable the xen_use_nfs SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_blktap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_blktap/rule.yml
-index 9bd43515..8971006b 100644
+index 9bd435159..8971006b9 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_blktap/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_blktap/rule.yml
 @@ -1,6 +1,6 @@
@@ -22207,7 +24010,7 @@ index 9bd43515..8971006b 100644
  title: 'Enable the xend_run_blktap SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_qemu/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_qemu/rule.yml
-index 1faef3c8..42a5a4f6 100644
+index 1faef3c80..42a5a4f66 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_qemu/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_qemu/rule.yml
 @@ -1,6 +1,6 @@
@@ -22219,91 +24022,91 @@ index 1faef3c8..42a5a4f6 100644
  title: 'Enable the xend_run_qemu SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_connect_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_connect_network/rule.yml
-index c289bd43..f1b137f3 100644
+index 13fc1d0ad..32949b275 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_connect_network/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_connect_network/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the xguest_connect_network SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_exec_content/rule.yml
-index 0ddc2fe7..ed411cee 100644
+index fa2c6693c..254d4034d 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_exec_content/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_exec_content/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the xguest_exec_content SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_mount_media/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_mount_media/rule.yml
-index d58ed222..c0bee0ab 100644
+index 59420f0aa..af83cc614 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_mount_media/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_mount_media/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the xguest_mount_media SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_use_bluetooth/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_use_bluetooth/rule.yml
-index 3ecd6e32..51366088 100644
+index 7052e9875..4cf579516 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_use_bluetooth/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_use_bluetooth/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the xguest_use_bluetooth SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_clients_write_xshm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_clients_write_xshm/rule.yml
-index b1faac83..ca7e9e1f 100644
+index aca077be5..e8efed4b8 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_clients_write_xshm/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_clients_write_xshm/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the xserver_clients_write_xshm SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_execmem/rule.yml
-index dc0ff0f6..220222b0 100644
+index 393ec2b3b..91d24bcd6 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_execmem/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_execmem/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the xserver_execmem SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_object_manager/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_object_manager/rule.yml
-index 1e83bdc4..3aa38819 100644
+index 6f9a0de7f..fead3a0ed 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_object_manager/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_object_manager/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Disable the xserver_object_manager SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zabbix_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zabbix_can_network/rule.yml
-index f48eccf1..ce7b6cac 100644
+index f48eccf14..ce7b6cac0 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zabbix_can_network/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zabbix_can_network/rule.yml
 @@ -1,6 +1,6 @@
@@ -22315,7 +24118,7 @@ index f48eccf1..ce7b6cac 100644
  title: 'Disable the zabbix_can_network SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zarafa_setrlimit/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zarafa_setrlimit/rule.yml
-index 4775f929..28113c1f 100644
+index 4775f9297..28113c1f9 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zarafa_setrlimit/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zarafa_setrlimit/rule.yml
 @@ -1,6 +1,6 @@
@@ -22327,7 +24130,7 @@ index 4775f929..28113c1f 100644
  title: 'Disable the zarafa_setrlimit SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zebra_write_config/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zebra_write_config/rule.yml
-index ede5e2a4..0159cace 100644
+index ede5e2a43..0159cace0 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zebra_write_config/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zebra_write_config/rule.yml
 @@ -1,6 +1,6 @@
@@ -22339,7 +24142,7 @@ index ede5e2a4..0159cace 100644
  title: 'Disable the zebra_write_config SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_anon_write/rule.yml
-index f97013e6..ad916ea1 100644
+index f97013e6c..ad916ea1f 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_anon_write/rule.yml
 @@ -1,6 +1,6 @@
@@ -22351,7 +24154,7 @@ index f97013e6..ad916ea1 100644
  title: 'Disable the zoneminder_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_run_sudo/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_run_sudo/rule.yml
-index dc7b1290..9596c2d5 100644
+index dc7b1290a..9596c2d57 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_run_sudo/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_run_sudo/rule.yml
 @@ -1,6 +1,6 @@
@@ -22363,62 +24166,62 @@ index dc7b1290..9596c2d5 100644
  title: 'Disable the zoneminder_run_sudo SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
-index 50bd7f11..32b95cf4 100644
+index 7065c1eb9..b1d38588e 100644
 --- a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Ensure No Device Files are Unlabeled by SELinux'
  
 diff --git a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
-index e71e50c8..12868974 100644
+index 00cc2ffc2..73a381123 100644
 --- a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Ensure No Daemons are Unconfined by SELinux'
  
 diff --git a/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml b/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
-index 73e6ec7c..def4c28a 100644
+index fa39b8af6..33e2978d4 100644
 --- a/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
 +++ b/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh b/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
-index 3b546bd8..2daf4ad9 100644
+index 0b33e5768..c9b647b8e 100644
 --- a/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
 +++ b/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
-index e3400c0b..87490406 100644
+index 4b7e17987..cec080b47 100644
 --- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Configure SELinux Policy'
  
-@@ -53,7 +53,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-020220
      stigid@ol8: OL08-00-010450
      stigid@rhel7: RHEL-07-020220
@@ -22426,32 +24229,32 @@ index e3400c0b..87490406 100644
 +    stigid@almalinux8: RHEL-08-010450
      vmmsrg: SRG-OS-000445-VMM-001780
  
- ocil_clause: 'it does not'
+ ocil_clause: 'the loaded policy name is not "{{{ xccdf_value("var_selinux_policy_name") }}}"'
 diff --git a/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml b/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
-index 1c1560a8..fc86b614 100644
+index 3234ef102..9961cbdd9 100644
 --- a/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
 +++ b/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_state/bash/shared.sh b/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
-index 32baf94a..87ff017b 100644
+index 1f458fa5b..3a9811ea3 100644
 --- a/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
 +++ b/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_state/rule.yml b/linux_os/guide/system/selinux/selinux_state/rule.yml
-index 5fada777..60201297 100644
+index 6619b350e..ce4a57fbb 100644
 --- a/linux_os/guide/system/selinux/selinux_state/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_state/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-020210
      stigid@ol8: OL08-00-010170
      stigid@rhel7: RHEL-07-020210
@@ -22461,30 +24264,39 @@ index 5fada777..60201297 100644
  
  ocil_clause: 'SELINUX is not set to enforcing'
 diff --git a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
-index 8cf3c25c..0e9cad5e 100644
+index d4c211c10..b909ccace 100644
 --- a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Map System Users To The Appropriate SELinux Role'
  
+@@ -42,7 +42,7 @@ references:
+     stigid@ol7: OL07-00-020020
+     stigid@ol8: OL08-00-040400
+     stigid@rhel7: RHEL-07-020020
+-    stigid@rhel8: RHEL-08-040400
++    stigid@almalinux8: RHEL-08-040400
+ 
+ ocil_clause: 'non-admin users are not confined correctly'
+ 
 diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
-index 13231dc2..1e424769 100644
+index de1dc56c8..937c7282e 100644
 --- a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Encrypt Partitions'
  
-@@ -72,7 +72,7 @@ references:
+@@ -76,7 +76,7 @@ references:
      nist@sle15: SC-28,SC-28.1
      srg: SRG-OS-000405-GPOS-00184,SRG-OS-000185-GPOS-00079,SRG-OS-000404-GPOS-00183
      stigid@ol8: OL08-00-010030
@@ -22494,22 +24306,22 @@ index 13231dc2..1e424769 100644
      stigid@sle15: SLES-15-010330
      stigid@ubuntu2004: UBTU-20-010414
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml
-index 92f8f073..aa67ffb9 100644
+index be86d0437..f420ac864 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,sle12,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
  
  title: 'Ensure /boot Located On Separate Partition'
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
-index 24b86b58..0260413c 100644
+index 92fb55553..0bd349bf9 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      stigid@ol7: OL07-00-021310
      stigid@ol8: OL08-00-010800
      stigid@rhel7: RHEL-07-021310
@@ -22519,22 +24331,22 @@ index 24b86b58..0260413c 100644
      stigid@sle15: SLES-15-040200
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml
-index 44c81100..975c95c1 100644
+index cef52e21e..01488f38e 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,sle12,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
  
  title: 'Ensure /opt Located On Separate Partition'
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
-index c4951c5a..b26d26ef 100644
+index 1fd3af83a..d5702637c 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      stigid@ol7: OL07-00-021340
      stigid@ol8: OL08-00-010543
      stigid@rhel7: RHEL-07-021340
@@ -22544,22 +24356,22 @@ index c4951c5a..b26d26ef 100644
  {{{ complete_ocil_entry_separate_partition(part="/tmp") }}}
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml
-index 4620f4be..9d08de15 100644
+index f40201b20..bb043b8c4 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,sle12,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
  
  title: 'Ensure /usr Located On Separate Partition'
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
-index 69928762..17f62056 100644
+index 782dc2c1f..308a2bfb3 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-021320
      stigid@ol8: OL08-00-010540
      stigid@rhel7: RHEL-07-021320
@@ -22569,10 +24381,10 @@ index 69928762..17f62056 100644
      stigid@sle15: SLES-15-040210
      vmmsrg: SRG-OS-000341-VMM-001220
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
-index dcdacb63..06acac74 100644
+index e2f69fef8..4a102e1b7 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.PT-1,PR.PT-4
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010541
@@ -22582,10 +24394,10 @@ index dcdacb63..06acac74 100644
  {{{ complete_ocil_entry_separate_partition(part="/var/log") }}}
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
-index 6f71a8b6..7d0b7b8d 100644
+index 5f69a8b9f..78f43a115 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      stigid@ol7: OL07-00-021330
      stigid@ol8: OL08-00-010542
      stigid@rhel7: RHEL-07-021330
@@ -22595,19 +24407,19 @@ index 6f71a8b6..7d0b7b8d 100644
      stigid@sle15: SLES-15-030810
      vmmsrg: SRG-OS-000341-VMM-001220
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
-index dbacf978..07d434ef 100644
+index 65cde9418..5bbac4fac 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004
+-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
  
  title: 'Ensure /var/tmp Located On Separate Partition'
  
-@@ -32,7 +32,7 @@ references:
-     cis@ubuntu2004: 1.1.11
+@@ -38,7 +38,7 @@ references:
+     cis@ubuntu2204: 1.1.4.1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010544
 -    stigid@rhel8: RHEL-08-010544
@@ -22616,7 +24428,7 @@ index dbacf978..07d434ef 100644
  {{{ complete_ocil_entry_separate_partition(part="/var/tmp") }}}
  
 diff --git a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/bash/shared.sh b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/bash/shared.sh
-index d24ad613..78e4f65c 100644
+index d24ad6130..78e4f65cc 100644
 --- a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/bash/shared.sh
 +++ b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/bash/shared.sh
 @@ -1,3 +1,3 @@
@@ -22625,31 +24437,31 @@ index d24ad613..78e4f65c 100644
  
  dconf update
 diff --git a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
-index dae8d1ca..3f63eddb 100644
+index a99dad73d..803ddd498 100644
 --- a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
 +++ b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Make sure that the dconf databases are up-to-date with regards to respective keyfiles'
  
 diff --git a/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml b/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml
-index ffde0523..c56b91c0 100644
+index 48d446249..a45f55612 100644
 --- a/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml
 +++ b/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Configure GNOME3 DConf User Profile'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
-index c3baa1b8..be83f158 100644
+index c3baa1b80..be83f158f 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22659,7 +24471,7 @@ index c3baa1b8..be83f158 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml
-index 3165c09f..f2135e0b 100644
+index 3165c09fc..f2135e0b7 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml
 @@ -1,6 +1,6 @@
@@ -22671,7 +24483,7 @@ index 3165c09f..f2135e0b 100644
  title: 'Disable the GNOME3 Login Restart and Shutdown Buttons'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
-index ca6beab0..8e18147d 100644
+index ca6beab0d..8e18147dd 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22681,19 +24493,28 @@ index ca6beab0..8e18147d 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
-index f1f73151..012662c3 100644
+index a90829993..b32701924 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Disable the GNOME3 Login User List'
  
+@@ -41,7 +41,7 @@ references:
+     nist: CM-6(a),AC-23
+     srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-020032
+-    stigid@rhel8: RHEL-08-020032
++    stigid@almalinux8: RHEL-08-020032
+ 
+ ocil_clause: 'disable-user-list has not been configured or is not disabled'
+ 
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
-index f5d68f1c..91f02c0d 100644
+index f5d68f1c3..91f02c0d4 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22703,7 +24524,7 @@ index f5d68f1c..91f02c0d 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml
-index ce44e98c..1f66017c 100644
+index 0e5f22171..00c88f4e6 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml
 @@ -1,6 +1,6 @@
@@ -22715,19 +24536,19 @@ index ce44e98c..1f66017c 100644
  title: 'Enable the GNOME3 Login Smartcard Authentication'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
-index 79e90887..921cfd53 100644
+index 3bdd2128d..0558856b4 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Enable the GNOME3 Screen Locking On Smartcard Removal'
  
 @@ -33,7 +33,7 @@ references:
-     disa: CCI-000056
+     disa: CCI-000056,CCI-000058
      srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol8: OL08-00-020050
 -    stigid@rhel8: RHEL-08-020050
@@ -22736,7 +24557,7 @@ index 79e90887..921cfd53 100644
  ocil_clause: 'removal-action has not been configured'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
-index 45e6c24a..e06d9600 100644
+index 45e6c24aa..e06d9600f 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22746,7 +24567,7 @@ index 45e6c24a..e06d9600 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml
-index baf8f8a1..6bede2b8 100644
+index baf8f8a1f..6bede2b81 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml
 @@ -1,6 +1,6 @@
@@ -22758,7 +24579,7 @@ index baf8f8a1..6bede2b8 100644
  title: 'Set the GNOME3 Login Number of Failures'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
-index 6b19c813..1f656f5a 100644
+index 6b19c8138..1f656f5a8 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22768,14 +24589,14 @@ index 6b19c813..1f656f5a 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
-index 3aa2491e..0dfb7988 100644
+index cbfcb9c18..e3f39a01f 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Disable GDM Automatic Login'
  
@@ -22789,7 +24610,7 @@ index 3aa2491e..0dfb7988 100644
  ocil_clause: 'GDM allows users to automatically login'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
-index ef2933c5..0d72f6f6 100644
+index ef2933c52..0d72f6f65 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22799,7 +24620,7 @@ index ef2933c5..0d72f6f6 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/bash/shared.sh
-index 569fccfa..b89d4cc5 100644
+index 0fa83b269..4264c8889 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/bash/shared.sh
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -22809,7 +24630,7 @@ index 569fccfa..b89d4cc5 100644
  if rpm --quiet -q gdm
  then
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml
-index 2d7584c3..b260701c 100644
+index 2d7584c37..b260701c0 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml
 @@ -1,6 +1,6 @@
@@ -22821,7 +24642,7 @@ index 2d7584c3..b260701c 100644
  title: 'Disable GDM Guest Login'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
-index 0ca67c74..332a5018 100644
+index 0ca67c74a..332a5018a 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22831,7 +24652,7 @@ index 0ca67c74..332a5018 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
-index 60417ff4..0af05e79 100644
+index 60417ff4e..0af05e798 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22841,19 +24662,19 @@ index 60417ff4..0af05e79 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
-index a5271bc5..9e0dc115 100644
+index cd57e209c..d236c46b4 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,ubuntu2204
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
  
  title: 'Disable GNOME3 Automounting'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
-index ac168ef9..69ecfa6a 100644
+index ac168ef9f..69ecfa6a7 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22863,19 +24684,19 @@ index ac168ef9..69ecfa6a 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
-index 8283802e..0612d84c 100644
+index 55b8d324b..db2e190bd 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,ubuntu2204
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
  
  title: 'Disable GNOME3 Automount Opening'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
-index 51e4063c..3591b726 100644
+index 51e4063c3..3591b7266 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22885,85 +24706,85 @@ index 51e4063c..3591b726 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
-index efefee40..198fd42b 100644
+index 749be00a4..b1cc72639 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,ubuntu2204
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
+ 
+ title: 'Disable GNOME3 Automount running'
+ 
+diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
+index 33460b61c..04074e66b 100644
+--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
++++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+ # reboot = false
+ # strategy = unknown
+ # complexity = low
+diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
+index 0ed279aa0..9b140e2e5 100644
+--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
++++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
 -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
 +prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
  
- title: 'Disable GNOME3 Automount running'
- 
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
-index d9084479..bd866343 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
-index cfaad53a..94454d77 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,rhel7,rhel8,rhel9
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
- 
  title: 'Disable All GNOME3 Thumbnailers'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
-index d82d2741..d7eca57d 100644
+index 4e389aa5c..254db9bfe 100644
 --- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
  # reboot = false
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml
-index 739ce837..82376091 100644
+index 87f7c6e9a..dc246f706 100644
 --- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhel9
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Disable WIFI Network Connection Creation in GNOME3'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
-index 416732d6..dfd0a49e 100644
+index c3922e5b0..40515598a 100644
 --- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
  # reboot = false
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml
-index 0d8eb600..96d42b6b 100644
+index af8909aab..b6b3ba0be 100644
 --- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhel9
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Disable WIFI Network Notification in GNOME3'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
-index 09eed836..601191b4 100644
+index 09eed8367..601191b49 100644
 --- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22973,19 +24794,19 @@ index 09eed836..601191b4 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
-index cdf4c645..d27c6c8e 100644
+index ae37afd2e..00e550e63 100644
 --- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle15
  
  title: 'Require Credential Prompting for Remote Access in GNOME3'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
-index bf1efbe6..efa5b96a 100644
+index bf1efbe61..efa5b96a6 100644
 --- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22995,19 +24816,19 @@ index bf1efbe6..efa5b96a 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
-index fd5f0a6d..af0de315 100644
+index 0d7b7c540..c332f4f60 100644
 --- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle15
  
  title: 'Require Encryption for Remote Access in GNOME3'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
-index f7c7b437..95781d5a 100644
+index f7c7b4379..95781d5ab 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -23017,19 +24838,19 @@ index f7c7b437..95781d5a 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
-index 5c131548..9ea4dce0 100644
+index fdf6551b4..c0c9a4eec 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Enable GNOME3 Screensaver Idle Activation'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
-index d3f144c8..ae170b80 100644
+index d3f144c89..ae170b802 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -23039,7 +24860,7 @@ index d3f144c8..ae170b80 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml
-index b94df803..aaa45d94 100644
+index b94df803c..aaa45d942 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml
 @@ -1,6 +1,6 @@
@@ -23051,7 +24872,7 @@ index b94df803..aaa45d94 100644
  title: 'Ensure Users Cannot Change GNOME3 Screensaver Idle Activation'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
-index 962fff57..bf9af4c0 100644
+index 5b08acff4..d1af90b16 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -23061,18 +24882,18 @@ index 962fff57..bf9af4c0 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
-index 905c5680..1bc2c210 100644
+index ed96f970a..ec5e2a671 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Set GNOME3 Screensaver Inactivity Timeout'
  
-@@ -54,7 +54,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      stigid@ol7: OL07-00-010070
      stigid@ol8: OL08-00-020060
      stigid@rhel7: RHEL-07-010070
@@ -23082,7 +24903,7 @@ index 905c5680..1bc2c210 100644
      stigid@sle15: SLES-15-010120
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
-index ab219dc4..e303520d 100644
+index 9d034e519..2c45806b4 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -23092,19 +24913,28 @@ index ab219dc4..e303520d 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
-index 46d19003..1b2e9db5 100644
+index 00f1fc20c..88ce34272 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,ubuntu2204
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2204
  
  title: 'Set GNOME3 Screensaver Lock Delay After Activation Period'
  
+@@ -42,7 +42,7 @@ references:
+     stigid@ol7: OL07-00-010110
+     stigid@ol8: OL08-00-020031
+     stigid@rhel7: RHEL-07-010110
+-    stigid@rhel8: RHEL-08-020031
++    stigid@almalinux8: RHEL-08-020031
+ 
+ ocil_clause: 'the screensaver lock delay is missing, or is set to a value greater than {{{ xccdf_value("var_screensaver_lock_delay") }}}'
+ 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
-index 292bcf8f..bdba6192 100644
+index d04e6893f..5b9cba007 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -23114,18 +24944,18 @@ index 292bcf8f..bdba6192 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
-index e84a95f7..c2048973 100644
+index 32429a8de..3e8dee9d0 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Enable GNOME3 Screensaver Lock After Idle Period'
  
-@@ -56,7 +56,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-010060
      stigid@ol8: OL08-00-020030
      stigid@rhel7: RHEL-07-010060
@@ -23135,7 +24965,7 @@ index e84a95f7..c2048973 100644
      stigid@sle15: SLES-15-010100
      stigid@ubuntu2004: UBTU-20-010004
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
-index 34ff91ab..875abf68 100644
+index 34ff91ab3..875abf68d 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -23145,7 +24975,7 @@ index 34ff91ab..875abf68 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
-index 4b9770e1..04dea645 100644
+index 1beba66d0..2f6b0426b 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
 @@ -1,6 +1,6 @@
@@ -23156,8 +24986,17 @@ index 4b9770e1..04dea645 100644
  
  title: 'Ensure Users Cannot Change GNOME3 Screensaver Lock After Idle Period'
  
+@@ -39,7 +39,7 @@ references:
+     srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
+     stigid@ol7: OL07-00-010062
+     stigid@rhel7: RHEL-07-010062
+-    stigid@rhel8: RHEL-08-020082
++    stigid@almalinux8: RHEL-08-020082
+ 
+ ocil_clause: 'screensaver locking is not locked'
+ 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
-index 4dbe2b3c..7313b6bc 100644
+index 4dbe2b3c8..7313b6bcd 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -23167,19 +25006,19 @@ index 4dbe2b3c..7313b6bc 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
-index 4ac56470..d16064f2 100644
+index 95dc7bc27..656992e00 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Implement Blank Screensaver'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
-index 606e00c5..792db4ca 100644
+index 606e00c5f..792db4ca4 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -23189,7 +25028,7 @@ index 606e00c5..792db4ca 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
-index 9f86c7ed..556d1227 100644
+index 9f86c7ede..556d12272 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
 @@ -1,6 +1,6 @@
@@ -23201,7 +25040,7 @@ index 9f86c7ed..556d1227 100644
  title: 'Disable Full User Name on Splash Shield'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
-index ed7d9884..a41cb715 100644
+index ed7d98843..a41cb7151 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -23211,7 +25050,7 @@ index ed7d9884..a41cb715 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
-index d0173ce6..66020289 100644
+index 5b2580d5a..6667c422c 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
 @@ -1,6 +1,6 @@
@@ -23222,8 +25061,17 @@ index d0173ce6..66020289 100644
  
  title: 'Ensure Users Cannot Change GNOME3 Screensaver Settings'
  
+@@ -42,7 +42,7 @@ references:
+     stigid@ol7: OL07-00-010081
+     stigid@ol8: OL08-00-020080
+     stigid@rhel7: RHEL-07-010081
+-    stigid@rhel8: RHEL-08-020080
++    stigid@almalinux8: RHEL-08-020080
+ 
+ ocil_clause: 'GNOME3 session settings are not locked or configured properly'
+ 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
-index aae97c96..18c7ec75 100644
+index aae97c962..18c7ec75f 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -23233,19 +25081,28 @@ index aae97c96..18c7ec75 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
-index cbe3e082..5d4750c7 100644
+index d28caa117..754d40d52 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Ensure Users Cannot Change GNOME3 Session Idle Settings'
  
+@@ -45,7 +45,7 @@ references:
+     stigid@ol7: OL07-00-010082
+     stigid@ol8: OL08-00-020081
+     stigid@rhel7: RHEL-07-010082
+-    stigid@rhel8: RHEL-08-020081
++    stigid@almalinux8: RHEL-08-020081
+ 
+ ocil_clause: 'idle-delay is not locked'
+ 
 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
-index 76181547..eb340cb5 100644
+index 76181547b..eb340cb5b 100644
 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -23255,14 +25112,14 @@ index 76181547..eb340cb5 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
-index 818e00cb..681d5e7d 100644
+index 1f04e0af0..9ca43d03a 100644
 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Disable Ctrl-Alt-Del Reboot Key Sequence in GNOME3'
  
@@ -23276,29 +25133,29 @@ index 818e00cb..681d5e7d 100644
  
  ocil_clause: 'GNOME3 is configured to reboot when Ctrl-Alt-Del is pressed'
 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
-index 71f1ed93..19e07ca5 100644
+index fa4f578ef..f0d0708d1 100644
 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
  # reboot = false
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml
-index 051d4f13..b9def751 100644
+index faa389c25..d0e22b414 100644
 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhel9
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Disable Geolocation in GNOME3'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_power_settings/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_power_settings/rule.yml
-index 7a2e35b8..8d2debf7 100644
+index 7a2e35b8f..8d2debf74 100644
 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_power_settings/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_power_settings/rule.yml
 @@ -1,6 +1,6 @@
@@ -23310,7 +25167,7 @@ index 7a2e35b8..8d2debf7 100644
  title: 'Disable Power Settings in GNOME3'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml
-index 592f8558..664c876c 100644
+index 592f85584..664c876cb 100644
 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml
 @@ -1,6 +1,6 @@
@@ -23322,7 +25179,7 @@ index 592f8558..664c876c 100644
  title: 'Disable User Administration in GNOME3'
  
 diff --git a/linux_os/guide/system/software/gnome/group.yml b/linux_os/guide/system/software/gnome/group.yml
-index 27b2e8e2..b93c5bcf 100644
+index 6a2233156..a2c2b6983 100644
 --- a/linux_os/guide/system/software/gnome/group.yml
 +++ b/linux_os/guide/system/software/gnome/group.yml
 @@ -12,7 +12,7 @@ description: |-
@@ -23335,31 +25192,31 @@ index 27b2e8e2..b93c5bcf 100644
      


      For more information on GNOME and the GNOME Project, see {{{ weblink(link="https://www.gnome.org") }}}.
 diff --git a/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml b/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml
-index 65a915de..e6a694e9 100644
+index e2aeef7c1..8b682d45e 100644
 --- a/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml
 +++ b/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhel9,rhv4,ubuntu2004
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004
+-prodtype: fedora,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
++prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,ubuntu2204
  
  title: 'Remove the GDM Package Group'
  
 diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
-index d27f6bf0..2198a8a4 100644
+index fdafdbfa1..f7f8ec6b3 100644
 --- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
 +++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,wrlinux1019,wrlinux8
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,wrlinux1019,wrlinux8
+-prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
++prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
  
  title: 'The Installed Operating System Is FIPS 140-2 Certified'
  
 diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
-index 931be7e8..17fe400d 100644
+index 16c3847ad..73477c511 100644
 --- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
 +++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
 @@ -4,6 +4,7 @@
@@ -23369,16 +25226,16 @@ index 931be7e8..17fe400d 100644
 +      
        
        
-       
+       
 diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
-index 61ec677f..ae972fd5 100644
+index 1a6b2c7a7..ce11e0485 100644
 --- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
 +++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'The Installed Operating System Is Vendor Supported'
  
@@ -23401,24 +25258,15 @@ index 61ec677f..ae972fd5 100644
      stigid@sle12: SLES-12-010000
      stigid@sle15: SLES-15-010000
  
-@@ -62,6 +65,8 @@ ocil: |-
-     
$ grep -i "red hat" /etc/redhat-release

- {{% elif product in ["ol7", "ol8"] %}}
-     
$ grep -i "oracle" /etc/oracle-release

-+{{% elif product in ["almalinux8"] %}}
-+    
$ grep -i "almalinux" /etc/almalinux-release

- {{% elif product in ["sle12", "sle15"] %}}
-     
$ grep -i "suse" /etc/os-release

- {{% endif %}}
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
-index 0b5d756b..07225621 100644
+index 03e830776..a29b70775 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4
+-prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,uos20
++prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4,uos20
  
  title: 'Configure BIND to use System Crypto Policy'
  
@@ -23432,77 +25280,88 @@ index 0b5d756b..07225621 100644
  ocil_clause: |-
      BIND is installed and the BIND config file doesn't contain the
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
-index 2c9316c3..ff0480eb 100644
+index c7385d2c3..637496acd 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = bind
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  
  BIND_CONF='/etc/named.conf'
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh
-index eeee56ba..ef03fc9a 100644
+index 06307a5c9..490ca4bbe 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  yum remove -y bind || true
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh
-index 98b91d69..b647f75c 100644
+index 4f9c749eb..46fcc4703 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh
 @@ -1,7 +1,7 @@
  #!/bin/bash
  # packages = bind
  # 
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # We don't remediate anything if the config file is missing completely.
  # remediation = none
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh
-index 6218d35e..ea8f9062 100644
+index 34a32a73b..d8e25d681 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = bind
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  BIND_CONF='/etc/named.conf'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh
-index 1efeb70a..1be51e61 100644
+index 290e5fb07..e32e0a312 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = bind
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  
  BIND_CONF='/etc/named.conf'
+diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml
+index dd096ab41..b180ed3b3 100644
+--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml
++++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ # reboot = true
+ # strategy = restrict
+ # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
-index 393e7210..195d74a8 100644
+index e3b95bc95..35e81cc7b 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle15,uos20
++prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle15,uos20
  
  title: 'Configure System Cryptography Policy'
  
-@@ -68,7 +68,7 @@ references:
+@@ -70,7 +70,7 @@ references:
      ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1
      srg: SRG-OS-000396-GPOS-00176,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174
      stigid@ol8: OL08-00-010020
@@ -23511,158 +25370,158 @@ index 393e7210..195d74a8 100644
  
  ocil_clause: 'cryptographic policy is not configured or is configured incorrectly'
  
+diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
+index 053093a64..b7e1ee47a 100644
+--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
++++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis,xccdf_org.ssgproject.content_profile_cis_workstation_l2
+ # packages = crypto-policies-scripts
+ 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
-index efc1cab4..7e7ff6e1 100644
+index b607202c5..621420882 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # packages = crypto-policies-scripts
  
  # IMPORTANT: This is a false negative scenario.
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
-index 46d8e341..3e58358f 100644
+index e5b598342..539ea8f3c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # packages = crypto-policies-scripts
  
  update-crypto-policies --set "DEFAULT"
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
-index a18ad25b..c7a3c469 100644
+index 7be3c82f3..776f79f4c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
-index 04527eb2..7adf3b61 100644
+index 261dc3f96..e6a2f5d0e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
-index 8864a8cd..6597c501 100644
+index 356aa3ffe..05dd9be57 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
-index 33719ca9..9de20e3c 100644
+index 06bd713dd..8de885e50 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
-index 6e53c39d..307cfba9 100644
+index 56a081eca..a5383733b 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
-index 1cb6ea49..2a5dc207 100644
+index 10cb25593..55f128c10 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_cis_server_l1,xccdf_org.ssgproject.content_profile_cis_workstation_l1
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
-index 51d35ff9..96db9dda 100644
+index a2107d146..b6d9804d2 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_e8
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
-index 053c5c1a..eafa80bc 100644
+index b06e035fa..679e23ee7 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
-index 07cbb3f6..ae916f02 100644
+index 6679f94bd..f2246ba0c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
-diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
-index 99d975bc..125e4ce2 100644
---- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis,xccdf_org.ssgproject.content_profile_cis_workstation_l2
- # packages = crypto-policies-scripts
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
-index fc7aeeae..3e831ed3 100644
+index 9461c3ddd..5b5b06ac9 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
-index a044c5e9..e94e13fe 100644
+index 12ca11e55..92ec0ac36 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8
-+prodtype: fedora,ol8,rhel8,almalinux8
+-prodtype: fedora,ol8,rhel8,rhel9
++prodtype: fedora,ol8,rhel8,almalinux8,rhel9
  
  title: 'Configure GnuTLS library to use DoD-approved TLS Encryption'
  
@@ -23676,58 +25535,58 @@ index a044c5e9..e94e13fe 100644
  ocil_clause: 'cryptographic policy for gnutls is not configured or is configured incorrectly'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/correct.pass.sh
-index 3c964c53..52245efc 100644
+index 79d8682d3..5b928e18e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/correct.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  configfile=/etc/crypto-policies/back-ends/gnutls.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/empty_policy.fail.sh
-index 5c006cec..dfde03fb 100644
+index 3084ec761..a783dddd5 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/empty_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/empty_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  configfile=/etc/crypto-policies/back-ends/gnutls.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/incorrect_policy.fail.sh
-index 7a82fe62..b51aacb7 100644
+index bfaadc713..0ec5bad41 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/incorrect_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/incorrect_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  configfile=/etc/crypto-policies/back-ends/gnutls.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/missing_file.fail.sh
-index ad39b47d..e4ca9f99 100644
+index 3776d35aa..8710aef51 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/missing_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/tests/missing_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  configfile=/etc/crypto-policies/back-ends/gnutls.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
-index f1a839f1..b0ef8c66 100644
+index 3a2df056e..be08ff6f8 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4
+-prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,uos20
++prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4,uos20
  
  title: 'Configure Kerberos to use System Crypto Policy'
  
@@ -23741,130 +25600,130 @@ index f1a839f1..b0ef8c66 100644
  ocil_clause: 'the symlink does not exist or points to a different target'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
-index 677aa91c..3bcda12d 100644
+index 4834387dc..1d404fe6e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  rm -f /etc/krb5.conf.d/crypto-policies
  ln -s /etc/crypto-policies/back-ends/krb5.config /etc/krb5.conf.d/crypto-policies
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh
-index 2c0cb3be..f73e155e 100644
+index 97ccc0590..e3fdc77d5 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  rm -f /etc/krb5.conf.d/crypto-policies
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh
-index 842fb7b4..99563741 100644
+index 4eb5348f2..9047445c5 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  rm -f /etc/krb5.conf.d/crypto-policies
  ln -s /etc/crypto-policies/back-ends/openssh.config /etc/krb5.conf.d/crypto-policies
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
-index 783b2f84..f8fe132b 100644
+index 5fe513be6..de105c307 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle12,sle15,uos20
++prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
  
  title: 'Configure Libreswan to use System Crypto Policy'
  
-@@ -34,7 +34,7 @@ references:
-     ospp: FCS_IPSEC_EXT.1.4,FCS_IPSEC_EXT.1.6
+@@ -36,7 +36,7 @@ references:
+     pcidss: Req-2.2
      srg: SRG-OS-000033-GPOS-00014
      stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
  
  ocil_clause: |-
-     Libreswan is installed and /etc/ipsec.conf does not contain include /etc/crypto-policies/back-ends/libreswan.config
+     the "IPsec" service is active and the ipsec configuration file does not contain does not contain include /etc/crypto-policies/back-ends/libreswan.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
-index 32a820e0..c7a7793a 100644
+index a1a66e747..a4775c4ba 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  yum remove -y libreswan || true
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh
-index dda7430c..c45d1fa4 100644
+index 439da4978..8dee7191b 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = libreswan
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  
  cp ipsec.conf /etc
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh
-index c74f70dc..a58740ee 100644
+index fbc8f1001..722f09cd0 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = libreswan
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  
  cp ipsec.conf /etc
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh
-index a8f9df03..89803c89 100644
+index 70f822342..98e1d34eb 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = libreswan
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  
  cp ipsec.conf /etc
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh
-index 1ef57ed1..804d7dd7 100644
+index 2863c6102..aeeddb9a1 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = libreswan
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  
  cp ipsec.conf /etc
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
-index eee83810..1928dd4c 100644
+index f914174f3..5d695d949 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle12,sle15,uos20
++prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
  
  title: 'Configure OpenSSL library to use System Crypto Policy'
  
-@@ -31,7 +31,7 @@ references:
-     nist: AC-17(a),AC-17(2),CM-6(a),MA-4(6),SC-13,SC-12(2),SC-12(3)
+@@ -45,7 +45,7 @@ references:
+     pcidss: Req-2.2
      srg: SRG-OS-000250-GPOS-00093
      stigid@ol8: OL08-00-010293
 -    stigid@rhel8: RHEL-08-010293
@@ -23872,65 +25731,76 @@ index eee83810..1928dd4c 100644
  
  ocil_clause: |-
      the OpenSSL config file doesn't contain the whole section,
+diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
+index 8ccb6cef9..306b29698 100644
+--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
++++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ . common.sh
+ 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh
-index e424e796..abff84c2 100644
+index edeca90f0..1d8175d82 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_sle
  
  . common.sh
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh
-index 2c1ad0db..00112ea7 100644
+index 8c509ef32..6cd8e06da 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_sle
  
  . common.sh
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh
-index d758cdb2..32d98127 100644
+index 1c9342e23..00fb77fb1 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_sle
  
  . common.sh
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh
-index 7f0c394f..653de38d 100644
+index 1b2ea8d80..7795d5a96 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_sle
  
  . common.sh
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
-index e6bc7fef..d1f09ce8 100644
+index 767481d1e..4787a7307 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhel8,rhel9
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Configure OpenSSL library to use TLS Encryption'
  
-@@ -29,7 +29,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist: AC-17(2)
-     srg: SRG-OS-000250-GPOS-00093
+     srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174
      stigid@ol8: OL08-00-010294
 -    stigid@rhel8: RHEL-08-010294
 +    stigid@almalinux8: RHEL-08-010294
@@ -23938,153 +25808,165 @@ index e6bc7fef..d1f09ce8 100644
  ocil_clause: 'cryptographic policy for openssl is not configured or is configured incorrectly'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct.pass.sh
-index 13513cb4..60ddb8a9 100644
+index 48ccb9b98..80b0cdbbc 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_commented.fail.sh
-index 96d8ce78..78e4ae08 100644
+index 8d84292b3..05fcc9167 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_commented.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_followed_by_incorrect.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
-index 8be710e2..1b609a09 100644
+index 3a17e7865..cff7622e9 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/empty_policy.fail.sh
-index 04409d51..76c29e61 100644
+index 209a6bd40..2330ede55 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/empty_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/empty_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_followed_by_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
-index ae4f3c0c..a44d71a7 100644
+index 5e1d80849..031596e6f 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_policy.fail.sh
-index fe410552..e1184893 100644
+index a8fb8a6b8..34b4b351d 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/missing_file.fail.sh
-index 7a3b7c32..0eddf01d 100644
+index 1593ce8ae..e42f42388 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/missing_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/missing_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
-index 60b0ce0e..72ef3ef8 100644
+index 0902a5011..2249bceb0 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle12,sle15,uos20
++prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
  
  title: 'Configure SSH to use System Crypto Policy'
  
-@@ -30,7 +30,7 @@ references:
-     nist: AC-17(a),AC-17(2),CM-6(a),MA-4(6),SC-13
+@@ -35,7 +35,7 @@ references:
+     pcidss: Req-2.2
      srg: SRG-OS-000250-GPOS-00093
-     stigid@ol8: OL08-00-010020
+     stigid@ol8: OL08-00-010287
 -    stigid@rhel8: RHEL-08-010287
 +    stigid@almalinux8: RHEL-08-010287
  
- ocil_clause: 'the CRYPTO_POLICY variable is not set or is commented in the /etc/sysconfig/sshd'
+ ocil_clause: 'the CRYPTO_POLICY variable is set or is not commented out in the /etc/sysconfig/sshd'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
-index 0076833e..98facaf0 100644
+index 96ae6a064..399d9d334 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  #
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ SSH_CONF="/etc/sysconfig/sshd"
+ 
+diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh
+index 6ab33f749..b0c449c19 100644
+--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh
++++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ #
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  SSH_CONF="/etc/sysconfig/sshd"
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh
-index da414e21..a95c2912 100644
+index bcea9badc..bc91e59e7 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  #
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  SSH_CONF="/etc/sysconfig/sshd"
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh
-index 1e8762ff..a05ff03d 100644
+index ea6d23ee1..f4a5a4954 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  #
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  SSH_CONF="/etc/sysconfig/sshd"
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh
-index d3e1eb9e..e6900a3b 100644
+index a6e7c89da..56fa0013a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  #
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  
  SSH_CONF="/etc/sysconfig/sshd"
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/ansible/shared.yml
-index d530f4b7..b5fdd0b2 100644
+index d530f4b76..b5fdd0b2b 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -24094,7 +25976,7 @@ index d530f4b7..b5fdd0b2 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/bash/shared.sh
-index cd7c4fb6..1deb135a 100644
+index cd7c4fb6c..1deb135a3 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -24104,7 +25986,7 @@ index cd7c4fb6..1deb135a 100644
  cp="Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256"
  file="/etc/crypto-policies/local.d/opensslcnf-ospp.config"
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml
-index 067adc6a..eb5225df 100644
+index 067adc6a5..eb5225df9 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
@@ -24116,7 +25998,7 @@ index 067adc6a..eb5225df 100644
  title: 'Harden OpenSSL Crypto Policy'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct.pass.sh
-index 0debb6c7..f7e5d921 100644
+index 0debb6c70..f7e5d9219 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct.pass.sh
 @@ -1,5 +1,5 @@
@@ -24127,7 +26009,7 @@ index 0debb6c7..f7e5d921 100644
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_commented.fail.sh
-index b1f745b6..2925fc55 100644
+index b1f745b69..2925fc550 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_commented.fail.sh
 @@ -1,5 +1,5 @@
@@ -24138,7 +26020,7 @@ index b1f745b6..2925fc55 100644
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_followed_by_incorrect.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
-index a01e5d13..ecd34e6f 100644
+index a01e5d137..ecd34e6ff 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
 @@ -1,5 +1,5 @@
@@ -24149,7 +26031,7 @@ index a01e5d13..ecd34e6f 100644
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/empty_policy.fail.sh
-index d6fa6598..f33cb317 100644
+index d6fa6598a..f33cb3177 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/empty_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/empty_policy.fail.sh
 @@ -1,5 +1,5 @@
@@ -24160,7 +26042,7 @@ index d6fa6598..f33cb317 100644
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_followed_by_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
-index 573375dc..52fe8501 100644
+index 573375dce..52fe85013 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
 @@ -1,5 +1,5 @@
@@ -24171,7 +26053,7 @@ index 573375dc..52fe8501 100644
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_policy.fail.sh
-index eecad423..cd8e604c 100644
+index eecad423a..cd8e604cd 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/incorrect_policy.fail.sh
 @@ -1,5 +1,5 @@
@@ -24182,7 +26064,7 @@ index eecad423..cd8e604c 100644
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/missing_file.fail.sh
-index 7a3b7c32..0eddf01d 100644
+index 7a3b7c32e..0eddf01d5 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/missing_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/tests/missing_file.fail.sh
 @@ -1,5 +1,5 @@
@@ -24193,7 +26075,7 @@ index 7a3b7c32..0eddf01d 100644
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_cipher.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_cipher.fail.sh
-index 17bf0e67..c633df0b 100644
+index 17bf0e679..c633df0b2 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_cipher.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_cipher.fail.sh
 @@ -1,5 +1,5 @@
@@ -24204,7 +26086,7 @@ index 17bf0e67..c633df0b 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_gssapi.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_gssapi.fail.sh
-index 9b8e954f..8edf32e2 100644
+index 9b8e954f2..8edf32e22 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_gssapi.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_gssapi.fail.sh
 @@ -1,5 +1,5 @@
@@ -24215,7 +26097,7 @@ index 9b8e954f..8edf32e2 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_kex.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_kex.fail.sh
-index 63538daa..3e042aa8 100644
+index 63538daac..3e042aa8c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_kex.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_kex.fail.sh
 @@ -1,5 +1,5 @@
@@ -24226,7 +26108,7 @@ index 63538daa..3e042aa8 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_macs.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_macs.fail.sh
-index 4460f191..bcab9c7f 100644
+index 4460f1910..bcab9c7fc 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_macs.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_macs.fail.sh
 @@ -1,5 +1,5 @@
@@ -24237,7 +26119,7 @@ index 4460f191..bcab9c7f 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_match.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_match.fail.sh
-index 7c54b424..9e490182 100644
+index 7c54b4244..9e4901824 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_match.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_match.fail.sh
 @@ -1,5 +1,5 @@
@@ -24248,7 +26130,7 @@ index 7c54b424..9e490182 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "#Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_pubkey.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_pubkey.fail.sh
-index 9da3614e..3f045e64 100644
+index 9da3614e8..3f045e64a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_pubkey.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_pubkey.fail.sh
 @@ -1,5 +1,5 @@
@@ -24259,7 +26141,7 @@ index 9da3614e..3f045e64 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_rekey.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_rekey.fail.sh
-index 3c198dd3..d264cb91 100644
+index 3c198dd33..d264cb914 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_rekey.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/commented_rekey.fail.sh
 @@ -1,5 +1,5 @@
@@ -24270,7 +26152,7 @@ index 3c198dd3..d264cb91 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/config_before_match_all.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/config_before_match_all.fail.sh
-index 05bccf0f..2913e604 100644
+index 05bccf0f0..2913e604e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/config_before_match_all.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/config_before_match_all.fail.sh
 @@ -1,5 +1,5 @@
@@ -24281,7 +26163,7 @@ index 05bccf0f..2913e604 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Ciphers aes256-ctr,aes256-cbc,aes128-ctr,aes128-cbc\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/correct.pass.sh
-index 7a7b44aa..6c8973d3 100644
+index 7a7b44aa6..6c8973d32 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/correct.pass.sh
 @@ -1,5 +1,5 @@
@@ -24292,7 +26174,7 @@ index 7a7b44aa..6c8973d3 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing.fail.sh
-index 352c0920..fe139103 100644
+index 352c09202..fe1391030 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing.fail.sh
 @@ -1,5 +1,5 @@
@@ -24303,7 +26185,7 @@ index 352c0920..fe139103 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  rm -f "$file"
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_ciphers.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_ciphers.fail.sh
-index 7e433ef0..bc80daa1 100644
+index 7e433ef02..bc80daa1e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_ciphers.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_ciphers.fail.sh
 @@ -1,5 +1,5 @@
@@ -24314,7 +26196,7 @@ index 7e433ef0..bc80daa1 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_gssapi.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_gssapi.fail.sh
-index 5b9c44d1..e8e69c07 100644
+index 5b9c44d10..e8e69c071 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_gssapi.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_gssapi.fail.sh
 @@ -1,5 +1,5 @@
@@ -24325,7 +26207,7 @@ index 5b9c44d1..e8e69c07 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_kex.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_kex.fail.sh
-index 40957c0f..5127c281 100644
+index 40957c0fc..5127c2810 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_kex.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_kex.fail.sh
 @@ -1,5 +1,5 @@
@@ -24336,7 +26218,7 @@ index 40957c0f..5127c281 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_macs.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_macs.fail.sh
-index ec44ce92..0975f5fe 100644
+index ec44ce925..0975f5fea 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_macs.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_macs.fail.sh
 @@ -1,5 +1,5 @@
@@ -24347,7 +26229,7 @@ index ec44ce92..0975f5fe 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_match.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_match.fail.sh
-index 1310f724..15133197 100644
+index 1310f724a..151331971 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_match.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_match.fail.sh
 @@ -1,5 +1,5 @@
@@ -24358,7 +26240,7 @@ index 1310f724..15133197 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "RekeyLimit 512M 1h\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_pubkey.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_pubkey.fail.sh
-index d4ec1fe7..92a5a459 100644
+index d4ec1fe7a..92a5a4592 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_pubkey.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_pubkey.fail.sh
 @@ -1,5 +1,5 @@
@@ -24369,7 +26251,7 @@ index d4ec1fe7..92a5a459 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_rekey.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_rekey.fail.sh
-index 91976a67..ca683377 100644
+index 91976a672..ca683377e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_rekey.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/missing_rekey.fail.sh
 @@ -1,5 +1,5 @@
@@ -24380,7 +26262,7 @@ index 91976a67..ca683377 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.fail.sh
-index 259cf23a..a20d9284 100644
+index 259cf23a8..a20d92846 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.fail.sh
 @@ -1,5 +1,5 @@
@@ -24391,7 +26273,7 @@ index 259cf23a..a20d9284 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.pass.sh
-index c933ac99..c54c8242 100644
+index c933ac991..c54c8242c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/redefined_gssapi.pass.sh
 @@ -1,5 +1,5 @@
@@ -24402,7 +26284,7 @@ index c933ac99..c54c8242 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_cipher.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_cipher.fail.sh
-index 7ff44b61..156ce61c 100644
+index 7ff44b61f..156ce61c7 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_cipher.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_cipher.fail.sh
 @@ -1,5 +1,5 @@
@@ -24413,7 +26295,7 @@ index 7ff44b61..156ce61c 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_kex.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_kex.fail.sh
-index 24e709ea..9689bc39 100644
+index 24e709eae..9689bc392 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_kex.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_kex.fail.sh
 @@ -1,5 +1,5 @@
@@ -24424,7 +26306,7 @@ index 24e709ea..9689bc39 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_macs.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_macs.fail.sh
-index a25f9a30..ce8219f3 100644
+index a25f9a304..ce8219f3f 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_macs.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_macs.fail.sh
 @@ -1,5 +1,5 @@
@@ -24435,7 +26317,7 @@ index a25f9a30..ce8219f3 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_pubkey.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_pubkey.fail.sh
-index 269d73db..c1c74c14 100644
+index 269d73db7..c1c74c14e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_pubkey.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/supercompliant_pubkey.fail.sh
 @@ -1,5 +1,5 @@
@@ -24446,7 +26328,7 @@ index 269d73db..c1c74c14 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_ciphers.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_ciphers.fail.sh
-index 2f7ca269..2710f6ec 100644
+index 2f7ca2692..2710f6ec6 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_ciphers.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_ciphers.fail.sh
 @@ -1,5 +1,5 @@
@@ -24457,7 +26339,7 @@ index 2f7ca269..2710f6ec 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_kex.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_kex.fail.sh
-index 77ea3eaa..c0c59c20 100644
+index 77ea3eaa6..c0c59c20e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_kex.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_kex.fail.sh
 @@ -1,5 +1,5 @@
@@ -24468,7 +26350,7 @@ index 77ea3eaa..c0c59c20 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_macs.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_macs.fail.sh
-index 3e1a9f78..e9a3d380 100644
+index 3e1a9f78d..e9a3d3806 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_macs.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_macs.fail.sh
 @@ -1,5 +1,5 @@
@@ -24479,7 +26361,7 @@ index 3e1a9f78..e9a3d380 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_pubkey.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_pubkey.fail.sh
-index b6ff5881..5198a648 100644
+index b6ff5881d..5198a6486 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_pubkey.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/tests/wrong_pubkey.fail.sh
 @@ -1,5 +1,5 @@
@@ -24490,7 +26372,7 @@ index b6ff5881..5198a648 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml
-index 0a74e07c..11263cbb 100644
+index 0a74e07c8..11263cbbe 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -24500,7 +26382,7 @@ index 0a74e07c..11263cbb 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/bash/shared.sh
-index 6db8f965..2f017299 100644
+index 6db8f9654..2f0172991 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -24510,20 +26392,20 @@ index 6db8f965..2f017299 100644
  {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
-index a58e0d83..12ab4eb6 100644
+index 00bbcf955..185a604c4 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Configure SSH Client to Use FIPS 140-2 Validated Ciphers: openssh.config'
  
 @@ -32,7 +32,7 @@ references:
      nist: AC-17(2)
-     srg: SRG-OS-000250-GPOS-00093
+     srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000423-GPOS-00187
      stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
@@ -24531,95 +26413,95 @@ index a58e0d83..12ab4eb6 100644
  ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
-index 0a27a7e0..9d1613f3 100644
+index 0bf0e7eef..9521cde55 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
-index 5cadd95b..ef215bad 100644
+index 47afc638c..e3f898028 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
-index 26220063..ccb19599 100644
+index fc068d8f2..06dd7f45f 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
-index 55ef3f58..b379631a 100644
+index 32d81d353..f2a71b8a4 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
-index 7105441a..ab012d8a 100644
+index d7e16d6bf..e0a234147 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
-index 6ad1f4fd..6f73c2b6 100644
+index 20e9fe1d2..6833b5d94 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
-index 92bd4ed9..df4b63d7 100644
+index 5f74ce16c..4eb372c51 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  incorrect_sshd_approved_ciphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
-index 2138caad..50b1b349 100644
+index 4f335aebc..73c481b02 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
-index e83aeb89..f64e72e6 100644
+index e83aeb894..f64e72e60 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -24629,7 +26511,7 @@ index e83aeb89..f64e72e6 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh
-index 14d764ca..49e23f8c 100644
+index 14d764ca8..49e23f8c7 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -24639,20 +26521,20 @@ index 14d764ca..49e23f8c 100644
  {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
-index 92ac6468..cb6f28c6 100644
+index c4edc79bf..3462c42d7 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhel8,rhel9
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Configure SSH Server to Use FIPS 140-2 Validated Ciphers: opensshserver.config'
  
 @@ -32,7 +32,7 @@ references:
      nist: AC-17(2)
-     srg: SRG-OS-000250-GPOS-00093
+     srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093
      stigid@ol8: OL08-00-010291
 -    stigid@rhel8: RHEL-08-010291
 +    stigid@almalinux8: RHEL-08-010291
@@ -24660,51 +26542,51 @@ index 92ac6468..cb6f28c6 100644
  ocil_clause: 'Crypto Policy for OpenSSH Server is not configured correctly'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
-index 1a8911d5..fff3b756 100644
+index c84e0c157..d4c2b9ba7 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
-index 3dde1479..3c0b9110 100644
+index 66483e898..fae4417ec 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
-index f97f54db..a8d0ef50 100644
+index e350ce5f0..0a9a9f01a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
-index 11e596ce..b2301c45 100644
+index 11b194db0..09699474f 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/bash/shared.sh
-index 7a9a2a5e..25cf3fd3 100644
+index 7a9a2a5e9..25cf3fd35 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -24714,7 +26596,7 @@ index 7a9a2a5e..25cf3fd3 100644
  cp="CRYPTO_POLICY='-oCiphers=aes256-ctr,aes128-ctr,aes256-cbc,aes128-cbc -oMACs=hmac-sha2-512,hmac-sha2-256 -oGSSAPIKeyExchange=no -oKexAlgorithms=ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha1 -oHostKeyAlgorithms=ssh-rsa,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256 -oPubkeyAcceptedKeyTypes=rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256'"
  file=/etc/crypto-policies/local.d/opensshserver-ospp.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml
-index 0c438c31..f5067892 100644
+index 0c438c313..f5067892f 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
@@ -24726,7 +26608,7 @@ index 0c438c31..f5067892 100644
  title: 'Harden SSHD Crypto Policy'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct.pass.sh
-index d0541b7a..e3f47684 100644
+index d0541b7ab..e3f476840 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct.pass.sh
 @@ -1,5 +1,5 @@
@@ -24737,7 +26619,7 @@ index d0541b7a..e3f47684 100644
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_commented.fail.sh
-index 44434606..503b9d3c 100644
+index 44434606d..503b9d3c8 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_commented.fail.sh
 @@ -1,5 +1,5 @@
@@ -24748,7 +26630,7 @@ index 44434606..503b9d3c 100644
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_followed_by_incorrect.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
-index a9222766..60b7a02f 100644
+index a92227669..60b7a02f9 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
 @@ -1,5 +1,5 @@
@@ -24759,7 +26641,7 @@ index a9222766..60b7a02f 100644
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_file.fail.sh
-index b1e285f9..c2bd5f7b 100644
+index b1e285f9b..c2bd5f7bc 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_file.fail.sh
 @@ -1,5 +1,5 @@
@@ -24770,7 +26652,7 @@ index b1e285f9..c2bd5f7b 100644
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_policy.fail.sh
-index 754195e4..37165976 100644
+index 754195e43..371659769 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/empty_policy.fail.sh
 @@ -1,5 +1,5 @@
@@ -24781,7 +26663,7 @@ index 754195e4..37165976 100644
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_followed_by_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
-index 8bf264dc..4a1bb0ce 100644
+index 8bf264dcd..4a1bb0cec 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
 @@ -1,5 +1,5 @@
@@ -24792,7 +26674,7 @@ index 8bf264dc..4a1bb0ce 100644
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_policy.fail.sh
-index a7634669..a3d5a1af 100644
+index a76346699..a3d5a1af0 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/incorrect_policy.fail.sh
 @@ -1,5 +1,5 @@
@@ -24803,7 +26685,7 @@ index a7634669..a3d5a1af 100644
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/missing_file.fail.sh
-index 1928d2cf..6914ed91 100644
+index 1928d2cfe..6914ed91d 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/missing_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/tests/missing_file.fail.sh
 @@ -1,5 +1,5 @@
@@ -24814,7 +26696,7 @@ index 1928d2cf..6914ed91 100644
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/ansible/shared.yml
-index c1ea94ce..39eadbef 100644
+index c1ea94ce0..39eadbefe 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -24824,7 +26706,7 @@ index c1ea94ce..39eadbef 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/bash/shared.sh
-index 451da4db..5d373e6b 100644
+index 451da4db3..5d373e6b9 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -24834,116 +26716,116 @@ index 451da4db..5d373e6b 100644
  {{{ bash_instantiate_variables("sshd_approved_macs") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
-index 193587a8..055d5b10 100644
+index 8736e39af..141aba5bd 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel8,rhel9
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Configure SSH Client to Use FIPS 140-2 Validated MACs: openssh.config'
  
 @@ -30,7 +30,7 @@ references:
      nist: AC-17(2)
-     srg: SRG-OS-000250-GPOS-00093
-     stigid@ol8: OL08-00-010020
+     srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093
+     stigid@ol8: OL08-00-010290
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
  
  ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
-index 5a4b6887..2211658c 100644
+index 6edae5092..404e30be1 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  sshd_approved_macs=hmac-sha2-512,hmac-sha2-256
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
-index e713d254..2ee92db0 100644
+index 0fec46a5c..a8e2c30de 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  sshd_approved_macs=hmac-sha2-512,hmac-sha2-256
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
-index b8a63bec..1bed4c1e 100644
+index 95bf94331..12a1ab332 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  sshd_approved_macs=hmac-sha2-512,hmac-sha2-256
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
-index 55ef3f58..b379631a 100644
+index 32d81d353..f2a71b8a4 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
-index 9980a456..c46aa761 100644
+index be78ed116..7fd821a4d 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
-index d1303d60..7a90058d 100644
+index 4af43d60e..9c83bffbe 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  sshd_approved_macs=hmac-sha2-512,hmac-sha2-256
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
-index 8b21af46..93a148d1 100644
+index 0114a63ab..0666082d0 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
-index 2138caad..50b1b349 100644
+index 4f335aebc..73c481b02 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml
-index 6a0e4594..3ce06096 100644
+index 6a0e45947..3ce060968 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -24953,7 +26835,7 @@ index 6a0e4594..3ce06096 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh
-index a06ffc2d..6b4a4f76 100644
+index a06ffc2d7..6b4a4f76c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -24963,20 +26845,20 @@ index a06ffc2d..6b4a4f76 100644
  {{{ bash_instantiate_variables("sshd_approved_macs") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
-index a8a3e37b..f0a09be9 100644
+index ad52c2a4e..a32f9eda4 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhel8,rhel9
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Configure SSH Server to Use FIPS 140-2 Validated MACs: opensshserver.config'
  
 @@ -30,7 +30,7 @@ references:
      nist: AC-17(2)
-     srg: SRG-OS-000250-GPOS-00093
+     srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093
      stigid@ol8: OL08-00-010290
 -    stigid@rhel8: RHEL-08-010290
 +    stigid@almalinux8: RHEL-08-010290
@@ -24984,51 +26866,51 @@ index a8a3e37b..f0a09be9 100644
  ocil_clause: 'Crypto Policy for OpenSSH Server is not configured correctly'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
-index 14da9221..59606fb0 100644
+index e936d1979..b7e09e53a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_correct.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  sshd_approved_macs=hmac-sha2-512,hmac-sha2-256
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
-index 3dde1479..3c0b9110 100644
+index 66483e898..fae4417ec 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_empty_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
-index a50a0fc0..027fcba0 100644
+index ea4032290..a4a765c89 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_incorrect_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
-index 11e596ce..b2301c45 100644
+index 11b194db0..09699474f 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel8_stig_missing_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  # profiles = xccdf_org.ssgproject.content_profile_stig
  
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/bash/shared.sh
-index beec02c9..878ed4ce 100644
+index beec02c93..878ed4ced 100644
 --- a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -25038,7 +26920,7 @@ index beec02c9..878ed4ce 100644
  cat > /etc/profile.d/openssl-rand.sh <<- 'EOM'
  {{{ openssl_strong_entropy_config_file() }}}
 diff --git a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/rule.yml b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/rule.yml
-index ccd4752c..1e51025c 100644
+index ccd4752c1..1e51025ca 100644
 --- a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/rule.yml
 @@ -1,7 +1,7 @@
@@ -25051,84 +26933,60 @@ index ccd4752c..1e51025c 100644
  title: 'OpenSSL uses strong entropy source'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/correct.pass.sh
-index 6becf987..3f1fd277 100644
+index e7902ee46..a8026607d 100644
 --- a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/correct.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  cat > /etc/profile.d/openssl-rand.sh <<- 'EOM'
  # provide a default -rand /dev/random option to openssl commands that
 diff --git a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_missing.fail.sh b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_missing.fail.sh
-index 72b7daab..f4236e6b 100644
+index cddf984f1..b89f77662 100644
 --- a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_missing.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_missing.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  rm -f /etc/profile.d/openssl-rand.sh
 diff --git a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_modified.fail.sh b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_modified.fail.sh
-index 7034224c..19393e1d 100644
+index 298c79dc0..b84d9c805 100644
 --- a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_modified.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/tests/file_modified.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
  
  echo "wrong data" > /etc/profile.d/openssl-rand.sh
 diff --git a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml
-index 68ce3979..5460c879 100644
+index 68dc260a8..87f5390dd 100644
 --- a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol8,rhel8,rhel9
-+prodtype: ol8,rhel8,almalinux8,rhel9
+-prodtype: ol8,ol9,rhel8,rhel9
++prodtype: ol8,ol9,rhel8,almalinux8,rhel9
  
  title: 'Install crypto-policies package'
  
-diff --git a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-installed-removed.fail.sh b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-installed-removed.fail.sh
-index 025e7ef6..7fdf9b11 100644
---- a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-installed-removed.fail.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-installed-removed.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- #
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- # The crypto-policies package cannot be normally removed
- # from a system, therefore as a part of testing we only
-diff --git a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-removed.fail.sh b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-removed.fail.sh
-index c5a1d53d..618f0719 100644
---- a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-removed.fail.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-removed.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- #
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- # The crypto-policies package cannot be normally removed
- # from a system, therefore as a part of testing we only
 diff --git a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
-index 1ac4527f..563cc96b 100644
+index 511a96ea2..6b28b90c5 100644
 --- a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/install_antivirus/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/install_antivirus/rule.yml
-index 264d2f94..14cc99d5 100644
+index 264d2f94e..14cc99d5d 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/install_antivirus/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/install_antivirus/rule.yml
 @@ -1,6 +1,6 @@
@@ -25140,19 +26998,19 @@ index 264d2f94..14cc99d5 100644
  title: 'Install Virus Scanning Software'
  
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
-index 7eed9c54..283a078e 100644
+index d10cfa3b2..d2e8679e8 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Install Intrusion Detection Software'
  
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_antivirus/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_antivirus/rule.yml
-index 78b9bdee..9a60ee12 100644
+index 78b9bdee9..9a60ee129 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_antivirus/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_antivirus/rule.yml
 @@ -1,6 +1,6 @@
@@ -25164,7 +27022,7 @@ index 78b9bdee..9a60ee12 100644
  title: 'Install McAfee Virus Scanning Software'
  
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_cma_rt/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_cma_rt/rule.yml
-index 6e9f3bcb..a89f3228 100644
+index 6e9f3bcb7..a89f32285 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_cma_rt/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/install_mcafee_cma_rt/rule.yml
 @@ -1,6 +1,6 @@
@@ -25176,7 +27034,7 @@ index 6e9f3bcb..a89f3228 100644
  title: 'Install the McAfee Runtime Libraries and Linux Agent'
  
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_antivirus_definitions_updated/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_antivirus_definitions_updated/rule.yml
-index dc856f8b..a5561435 100644
+index dc856f8b9..a55614357 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_antivirus_definitions_updated/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_antivirus_definitions_updated/rule.yml
 @@ -1,6 +1,6 @@
@@ -25188,14 +27046,14 @@ index dc856f8b..a5561435 100644
  title: 'Virus Scanning Software Definitions Are Updated'
  
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
-index 1dd1e524..5d3b15bd 100644
+index c0e75cb0b..afd981e1c 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Ensure McAfee Endpoint Security for Linux (ENSL) is running'
  
@@ -25209,15 +27067,15 @@ index 1dd1e524..5d3b15bd 100644
  ocil_clause: 'virus scanning software is not running'
  
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
-index b1da4909..aface146 100644
+index ef172b86b..9a3b94eb2 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
 @@ -6,7 +6,7 @@
  
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,ubuntu2004
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2004
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,ubuntu2004,ubuntu2204
  
  title: 'Install McAfee Endpoint Security for Linux (ENSL)'
  
@@ -25231,7 +27089,7 @@ index b1da4909..aface146 100644
  
  ocil_clause: 'the package is not installed'
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_accm/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_accm/rule.yml
-index 9223793b..2131c1d9 100644
+index 9223793b4..2131c1d91 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_accm/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_accm/rule.yml
 @@ -1,6 +1,6 @@
@@ -25243,7 +27101,7 @@ index 9223793b..2131c1d9 100644
  title: 'Install the Asset Configuration Compliance Module (ACCM)'
  
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_pa/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_pa/rule.yml
-index 29469a9b..16a7d4f2 100644
+index 29469a9b0..16a7d4f23 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_pa/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_pa/rule.yml
 @@ -1,6 +1,6 @@
@@ -25255,7 +27113,7 @@ index 29469a9b..16a7d4f2 100644
  title: 'Install the Policy Auditor (PA) Module'
  
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/service_nails_enabled/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/service_nails_enabled/rule.yml
-index 83ef73b9..3ff9ea78 100644
+index 83ef73b94..3ff9ea782 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/service_nails_enabled/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/service_nails_enabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -25266,19 +27124,39 @@ index 83ef73b9..3ff9ea78 100644
  
  title: 'Enable nails Service'
  
+diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
+index 9647791ef..9f70b30d4 100644
+--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
++++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+ # reboot = true
+ # strategy = restrict
+ # complexity = medium
+diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh
+index 5da0c99e6..57ac7592b 100644
+--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh
++++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,Red Hat Virtualization 4
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,Red Hat Virtualization 4
+ 
+ fips-mode-setup --enable
+ FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
-index 3b7c3229..3ea794c5 100644
+index a686f80b7..90070fa98 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4
  
  title: "Enable Dracut FIPS Module"
  
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      ospp: FCS_RBG_EXT.1
      srg: SRG-OS-000478-GPOS-00223
      stigid@ol8: OL08-00-010020
@@ -25287,8 +27165,32 @@ index 3b7c3229..3ea794c5 100644
      vmmsrg: SRG-OS-000120-VMM-000600,SRG-OS-000478-VMM-001980,SRG-OS-000396-VMM-001590
  
  ocil_clause: 'the Dracut FIPS module is not enabled'
+diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
+index 9c232fc94..f3d71ee21 100644
+--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
++++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = crypto-policies-scripts
+-# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_ol
+ 
+ fips-mode-setup --enable
+ FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
+diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
+index b92e82236..138d2c997 100644
+--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
++++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = crypto-policies-scripts
+-# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_ol
+ 
+ fips-mode-setup --enable
+ FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/ansible/shared.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/ansible/shared.yml
-index 6977a704..e18dbd02 100644
+index 6977a704d..e18dbd026 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -25298,24 +27200,46 @@ index 6977a704..e18dbd02 100644
  # strategy = restrict
  # complexity = medium
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/bash/shared.sh b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/bash/shared.sh
-index 7627a67f..ed7a77bd 100644
+index 934ecaf91..9a01dada3 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,Oracle Linux 8,Red Hat Virtualization 4
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,Oracle Linux 8,Red Hat Virtualization 4
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,Red Hat Virtualization 4
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,Red Hat Virtualization 4
  {{{ bash_instantiate_variables("var_system_crypto_policy") }}}
  
  fips-mode-setup --enable
+diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
+index e805136ff..76d2978ec 100644
+--- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
++++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
+@@ -10,7 +10,7 @@
+       {{% if product in ["ol8"] %}}
+       
+-      {{% elif product in ["rhel8"] %}}
++      {{% elif product in ["rhel8", "almalinux8"] %}}
+       
+         
+@@ -35,7 +35,7 @@
+     ^FIPS(:(OSPP|NO-SHA1|NO-CAMELLIA))?$
+   {{%- endif %}}
+   
+-  {{% if product in ["ol8","rhel8"] %}}
++  {{% if product in ["ol8","rhel8", "almalinux8"] %}}
+   
+     
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
-index 30cbc939..6454b7e0 100644
+index c6895f23d..cd5196ba5 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4
  
  title: Enable FIPS Mode
  
@@ -25329,45 +27253,32 @@ index 30cbc939..6454b7e0 100644
  
  ocil_clause: 'FIPS mode is not enabled'
 diff --git a/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml b/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml
-index 64c78276..c5b4c036 100644
+index fd61358da..323cb594f 100644
 --- a/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: Ensure '/etc/system-fips' exists
  
-diff --git a/linux_os/guide/system/software/integrity/fips/grub2_enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/grub2_enable_fips_mode/rule.yml
-index 4e2427ba..bbc7f8ff 100644
---- a/linux_os/guide/system/software/integrity/fips/grub2_enable_fips_mode/rule.yml
-+++ b/linux_os/guide/system/software/integrity/fips/grub2_enable_fips_mode/rule.yml
-@@ -18,7 +18,7 @@ description: |-
-     
  • On BIOS-based machines, issue the following command as root:
-     
    ~]# grub2-mkconfig -o {{{ grub2_boot_path }}}/grub.cfg
    • 
-     
  • On UEFI-based machines, issue the following command as root:
--    
    ~]# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
    • 
-+    
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
-     
- 
- rationale: |-
 diff --git a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
-index bc0cf1bb..552eb7d4 100644
+index 15c99cfcc..9f09ce655 100644
 --- a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4
++prodtype: fedora,ol8,ol9,rhcos4,rhel8,almalinux8,rhel9,rhv4
  
  title: "Set kernel parameter 'crypto.fips_enabled' to 1"
  
-@@ -32,7 +32,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      nist: SC-12(2),SC-12(3),IA-7,SC-13,CM-6(a),SC-12
-     srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000396-GPOS-00176,SRG-OS-000423-GPOS-00187,SRG-OS-000478-GPOS-00223
+     srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000396-GPOS-00176,SRG-OS-000423-GPOS-00187,SRG-OS-000478-GPOS-00223
      stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
@@ -25375,29 +27286,38 @@ index bc0cf1bb..552eb7d4 100644
  
  ocil_clause: 'crypto.fips_enabled is not 1'
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
-index 7c25aebf..19796558 100644
+index 0cdb5d98d..a98b5566c 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  
  {{{ bash_package_install("aide") }}}
- 
+ {{% if 'sle' in product %}}
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
-index 5f16a4f1..29b56ac4 100644
+index 430f34c1e..53ee76e69 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Build and Test AIDE Database'
  
+@@ -66,7 +66,7 @@ references:
+     stigid@ol7: OL07-00-020029
+     stigid@ol8: OL08-00-010359
+     stigid@rhel7: RHEL-07-020029
+-    stigid@rhel8: RHEL-08-010359
++    stigid@almalinux8: RHEL-08-010359
+ 
+ ocil_clause: 'there is no database file'
+ 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
-index 6adeeb08..4c6d6ce7 100644
+index 5905ea8d0..19ca9df0a 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -25407,7 +27327,7 @@ index 6adeeb08..4c6d6ce7 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
-index 0726807a..d7aa732b 100644
+index a81e25c39..a52955aeb 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -25417,18 +27337,18 @@ index 0726807a..d7aa732b 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
-index b75e3e35..a20491ff 100644
+index 4555d8aef..e2d7df503 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Configure AIDE to Verify the Audit Tools'
  
-@@ -41,7 +41,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      nist: AU-9(3),AU-9(3).1
      srg: SRG-OS-000278-GPOS-00108
      stigid@ol8: OL08-00-030650
@@ -25438,83 +27358,84 @@ index b75e3e35..a20491ff 100644
      stigid@sle15: SLES-15-030630
      stigid@ubuntu2004: UBTU-20-010205
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
-index 756b88d8..000925aa 100644
+index 1a1ab8aed..d5539bdcd 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  
  yum -y install aide
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
-index f3a2a126..6d175e17 100644
+index 769deaa4f..121c79b9f 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  yum -y install aide
  
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
-index 4315cef2..00ce6b2e 100644
+index 868a3d2b3..13f8fcf03 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
  
  yum -y install aide
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
-index 34799aa6..a2d72d1c 100644
+index dfa5c1b6c..60ac94141 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  
  {{{ bash_package_install("aide") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
-index 343cd9e4..0497dd6f 100644
+index 1600478f0..235d0715f 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
-@@ -1,6 +1,6 @@
+@@ -4,7 +4,7 @@
+ 
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Configure Periodic Execution of AIDE'
  
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/ansible/shared.yml
-index 5c11fc17..e4efb9ca 100644
+index 2f734940a..837b244b5 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle
+-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,Oracle Linux 7,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,Oracle Linux 7,Oracle Linux 8,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
-index 9c69dd1e..74c47f19 100644
+index 9015d01e7..493705ba8 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,wrlinux1019
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Configure Notification of Post-AIDE Scan Details'
  
-@@ -48,7 +48,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      stigid@ol7: OL07-00-020040
      stigid@ol8: OL08-00-010360
      stigid@rhel7: RHEL-07-020040
@@ -25524,7 +27445,7 @@ index 9c69dd1e..74c47f19 100644
  
  ocil_clause: 'AIDE has not been configured or has not been configured to notify personnel of scan details'
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
-index 34a11452..b22a658d 100644
+index 34a114520..b22a658da 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -25534,7 +27455,7 @@ index 34a11452..b22a658d 100644
  {{{ bash_package_install("aide") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml
-index 51d6752a..d53ad860 100644
+index b6b7b17b2..ded14eaf5 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml
 @@ -1,6 +1,6 @@
@@ -25546,7 +27467,7 @@ index 51d6752a..d53ad860 100644
  title: 'Configure AIDE to Use FIPS 140-2 for Validating Hashes'
  
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh
-index 9f9f96e4..e654ec2e 100644
+index 9f9f96e4d..e654ec2ee 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh
 @@ -1,6 +1,6 @@
@@ -25558,7 +27479,7 @@ index 9f9f96e4..e654ec2e 100644
  
  cat >/etc/aide.conf </etc/aide.conf </etc/aide.conf </etc/aide.conf </etc/aide.conf </etc/aide.conf <env_reset     tag, when specified, will run the command in a minimal environment,
+     containing the TERM, PATH, HOME, MAIL, SHELL, LOGNAME, USER and SUDO_* variables.
+-{{%- if product in ["rhel7", "rhel8"] %}}
++{{%- if product in ["rhel7", "rhel8", "almalinux8"] %}}
+     On {{{ full_name }}}, env_reset is enabled by default
+ {{%- endif %}}
+     This should be enabled by making sure that the env_reset tag exists in
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_ignore_dot/rule.yml b/linux_os/guide/system/software/sudo/sudo_add_ignore_dot/rule.yml
-index f26a63e7..bcc8e8d4 100644
+index 2e3903c93..6a86169ff 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_ignore_dot/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_add_ignore_dot/rule.yml
-@@ -1,6 +1,6 @@
+@@ -1,13 +1,13 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
+-prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
  
  title: 'Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot'
  
+ description: |-
+     The sudo ignore_dot tag, when specified, will ignore the current directory
+     in the PATH environment variable.
+-{{%- if product in ["rhel7", "rhel8"] %}}
++{{%- if product in ["rhel7", "rhel8", "almalinux8"] %}}
+     On {{{ full_name }}}, env_reset is enabled by default
+ {{%- endif %}}
+     This should be enabled by making sure that the ignore_dot tag exists in
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_passwd_timeout/rule.yml b/linux_os/guide/system/software/sudo/sudo_add_passwd_timeout/rule.yml
-index ae339952..40ef5a07 100644
+index a32a10671..de22404ac 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_passwd_timeout/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_add_passwd_timeout/rule.yml
-@@ -1,6 +1,6 @@
+@@ -1,12 +1,12 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
+-prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
  
  title: 'Ensure sudo passwd_timeout is appropriate - sudo passwd_timeout'
  
+ description: |-
+     The sudo passwd_timeout tag sets the amount of time sudo password prompt waits.
+-{{%- if product in ["rhel7", "rhel8"] %}}
++{{%- if product in ["rhel7", "rhel8", "almalinux8"] %}}
+     On {{{ full_name }}}, the default passwd_timeout value is 5 minutes.
+ {{% endif %}}
+     The passwd_timeout should be configured by making sure that the
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/rule.yml b/linux_os/guide/system/software/sudo/sudo_add_umask/rule.yml
-index 189c1b9d..9a722eb0 100644
+index cb3da33f3..9d0dbded9 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_umask/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_add_umask/rule.yml
-@@ -1,6 +1,6 @@
+@@ -1,13 +1,13 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
+-prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
  
  title: 'Ensure sudo umask is appropriate - sudo umask'
  
+ description: |-
+     The sudo umask tag, when specified, will be added the to the user's umask in the
+     command environment.
+-{{%- if product in ["rhel7", "rhel8"] %}}
++{{%- if product in ["rhel7", "rhel8", "almalinux8"] %}}
+     On {{{ full_name }}}, the default umask value is 0022.
+ {{% endif %}}
+     The umask should be configured by making sure that the umask={{{ xccdf_value("var_sudo_umask") }}} tag exists in
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh
-index 5d9a8b49..3710e371 100644
+index 21ece11e5..26403c434 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # variables = var_sudo_umask=0027
  
  # Default umask is not explicitly set and has value 0022
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0027_state.pass.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0027_state.pass.sh
-index c7f7aee3..e7e8a022 100644
+index c01587242..de0605d2d 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0027_state.pass.sh
 +++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0027_state.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # variables = var_sudo_umask=0027
  
  # Default umask is not explicitly set and has value 0022
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_default_state.fail.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_default_state.fail.sh
-index 2f41b65d..96a098ef 100644
+index eb5220278..e19cec598 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_default_state.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_default_state.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # variables = var_sudo_umask=0027
  
  # Default umask is not explicitly set and has value 0022
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.fail.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.fail.sh
-index c86da249..c1ad2442 100644
+index 0ca7c09b3..05dcae714 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # variables = var_sudo_umask=0027
  
  echo "Defaults use_pty,umask=0022,noexec" >> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
-index a812074a..e66bdc71 100644
+index 39ec72b52..a2849d3b4 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
 +++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # variables = var_sudo_umask=0027
  
  echo "Defaults use_pty,umask=0027,noexec" >> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudo_dedicated_group/rule.yml b/linux_os/guide/system/software/sudo/sudo_dedicated_group/rule.yml
-index b3f766f8..80c783ff 100644
+index 2dee2eb85..df6ee7847 100644
 --- a/linux_os/guide/system/software/sudo/sudo_dedicated_group/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_dedicated_group/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
+-prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15
  
  title: 'Ensure a dedicated group owns sudo'
  
 diff --git a/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.pass.sh b/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.pass.sh
-index 1c87c96c..265432ee 100644
+index 0e5aed5d0..c75edccd5 100644
 --- a/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.pass.sh
 +++ b/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # remediation = none
  
  # Make sure sudo is owned by root group
 diff --git a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
-index 545dbcbf..490bed29 100644
+index 079540b33..a8e26e140 100644
 --- a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      stigid@ol7: OL07-00-010350
      stigid@ol8: OL08-00-010381
      stigid@rhel7: RHEL-07-010350
@@ -25957,7 +27979,7 @@ index 545dbcbf..490bed29 100644
      stigid@sle15: SLES-15-010450
      vsrg: SRG-OS-000373-VMM-001470,SRG-OS-000373-VMM-001480,SRG-OS-000373-VMM-001490
 diff --git a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
-index 9bd661c7..0c95067d 100644
+index 6c91f7eb6..d5b67e2d2 100644
 --- a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
 @@ -39,7 +39,7 @@ references:
@@ -25970,18 +27992,18 @@ index 9bd661c7..0c95067d 100644
      stigid@sle15: SLES-15-010450
      vsrg: SRG-OS-000373-VMM-001470,SRG-OS-000373-VMM-001480,SRG-OS-000373-VMM-001490
 diff --git a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
-index eebb9667..5cf7e8f4 100644
+index fc0ec838f..1d79c1207 100644
 --- a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2204
  
  title: 'The operating system must require Re-Authentication when using the sudo command.
   Ensure sudo timestamp_timeout is appropriate - sudo timestamp_timeout'
-@@ -38,7 +38,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      stigid@ol7: OL07-00-010343
      stigid@ol8: OL08-00-010384
      stigid@rhel7: RHEL-07-010343
@@ -25991,7 +28013,7 @@ index eebb9667..5cf7e8f4 100644
      stigid@sle15: SLES-15-020102
  
 diff --git a/linux_os/guide/system/software/sudo/sudo_restrict_others_executable_permission/rule.yml b/linux_os/guide/system/software/sudo/sudo_restrict_others_executable_permission/rule.yml
-index 174da919..ee73e10e 100644
+index 174da919d..ee73e10e0 100644
 --- a/linux_os/guide/system/software/sudo/sudo_restrict_others_executable_permission/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_restrict_others_executable_permission/rule.yml
 @@ -1,6 +1,6 @@
@@ -26003,15 +28025,15 @@ index 174da919..ee73e10e 100644
  title: 'Ensure only owner and members of group owner of /usr/bin/sudo can execute it'
  
 diff --git a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
-index 57cb763d..37d96fa5 100644
+index b90f566ab..b526dd99b 100644
 --- a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
 @@ -2,7 +2,7 @@ documentation_complete: true
  
  title: 'The operating system must restrict privilege elevation to authorized personnel'
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
+-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  description: |-
      The sudo command allows a user to execute programs with elevated
@@ -26025,40 +28047,40 @@ index 57cb763d..37d96fa5 100644
      stigid@sle15: SLES-15-020101
  
 diff --git a/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml b/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
-index a97bd3ef..bd782d8a 100644
+index 4d57b106b..7c013cf69 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhel9
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Ensure sudo only includes the default configuration directory'
  
-@@ -28,7 +28,7 @@ identifiers:
- references:
-     disa: CCI-000366
-     srg: SRG-OS-000480-GPOS-00227
+@@ -36,7 +36,7 @@ references:
+     stigid@ol7: OL07-00-010339
+     stigid@ol8: OL08-00-010379
+     stigid@rhel7: RHEL-07-010339
 -    stigid@rhel8: RHEL-08-010379
 +    stigid@almalinux8: RHEL-08-010379
- 
- ocil_clause: "the /etc/sudoers doesn't include /etc/sudores.d or includes other directories?"
+     stigid@sle12: SLES-12-010109
+     stigid@sle15: SLES-15-020099
  
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
-index 698021d8..869af9ba 100644
+index cdd03adcc..b74598aad 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
 @@ -2,7 +2,7 @@ documentation_complete: true
  
  title: 'Ensure invoking users password for privilege escalation when using sudo'
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  description: |-
      The sudoers security policy requires that users authenticate themselves before they can use sudo.
-@@ -33,7 +33,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      stigid@ol7: OL07-00-010342
      stigid@ol8: OL08-00-010383
      stigid@rhel7: RHEL-07-010342
@@ -26067,10 +28089,10 @@ index 698021d8..869af9ba 100644
      stigid@sle12: SLES-12-010112
      stigid@sle15: SLES-15-020103
  
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.fail.sh
-index a258d108..904d4adb 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.fail.sh
+diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
+index a258d108a..904d4adb0 100644
+--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
++++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
 @@ -1,4 +1,4 @@
 -# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
 +# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
@@ -26078,7 +28100,7 @@ index a258d108..904d4adb 100644
  
  echo 'Defaults !targetpw' >> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
-index 9706b8bd..c543b1b3 100644
+index cdd8174d2..ab7afd6a4 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
 @@ -1,4 +1,4 @@
@@ -26086,9 +28108,9 @@ index 9706b8bd..c543b1b3 100644
 +# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
  # packages = sudo
  
- if [ $(sudo egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' | wc -l) -ne 0 ]
+ touch /etc/sudoers.d/empty
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
-index 093f9dd8..0cd6dbf4 100644
+index 093f9dd80..0cd6dbf48 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
 @@ -1,4 +1,4 @@
@@ -26096,19 +28118,49 @@ index 093f9dd8..0cd6dbf4 100644
 +# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
  # packages = sudo
  
+ echo 'Defaults !targetpw' >> /etc/sudoers
+diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
+index 3372c20b7..6c9e6fc44 100644
+--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
++++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
+ # packages = sudo
+ 
  echo 'Defaults !targetpw' >> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
-index 6247b523..bd82dc53 100644
+index ef0abd449..9606a913c 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
 @@ -1,4 +1,4 @@
+-# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ # packages = sudo
+ 
+ echo 'Defaults !targetpw' >> /etc/sudoers
+diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
+index 6247b5230..bd82dc53d 100644
+--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
++++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
+ # packages = sudo
+ 
+ echo 'Defaults !targetpw' >> /etc/sudoers
+diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
+index 071e3a0ab..b6779c1c5 100644
+--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
++++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
+@@ -1,4 +1,4 @@
 -# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
 +# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
  # packages = sudo
  
  echo 'Defaults !targetpw' >> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
-index b12d1f88..eebf2cd7 100644
+index 273fb4529..b15cdc1da 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
 @@ -1,4 +1,4 @@
@@ -26116,9 +28168,9 @@ index b12d1f88..eebf2cd7 100644
 +# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
  # packages = sudo
  
- if [ $(sudo egrep -i '(!rootpw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' | wc -l) -ne 0 ]
+ touch /etc/sudoers.d/empty
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
-index 93b3dfeb..5b180d91 100644
+index d477b5972..569a80382 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
 @@ -1,4 +1,4 @@
@@ -26126,9 +28178,9 @@ index 93b3dfeb..5b180d91 100644
 +# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
  # packages = sudo
  
- if [ $(sudo egrep -i '(!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' | wc -l) -ne 0 ]
+ touch /etc/sudoers.d/empty
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
-index 103cb466..e23bcce4 100644
+index a4c5bde62..42fb94bf8 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
 @@ -1,4 +1,4 @@
@@ -26136,9 +28188,9 @@ index 103cb466..e23bcce4 100644
 +# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
  # packages = sudo
  
- if [ $(sudo egrep -i '(!targetpw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' | wc -l) -ne 0 ]
+ touch /etc/sudoers.d/empty
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
-index 909924de..1e5f94f9 100644
+index cf04f6959..68cdc9c3b 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26149,17 +28201,17 @@ index 909924de..1e5f94f9 100644
  
  title: 'Uninstall abrt-addon-ccpp Package'
  
-@@ -22,7 +22,7 @@ references:
+@@ -21,7 +21,7 @@ identifiers:
+ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
-     stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
  
  {{{ complete_ocil_entry_package(package="abrt-addon-ccpp") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
-index f74bfa3f..ad77aadf 100644
+index 22f47ee39..996366bf5 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26170,30 +28222,30 @@ index f74bfa3f..ad77aadf 100644
  
  title: 'Uninstall abrt-addon-kerneloops Package'
  
-@@ -22,7 +22,7 @@ references:
+@@ -21,7 +21,7 @@ identifiers:
+ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
-     stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
  
  {{{ complete_ocil_entry_package(package="abrt-addon-kerneloops") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
-index 3233cc50..62040ee9 100644
+index dc971dd6d..abba303c8 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
-@@ -20,7 +20,7 @@ references:
+@@ -19,7 +19,7 @@ identifiers:
+ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
-     stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
  
  {{{ complete_ocil_entry_package(package="abrt-addon-python") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
-index 43f8d7fb..ab43bb7a 100644
+index 2b461d64b..78a64eeef 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26204,17 +28256,17 @@ index 43f8d7fb..ab43bb7a 100644
  
  title: 'Uninstall abrt-cli Package'
  
-@@ -22,7 +22,7 @@ references:
+@@ -21,7 +21,7 @@ identifiers:
+ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
-     stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
  
  {{{ complete_ocil_entry_package(package="abrt-cli") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-plugin-logger_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-plugin-logger_removed/rule.yml
-index 30da7dca..15d81cfd 100644
+index 0b59930c4..564528071 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-plugin-logger_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-plugin-logger_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26225,17 +28277,8 @@ index 30da7dca..15d81cfd 100644
  
  title: 'Uninstall abrt-plugin-logger Package'
  
-@@ -22,7 +22,7 @@ references:
-     disa: CCI-000381
-     srg: SRG-OS-000095-GPOS-00049
-     stigid@ol8: OL08-00-040001
--    stigid@rhel8: RHEL-08-040001
-+    stigid@almalinux8: RHEL-08-040001
- 
- {{{ complete_ocil_entry_package(package="abrt-plugin-logger") }}}
- 
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-plugin-rhtsupport_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-plugin-rhtsupport_removed/rule.yml
-index 0ef883b1..2c988f19 100644
+index 043e0615a..78a36e9f2 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-plugin-rhtsupport_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-plugin-rhtsupport_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26246,17 +28289,8 @@ index 0ef883b1..2c988f19 100644
  
  title: 'Uninstall abrt-plugin-rhtsupport Package'
  
-@@ -22,7 +22,7 @@ references:
-     disa: CCI-000381
-     srg: SRG-OS-000095-GPOS-00049
-     stigid@ol8: OL08-00-040001
--    stigid@rhel8: RHEL-08-040001
-+    stigid@almalinux8: RHEL-08-040001
- 
- {{{ complete_ocil_entry_package(package="abrt-plugin-rhtsupport") }}}
- 
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
-index 5d142cb3..20f8cfea 100644
+index 9d690f4cb..3e86fab00 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26267,17 +28301,17 @@ index 5d142cb3..20f8cfea 100644
  
  title: 'Uninstall abrt-plugin-sosreport Package'
  
-@@ -21,7 +21,7 @@ references:
+@@ -20,7 +20,7 @@ identifiers:
+ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
-     stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
  
  {{{ complete_ocil_entry_package(package="abrt-plugin-sosreport") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_binutils_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_binutils_installed/rule.yml
-index ec4f690a..c432c0cb 100644
+index ec4f690a0..c432c0cb0 100644
 --- a/linux_os/guide/system/software/system-tools/package_binutils_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_binutils_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26289,7 +28323,7 @@ index ec4f690a..c432c0cb 100644
  title: 'Install binutils Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_dnf-plugin-subscription-manager_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_dnf-plugin-subscription-manager_installed/rule.yml
-index 8b657722..42471018 100644
+index 8b6577226..42471018e 100644
 --- a/linux_os/guide/system/software/system-tools/package_dnf-plugin-subscription-manager_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_dnf-plugin-subscription-manager_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26301,7 +28335,7 @@ index 8b657722..42471018 100644
  title: 'Install dnf-plugin-subscription-manager Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_geolite2-city_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_geolite2-city_removed/rule.yml
-index e9863fa8..dbe2a912 100644
+index e9863fa86..dbe2a9120 100644
 --- a/linux_os/guide/system/software/system-tools/package_geolite2-city_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_geolite2-city_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26313,7 +28347,7 @@ index e9863fa8..dbe2a912 100644
  title: 'Uninstall geolite2-city Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_geolite2-country_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_geolite2-country_removed/rule.yml
-index 1210a1e8..58d95cc6 100644
+index 1210a1e8e..58d95cc6b 100644
 --- a/linux_os/guide/system/software/system-tools/package_geolite2-country_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_geolite2-country_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26325,14 +28359,14 @@ index 1210a1e8..58d95cc6 100644
  title: 'Uninstall geolite2-country Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
-index d1a9c101..41250a96 100644
+index 4a5481118..02deeb72d 100644
 --- a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Uninstall gssproxy Package'
  
@@ -26346,14 +28380,14 @@ index d1a9c101..41250a96 100644
  {{{ complete_ocil_entry_package(package="gssproxy") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
-index 80057708..d1285a9c 100644
+index 8986513f2..d9d127316 100644
 --- a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Uninstall iprutils Package'
  
@@ -26367,18 +28401,19 @@ index 80057708..d1285a9c 100644
  {{{ complete_ocil_entry_package(package="iprutils") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
-index 81347484..2306a7d7 100644
+index e18be68fe..856c864df 100644
 --- a/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
+@@ -2,7 +2,7 @@ documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+ # new major OS versions will most likely not be applicable because of the
+ # kerberos version higher than 1.17-18
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Uninstall krb5-workstation Package'
  
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      disa: CCI-000803
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010162
@@ -26386,9 +28421,9 @@ index 81347484..2306a7d7 100644
 +    stigid@almalinux8: RHEL-08-010162
  
  platforms:
- {{{ rule_notapplicable_when_ovirt_installed() | indent(4)}}}
+ {{%- if "rhel" in product %}}
 diff --git a/linux_os/guide/system/software/system-tools/package_libcap-ng-utils_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_libcap-ng-utils_installed/rule.yml
-index 6696d589..a0122c7c 100644
+index 6696d5891..a0122c7c0 100644
 --- a/linux_os/guide/system/software/system-tools/package_libcap-ng-utils_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_libcap-ng-utils_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26399,20 +28434,62 @@ index 6696d589..a0122c7c 100644
  
  title: 'Install libcap-ng-utils Package'
  
+diff --git a/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml
+index 94428d19d..65410152c 100644
+--- a/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml
++++ b/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol7,ol8,rhel7,rhel8
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
+ 
+ title: 'Uninstall libreport-plugin-logger Package'
+ 
+@@ -20,7 +20,7 @@ references:
+     disa: CCI-000381
+     srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040001
+-    stigid@rhel8: RHEL-08-040001
++    stigid@almalinux8: RHEL-08-040001
+ 
+ {{{ complete_ocil_entry_package(package="libreport-plugin-logger") }}}
+ 
+diff --git a/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml
+index 8ca0488c7..cf104f249 100644
+--- a/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml
++++ b/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol7,ol8,rhel7,rhel8
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
+ 
+ title: 'Uninstall libreport-plugin-rhtsupport Package'
+ 
+@@ -20,7 +20,7 @@ references:
+     disa: CCI-000381
+     srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040001
+-    stigid@rhel8: RHEL-08-040001
++    stigid@almalinux8: RHEL-08-040001
+ 
+ {{{ complete_ocil_entry_package(package="libreport-plugin-rhtsupport") }}}
+ 
 diff --git a/linux_os/guide/system/software/system-tools/package_openscap-scanner_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_openscap-scanner_installed/rule.yml
-index c2c8a19a..28ab5955 100644
+index 2c29f67f5..c968a55bc 100644
 --- a/linux_os/guide/system/software/system-tools/package_openscap-scanner_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_openscap-scanner_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Install openscap-scanner Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_pigz_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_pigz_removed/rule.yml
-index 80a273bf..74169dbe 100644
+index 80a273bf4..74169dbe3 100644
 --- a/linux_os/guide/system/software/system-tools/package_pigz_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_pigz_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26424,7 +28501,7 @@ index 80a273bf..74169dbe 100644
  title: 'Uninstall pigz Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
-index 2b34390f..b9e583ed 100644
+index 2b34390f7..b9e583edc 100644
 --- a/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26445,26 +28522,26 @@ index 2b34390f..b9e583ed 100644
  {{{ complete_ocil_entry_package(package="python3-abrt-addon") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml
-index efb59165..ae4176f6 100644
+index 461389520..ea6bd4fa9 100644
 --- a/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Install rear Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
-index e0fd861e..12dc53fa 100644
+index f3b7725c5..ff830747b 100644
 --- a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Install rng-tools Package'
  
@@ -26478,19 +28555,19 @@ index e0fd861e..12dc53fa 100644
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_scap-security-guide_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_scap-security-guide_installed/rule.yml
-index a7f9dfd8..d5d24a55 100644
+index 02ba74f0c..730270f5a 100644
 --- a/linux_os/guide/system/software/system-tools/package_scap-security-guide_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_scap-security-guide_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4
  
  title: 'Install scap-security-guide Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
-index 32e5ce9a..fd1fd250 100644
+index f8b801181..6258ad954 100644
 --- a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26502,7 +28579,7 @@ index 32e5ce9a..fd1fd250 100644
  title: 'Install subscription-manager Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_tar_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_tar_installed/rule.yml
-index e5b9a440..e3c2435f 100644
+index e5b9a4402..e3c2435fb 100644
 --- a/linux_os/guide/system/software/system-tools/package_tar_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_tar_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26514,14 +28591,14 @@ index e5b9a440..e3c2435f 100644
  title: 'Install tar Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
-index a30fa893..c083f1ff 100644
+index 48443defd..f26e82b66 100644
 --- a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Uninstall tuned Package'
  
@@ -26535,7 +28612,7 @@ index a30fa893..c083f1ff 100644
  {{{ complete_ocil_entry_package(package="tuned") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_vim_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_vim_installed/rule.yml
-index 0eb7a8dd..34344f55 100644
+index 0eb7a8ddd..34344f555 100644
 --- a/linux_os/guide/system/software/system-tools/package_vim_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_vim_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -26547,7 +28624,7 @@ index 0eb7a8dd..34344f55 100644
  title: 'Install vim Package'
  
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
-index 051e89da..895effa2 100644
+index 9b67b0e22..6891a1f28 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -26557,24 +28634,24 @@ index 051e89da..895effa2 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
-index 41fcf825..db90731d 100644
+index 34127fd17..e30b09600 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
 +++ b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
  
- if grep --silent ^clean_requirements_on_remove /etc/yum.conf ; then
-         sed -i "s/^clean_requirements_on_remove.*/clean_requirements_on_remove=1/g" /etc/yum.conf
+ {{% if 'sle' in product %}}
+ {{{ bash_replace_or_append('/etc/zypp/zypp.conf', '^solver.upgradeRemoveDroppedPackages', 'true', '%s=%s') }}}
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
-index 7a906355..1a73068e 100644
+index 58b3ece0c..cac08aee1 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
 +++ b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
  
  title: 'Ensure {{{ pkg_manager }}} Removes Previous Package Versions'
  
@@ -26587,53 +28664,86 @@ index 7a906355..1a73068e 100644
      stigid@sle12: SLES-12-010570
      stigid@sle15: SLES-15-010560
      stigid@ubuntu2004: UBTU-20-010449
+diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
+index 4cba82b3c..1d8495018 100644
+--- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
++++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ file={{{ pkg_manager_config_file }}}
+ 
+diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
+index 3b3bd71f7..d54501d5c 100644
+--- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
++++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ file={{{ pkg_manager_config_file }}}
+ 
+diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
+index 8f2e4fac8..20d00061a 100644
+--- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
++++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
+ file={{{ pkg_manager_config_file }}}
+ 
 diff --git a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
-index 779189d9..209aee84 100644
+index 55851cc05..62557d6e2 100644
 --- a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_sle,Red Hat Enterprise Linux 8,Oracle Linux 8
++# platform = multi_platform_fedora,multi_platform_sle,Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 8
  # reboot = false
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/rule.yml b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/rule.yml
-index 5467302f..b55188aa 100644
+index bbcd9e56d..f954c9570 100644
 --- a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/rule.yml
 +++ b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15
  
- title: Configure dnf-automatic to Install Available Updates Automatically
+ title: 'Configure dnf-automatic to Install Available Updates Automatically'
  
 diff --git a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
-index ecf8379a..dab9e3f4 100644
+index 9d6c3eba8..4c61c3c3c 100644
 --- a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_sle,Red Hat Enterprise Linux 8,Oracle Linux 8
++# platform = multi_platform_fedora,multi_platform_sle,Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 8
  # reboot = false
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml
-index 351c9d43..6797fd60 100644
+index f0f646748..b5e8b72b8 100644
 --- a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml
 +++ b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15
  
- title: Configure dnf-automatic to Install Only Security Updates
+ title: 'Configure dnf-automatic to Install Only Security Updates'
  
 diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
 new file mode 100644
-index 00000000..7912da04
+index 000000000..7912da04b
 --- /dev/null
 +++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
 @@ -0,0 +1,39 @@
@@ -26678,7 +28788,7 @@ index 00000000..7912da04
 +   - ansible_distribution == "AlmaLinux"
 diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
 new file mode 100644
-index 00000000..dee95716
+index 000000000..dee95716e
 --- /dev/null
 +++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
 @@ -0,0 +1,26 @@
@@ -26710,7 +28820,7 @@ index 00000000..dee95716
 +fi
 diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml
 new file mode 100644
-index 00000000..fb92fdb8
+index 000000000..fb92fdb8e
 --- /dev/null
 +++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml
 @@ -0,0 +1,42 @@
@@ -26758,7 +28868,7 @@ index 00000000..fb92fdb8
 +    
 diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
 new file mode 100644
-index 00000000..3e4fe227
+index 000000000..3e4fe227b
 --- /dev/null
 +++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
 @@ -0,0 +1,46 @@
@@ -26809,7 +28919,7 @@ index 00000000..3e4fe227
 +    The command should return the string below:
 +    
    gpg(AlmaLinux <packager@almalinux.org>
    
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
-index 2bf91c8c..b5f52073 100644
+index 2bf91c8ca..b5f520737 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
 @@ -1,3 +1,3 @@
@@ -26818,18 +28928,18 @@ index 2bf91c8c..b5f52073 100644
  
  {{{ bash_replace_or_append( pkg_manager_config_file , '^gpgcheck', '1') }}}
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
-index edb7748b..c0481718 100644
+index e5b41c4bb..2889f1cd5 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,uos20
  
  title: 'Ensure gpgcheck Enabled In Main {{{ pkg_manager }}} Configuration'
  
-@@ -60,7 +60,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      stigid@ol7: OL07-00-020050
      stigid@ol8: OL08-00-010370
      stigid@rhel7: RHEL-07-020050
@@ -26838,29 +28948,19 @@ index edb7748b..c0481718 100644
      stigid@sle12: SLES-12-010550
      stigid@sle15: SLES-15-010430
      vmmsrg: SRG-OS-000366-VMM-001430,SRG-OS-000370-VMM-001460,SRG-OS-000404-VMM-001650
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/ansible/shared.yml
-index 3cab4a16..e3cabb82 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/ansible/shared.yml
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
-index 67da27c0..96a9e11d 100644
+index 579db66b0..c159156f7 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure gpgcheck Enabled for Local Packages'
  
-@@ -41,7 +41,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      stigid@ol7: OL07-00-020060
      stigid@ol8: OL08-00-010371
      stigid@rhel7: RHEL-07-020060
@@ -26868,9 +28968,9 @@ index 67da27c0..96a9e11d 100644
 +    stigid@almalinux8: RHEL-08-010371
      vmmsrg: SRG-OS-000366-VMM-001430,SRG-OS-000370-VMM-001460,SRG-OS-000404-VMM-001650
  
- ocil_clause: 'gpgcheck is not enabled or configured correctly to verify local packages'
+ ocil_clause: 'there is no process to validate certificates for local packages that is approved by the organization'
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
-index c658f901..939ce9c2 100644
+index 8ba650131..6728e4d50 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -26880,27 +28980,38 @@ index c658f901..939ce9c2 100644
  # strategy = enable
  # complexity = low
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
-index a9b33d87..b1c33b4b 100644
+index 07e02fa47..ee1d023d9 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
-@@ -1,2 +1,2 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
- sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/yum.repos.d/*
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
+ {{% if product in ["sle12", "sle15"] %}}
+ sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/zypp/repos.d/*
+ {{% else %}}
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
-index 2c5501c7..c07a6357 100644
+index 1a31ab2d1..1dd671bbc 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
+-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure gpgcheck Enabled for All {{{ pkg_manager }}} Package Repositories'
  
+@@ -47,7 +47,7 @@ references:
+     pcidss: Req-6.2
+     srg: SRG-OS-000366-GPOS-00153
+     stigid@ol8: OL08-00-010370
+-    stigid@rhel8: RHEL-08-010370
++    stigid@almalinux8: RHEL-08-010370
+     vmmsrg: SRG-OS-000366-VMM-001430,SRG-OS-000370-VMM-001460,SRG-OS-000404-VMM-001650
+ 
+ ocil_clause: 'GPG checking is disabled'
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
-index 37e47e4d..a852e856 100644
+index 37e47e4d4..a852e856f 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
 @@ -1,4 +1,4 @@
@@ -26910,7 +29021,7 @@ index 37e47e4d..a852e856 100644
  
  sed -i 's/gpgcheck\s*=.*/gpgcheck=0/g' /etc/yum.repos.d/*
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
-index 04ff6e57..b97d7546 100644
+index 04ff6e577..b97d75469 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
 @@ -1,4 +1,4 @@
@@ -26920,31 +29031,31 @@ index 04ff6e57..b97d7546 100644
  
  sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/yum.repos.d/*
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml
-index be2c7aa1..40ff5875 100644
+index 740c2be53..53e9520a8 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8
+-prodtype: fedora,ol7,ol8,rhel7,rhel8
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
  
  title: 'Ensure gpgcheck Enabled for Repository Metadata'
  
 diff --git a/linux_os/guide/system/software/updating/package_dnf-automatic_installed/rule.yml b/linux_os/guide/system/software/updating/package_dnf-automatic_installed/rule.yml
-index dd52ba7e..18365b4b 100644
+index bdcc5e9be..2e150e42f 100644
 --- a/linux_os/guide/system/software/updating/package_dnf-automatic_installed/rule.yml
 +++ b/linux_os/guide/system/software/updating/package_dnf-automatic_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Install dnf-automatic Package'
  
 diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh b/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh
-index fd844d2a..2932351f 100644
+index fd844d2a1..2932351f4 100644
 --- a/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh
 +++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -26954,17 +29065,23 @@ index fd844d2a..2932351f 100644
  # strategy = patch
  # complexity = low
 diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
-index 9e67a875..d73ecd56 100644
+index d114c3236..e342962b6 100644
 --- a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
 +++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
-@@ -1,6 +1,6 @@
+@@ -1,11 +1,11 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804
+-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,uos20
++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,uos20
  
  title: 'Ensure Software Patches Installed'
  
+ description: |-
+-{{% if product in ["rhel7", "rhel8"] %}}
++{{% if product in ["rhel7", "rhel8", "almalinux8"] %}}
+     If the system is joined to the Red Hat Network, a Red Hat Satellite Server,
+     or a yum server, run the following command to install updates:
+     
    $ sudo yum update
    
 @@ -17,6 +17,11 @@ description: |-
      
    $ sudo yum update
    
      If the system is not configured to use one of these sources, updates (in the form of RPM packages)
@@ -26977,7 +29094,7 @@ index 9e67a875..d73ecd56 100644
  {{% elif product in ["sle12", "sle15"] %}}
      If the system is configured for online updates, invoking the following command will list available
      security updates:
-@@ -63,7 +68,7 @@ references:
+@@ -65,7 +70,7 @@ references:
      stigid@ol7: OL07-00-020260
      stigid@ol8: OL08-00-010010
      stigid@rhel7: RHEL-07-020260
@@ -26987,30 +29104,29 @@ index 9e67a875..d73ecd56 100644
      stigid@sle15: SLES-15-010010
      vmmsrg: SRG-OS-000480-VMM-002000
 diff --git a/linux_os/guide/system/software/updating/timer_dnf-automatic_enabled/rule.yml b/linux_os/guide/system/software/updating/timer_dnf-automatic_enabled/rule.yml
-index f0ae5076..8936b05c 100644
+index 5ae61e5d6..e011e7d2b 100644
 --- a/linux_os/guide/system/software/updating/timer_dnf-automatic_enabled/rule.yml
 +++ b/linux_os/guide/system/software/updating/timer_dnf-automatic_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol8,ol9,rhel8,almalinux8,rhel9,sle12,sle15
  
- title: Enable dnf-automatic Timer
+ title: 'Enable dnf-automatic Timer'
  
 diff --git a/products/almalinux8/CMakeLists.txt b/products/almalinux8/CMakeLists.txt
 new file mode 100644
-index 00000000..6f48e657
+index 000000000..dcbf2057a
 --- /dev/null
 +++ b/products/almalinux8/CMakeLists.txt
-@@ -0,0 +1,29 @@
+@@ -0,0 +1,28 @@
 +# Sometimes our users will try to do: "cd almalinux8; cmake ." That needs to error in a nice way.
 +if ("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}")
 +    message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!")
 +endif()
 +
 +set(PRODUCT "almalinux8")
-+set(DISA_SRG_TYPE "os")
 +
 +ssg_build_product(${PRODUCT})
 +
@@ -27026,7 +29142,7 @@ index 00000000..6f48e657
 +
 +ssg_build_html_cce_table(${PRODUCT})
 +
-+ssg_build_html_srgmap_tables(${PRODUCT} "stig" ${DISA_SRG_TYPE})
++ssg_build_html_srgmap_tables(${PRODUCT})
 +
 +ssg_build_html_stig_tables(${PRODUCT})
 +ssg_build_html_stig_tables_per_profile( ${PRODUCT} "stig")
@@ -27035,10 +29151,10 @@ index 00000000..6f48e657
 +#ssg_build_html_stig_tables(${PRODUCT} "ospp")
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_enhanced-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_enhanced-ks.cfg
 new file mode 100644
-index 00000000..995a0d8e
+index 000000000..30a1cdbc8
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_enhanced-ks.cfg
-@@ -0,0 +1,169 @@
+@@ -0,0 +1,158 @@
 +# SCAP Security Guide ANSSI BP-028 (enhanced) profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-01-28
@@ -27085,11 +29201,6 @@ index 00000000..995a0d8e
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --bootproto dhcp --noipv6
 +
 +# Set the system's root password (required)
@@ -27109,12 +29220,6 @@ index 00000000..995a0d8e
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# Set the system time zone (required)
 +timezone --utc America/New_York
 +
@@ -27130,7 +29235,7 @@ index 00000000..995a0d8e
 +
 +# The following partition layout scheme assumes disk of size 20GB or larger
 +# Modify size of partitions appropriately to reflect actual machine's hardware
-+#
++# 
 +# Remove Linux partitions from the system prior to creating new ones (optional)
 +# --linux	erase all Linux partitions
 +# --initlabel	initialize the disk label to the default based on the underlying architecture
@@ -27167,17 +29272,17 @@ index 00000000..995a0d8e
 +
 +# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
 +# content - security policies - on the installed system.This add-on has been enabled by default
-+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this
++# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
 +# functionality will automatically be installed. However, by default, no policies are enforced,
 +# meaning that no checks are performed during or after installation unless specifically configured.
-+#
++#  
 +#  Important
 +#   Applying a security policy is not necessary on all systems. This screen should only be used
 +#   when a specific policy is mandated by your organization rules or government regulations.
 +#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
 +#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
 +#   Values can be optionally enclosed in single quotes (') or double quotes (").
-+#
++#   
 +#  The following keys are recognized by the add-on:
 +#    content-type - Type of the security content. Possible values are datastream, archive, rpm, and scap-security-guide.
 +#      - If the content-type is scap-security-guide, the add-on will use content provided by the
@@ -27191,7 +29296,7 @@ index 00000000..995a0d8e
 +#    tailoring-path - Path to a tailoring file which should be used, given as a relative path in the archive.
 +#
 +#  The following is an example %addon org_fedora_oscap section which uses content from the
-+#  scap-security-guide on the installation media:
++#  scap-security-guide on the installation media: 
 +%addon org_fedora_oscap
 +	content-type = scap-security-guide
 +	profile = xccdf_org.ssgproject.content_profile_anssi_bp28_enhanced
@@ -27210,10 +29315,10 @@ index 00000000..995a0d8e
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_high-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_high-ks.cfg
 new file mode 100644
-index 00000000..603835c3
+index 000000000..1ad295d4e
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_high-ks.cfg
-@@ -0,0 +1,173 @@
+@@ -0,0 +1,162 @@
 +# SCAP Security Guide ANSSI BP-028 (high) profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2020-12-10
@@ -27260,11 +29365,6 @@ index 00000000..603835c3
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --bootproto dhcp --noipv6
 +
 +# Set the system's root password (required)
@@ -27284,12 +29384,6 @@ index 00000000..603835c3
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -27389,10 +29483,10 @@ index 00000000..603835c3
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_intermediary-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_intermediary-ks.cfg
 new file mode 100644
-index 00000000..16b3faa0
+index 000000000..376cade2b
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_intermediary-ks.cfg
-@@ -0,0 +1,169 @@
+@@ -0,0 +1,158 @@
 +# SCAP Security Guide ANSSI BP-028 (intermediary) profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-01-28
@@ -27439,11 +29533,6 @@ index 00000000..16b3faa0
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --bootproto dhcp --noipv6
 +
 +# Set the system's root password (required)
@@ -27463,12 +29552,6 @@ index 00000000..16b3faa0
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# Set the system time zone (required)
 +timezone --utc America/New_York
 +
@@ -27564,10 +29647,10 @@ index 00000000..16b3faa0
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_minimal-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_minimal-ks.cfg
 new file mode 100644
-index 00000000..ba9b2eb4
+index 000000000..f8ab2250a
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_minimal-ks.cfg
-@@ -0,0 +1,133 @@
+@@ -0,0 +1,122 @@
 +# SCAP Security Guide ANSSI BP-028 (minimal) profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-01-28
@@ -27614,11 +29697,6 @@ index 00000000..ba9b2eb4
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --bootproto dhcp
 +
 +# Set the system's root password (required)
@@ -27628,12 +29706,6 @@ index 00000000..ba9b2eb4
 +# to see how to create encrypted password form for different plaintext password
 +rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# Set the system time zone (required)
 +timezone --utc America/New_York
 +
@@ -27703,10 +29775,10 @@ index 00000000..ba9b2eb4
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis-ks.cfg
 new file mode 100644
-index 00000000..b5d9a693
+index 000000000..8553b192d
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cis-ks.cfg
-@@ -0,0 +1,143 @@
+@@ -0,0 +1,132 @@
 +# SCAP Security Guide CIS profile (Level 2 - Server) kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-12
@@ -27754,11 +29826,6 @@ index 00000000..b5d9a693
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --device eth0 --bootproto dhcp --noipv6
 +
 +# Set the system's root password (required)
@@ -27777,12 +29844,6 @@ index 00000000..b5d9a693
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -27794,7 +29855,7 @@ index 00000000..b5d9a693
 +# Plaintext password is: password
 +# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
 +# encrypted password form for different plaintext password
-+bootloader --location=mbr --append="crashkernel=auto rhgb quiet" --password=$6$zCPaBARiNlBYUAS7$40phthWpqvaPVz3QUeIK6n5qoazJDJD5Nlc9OKy5SyYoX9Rt4jFaLjzqJCwpgR4RVAEFSADsqQot0WKs5qNto0
++bootloader --location=mbr --append="crashkernel=auto rhgb quiet" --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
 +
 +# Initialize (format) all disks (optional)
 +zerombr
@@ -27852,10 +29913,10 @@ index 00000000..b5d9a693
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis_server_l1-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis_server_l1-ks.cfg
 new file mode 100644
-index 00000000..55e94b1c
+index 000000000..b599aa433
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cis_server_l1-ks.cfg
-@@ -0,0 +1,133 @@
+@@ -0,0 +1,122 @@
 +# SCAP Security Guide CIS profile (Level 1 - Server) kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-12
@@ -27903,11 +29964,6 @@ index 00000000..55e94b1c
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --device eth0 --bootproto dhcp --noipv6
 +
 +# Set the system's root password (required)
@@ -27926,12 +29982,6 @@ index 00000000..55e94b1c
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -27991,10 +30041,10 @@ index 00000000..55e94b1c
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l1-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l1-ks.cfg
 new file mode 100644
-index 00000000..c4a9001f
+index 000000000..e72a1d61f
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l1-ks.cfg
-@@ -0,0 +1,133 @@
+@@ -0,0 +1,122 @@
 +# SCAP Security Guide CIS profile (Level 1 - Workstation) kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-12
@@ -28042,11 +30092,6 @@ index 00000000..c4a9001f
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --device eth0 --bootproto dhcp --noipv6
 +
 +# Set the system's root password (required)
@@ -28065,12 +30110,6 @@ index 00000000..c4a9001f
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -28130,10 +30169,10 @@ index 00000000..c4a9001f
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l2-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l2-ks.cfg
 new file mode 100644
-index 00000000..1b766f5e
+index 000000000..36e6989aa
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l2-ks.cfg
-@@ -0,0 +1,143 @@
+@@ -0,0 +1,132 @@
 +# SCAP Security Guide CIS profile (Level 2 - Workstation) kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-12
@@ -28181,11 +30220,6 @@ index 00000000..1b766f5e
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --device eth0 --bootproto dhcp --noipv6
 +
 +# Set the system's root password (required)
@@ -28204,12 +30238,6 @@ index 00000000..1b766f5e
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -28279,10 +30307,10 @@ index 00000000..1b766f5e
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cui-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cui-ks.cfg
 new file mode 100644
-index 00000000..0255ad13
+index 000000000..1af24eeca
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cui-ks.cfg
-@@ -0,0 +1,164 @@
+@@ -0,0 +1,153 @@
 +# SCAP Security Guide CUI profile kickstart for AlmaLinux 8
 +#
 +# Based on:
@@ -28327,11 +30355,6 @@ index 00000000..0255ad13
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --bootproto dhcp
 +
 +# Set the system's root password (required)
@@ -28351,12 +30374,6 @@ index 00000000..0255ad13
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -28449,10 +30466,10 @@ index 00000000..0255ad13
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-e8-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-e8-ks.cfg
 new file mode 100644
-index 00000000..410bb4ab
+index 000000000..3e2e169eb
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-e8-ks.cfg
-@@ -0,0 +1,122 @@
+@@ -0,0 +1,111 @@
 +# SCAP Security Guide Essential Eight profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2019-11-13
@@ -28500,11 +30517,6 @@ index 00000000..410bb4ab
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --device eth0 --bootproto dhcp --noipv6
 +
 +# Set the system's root password (required)
@@ -28523,12 +30535,6 @@ index 00000000..410bb4ab
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -28577,10 +30583,10 @@ index 00000000..410bb4ab
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-hipaa-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-hipaa-ks.cfg
 new file mode 100644
-index 00000000..90ba7a55
+index 000000000..93899d99a
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-hipaa-ks.cfg
-@@ -0,0 +1,122 @@
+@@ -0,0 +1,111 @@
 +# SCAP Security Guide HIPAA profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2020-05-25
@@ -28628,11 +30634,6 @@ index 00000000..90ba7a55
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --device eth0 --bootproto dhcp --noipv6
 +
 +# Set the system's root password (required)
@@ -28651,12 +30652,6 @@ index 00000000..90ba7a55
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -28705,10 +30700,10 @@ index 00000000..90ba7a55
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-ism_o-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-ism_o-ks.cfg
 new file mode 100644
-index 00000000..2dc58251
+index 000000000..573edb572
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-ism_o-ks.cfg
-@@ -0,0 +1,116 @@
+@@ -0,0 +1,110 @@
 +# SCAP Security Guide ISM Official profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-16
@@ -28776,12 +30771,6 @@ index 00000000..2dc58251
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -28827,10 +30816,10 @@ index 00000000..2dc58251
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-ospp-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-ospp-ks.cfg
 new file mode 100644
-index 00000000..d36a3a9d
+index 000000000..58805cdfc
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-ospp-ks.cfg
-@@ -0,0 +1,164 @@
+@@ -0,0 +1,153 @@
 +# SCAP Security Guide OSPP profile kickstart for AlmaLinux 8
 +#
 +# Based on:
@@ -28875,11 +30864,6 @@ index 00000000..d36a3a9d
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --bootproto dhcp
 +
 +# Set the system's root password (required)
@@ -28899,12 +30883,6 @@ index 00000000..d36a3a9d
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -28997,10 +30975,10 @@ index 00000000..d36a3a9d
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-pci-dss-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-pci-dss-ks.cfg
 new file mode 100644
-index 00000000..219ee0fc
+index 000000000..53eab4a5a
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-pci-dss-ks.cfg
-@@ -0,0 +1,154 @@
+@@ -0,0 +1,148 @@
 +# SCAP Security Guide PCI-DSS profile kickstart for AlmaLinux 8
 +#
 +# Based on:
@@ -29060,12 +31038,6 @@ index 00000000..219ee0fc
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -29157,10 +31129,10 @@ index 00000000..219ee0fc
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-stig-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-stig-ks.cfg
 new file mode 100644
-index 00000000..866e49af
+index 000000000..0a1ad0359
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-stig-ks.cfg
-@@ -0,0 +1,165 @@
+@@ -0,0 +1,155 @@
 +# SCAP Security Guide STIG profile kickstart for AlmaLinux 8
 +#
 +# Based on:
@@ -29205,11 +31177,6 @@ index 00000000..866e49af
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --bootproto dhcp
 +
 +# Set the system's root password (required)
@@ -29229,11 +31196,6 @@ index 00000000..866e49af
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
 +
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
@@ -29328,10 +31290,10 @@ index 00000000..866e49af
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-stig_gui-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-stig_gui-ks.cfg
 new file mode 100644
-index 00000000..699b5018
+index 000000000..556f64de4
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-stig_gui-ks.cfg
-@@ -0,0 +1,165 @@
+@@ -0,0 +1,154 @@
 +# SCAP Security Guide STIG with GUI profile kickstart for AlmaLinux 8
 +#
 +# Based on:
@@ -29376,11 +31338,6 @@ index 00000000..699b5018
 +# --device	device to be activated and / or configured with the network command
 +# --bootproto	method to obtain networking configuration for device (default dhcp)
 +# --noipv6	disable IPv6 on this device
-+#
-+# NOTE: Usage of DHCP will fail CCE-27021-5 (DISA FSO RHEL-06-000292). To use static IP configuration,
-+#       "--bootproto=static" must be used. For example:
-+# network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
-+#
 +network --onboot yes --bootproto dhcp
 +
 +# Set the system's root password (required)
@@ -29400,12 +31357,6 @@ index 00000000..699b5018
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
-+# Set up the authentication options for the system (required)
-+# sssd profile sets sha512 to hash passwords
-+# passwords are shadowed by default
-+# See the manual page for authselect-profile for a complete list of possible options.
-+authselect select sssd
-+
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -29499,7 +31450,7 @@ index 00000000..699b5018
 +reboot --eject
 diff --git a/products/almalinux8/overlays/srg_support.xml b/products/almalinux8/overlays/srg_support.xml
 new file mode 100644
-index 00000000..153b22a8
+index 000000000..08c87ea68
 --- /dev/null
 +++ b/products/almalinux8/overlays/srg_support.xml
 @@ -0,0 +1,173 @@
@@ -29669,7 +31620,7 @@ index 00000000..153b22a8
 +Procedures to promptly apply software updates must be established and
 +executed. The AlmaLinux operating system provides support for automating such a
 +process, by running the yum program through a cron job or by managing the
-+system and its packages through the the Foreman.
++system and its packages through the Foreman.
 +
 +
 +
@@ -29678,10 +31629,10 @@ index 00000000..153b22a8
 +
 diff --git a/products/almalinux8/product.yml b/products/almalinux8/product.yml
 new file mode 100644
-index 00000000..a3b26ef7
+index 000000000..9f4ddf74d
 --- /dev/null
 +++ b/products/almalinux8/product.yml
-@@ -0,0 +1,34 @@
+@@ -0,0 +1,40 @@
 +product: almalinux8
 +full_name: AlmaLinux 8
 +type: platform
@@ -29698,11 +31649,17 @@ index 00000000..a3b26ef7
 +pkg_release: "5ffd890e"
 +pkg_version: "3abb34f8"
 +
-+oval_feed_url: "https://security.almalinux.org/oval/org.almalinux.alsa-8.xml"
++oval_feed_url: "https://security.almalinux.org/oval/org.almalinux.alsa-8.xml.bz2"
 +
 +grub2_boot_path: "/boot/grub2"
 +grub2_uefi_boot_path: "/boot/efi/EFI/almalinux"
 +
++groups:
++  dedicated_ssh_keyowner:
++    name: ssh_keys
++
++faillock_path: "/var/log/faillock"
++
 +cpes_root: "../../shared/applicability"
 +cpes:
 +  - almalinux8:
@@ -29718,7 +31675,7 @@ index 00000000..a3b26ef7
 +  cis: 'https://www.cisecurity.org/benchmark/almalinuxos_linux/'
 diff --git a/products/almalinux8/profiles/anssi_bp28_enhanced.profile b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
 new file mode 100644
-index 00000000..8f2ee314
+index 000000000..8f2ee3149
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
 @@ -0,0 +1,19 @@
@@ -29743,7 +31700,7 @@ index 00000000..8f2ee314
 +    - anssi:all:enhanced
 diff --git a/products/almalinux8/profiles/anssi_bp28_high.profile b/products/almalinux8/profiles/anssi_bp28_high.profile
 new file mode 100644
-index 00000000..0cd4b67f
+index 000000000..0cd4b67f8
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_high.profile
 @@ -0,0 +1,19 @@
@@ -29768,7 +31725,7 @@ index 00000000..0cd4b67f
 +    - anssi:all:high
 diff --git a/products/almalinux8/profiles/anssi_bp28_intermediary.profile b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
 new file mode 100644
-index 00000000..9c9e4cc6
+index 000000000..9c9e4cc66
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
 @@ -0,0 +1,19 @@
@@ -29793,7 +31750,7 @@ index 00000000..9c9e4cc6
 +  - anssi:all:intermediary
 diff --git a/products/almalinux8/profiles/anssi_bp28_minimal.profile b/products/almalinux8/profiles/anssi_bp28_minimal.profile
 new file mode 100644
-index 00000000..19a95efb
+index 000000000..19a95efb7
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_minimal.profile
 @@ -0,0 +1,20 @@
@@ -29819,15 +31776,16 @@ index 00000000..19a95efb
 +
 diff --git a/products/almalinux8/profiles/cis.profile b/products/almalinux8/profiles/cis.profile
 new file mode 100644
-index 00000000..8a76db5d
+index 000000000..5b176ac6a
 --- /dev/null
 +++ b/products/almalinux8/profiles/cis.profile
-@@ -0,0 +1,22 @@
+@@ -0,0 +1,23 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: 1.0.1
++    version: 2.0.0
 +    SMEs:
++        - marcusburghardt
 +        - vojtapolasek
 +        - yuumasato
 +
@@ -29838,7 +31796,7 @@ index 00000000..8a76db5d
 +description: |-
 +    This profile defines a baseline that aligns to the "Level 2 - Server"
 +    configuration from the Center for Internet Security®
-+    AlmaLinux OS 8 Benchmarkâ„¢, v1.0.0, released 10-22-2021.
++    AlmaLinux OS 8 Benchmarkâ„¢, v2.0.0, released 05-31-2022.
 +
 +    This profile includes Center for Internet Security®
 +    AlmaLinux OS 8 CIS Benchmarksâ„¢ content.
@@ -29847,15 +31805,16 @@ index 00000000..8a76db5d
 +    - cis_rhel8:all:l2_server
 diff --git a/products/almalinux8/profiles/cis_server_l1.profile b/products/almalinux8/profiles/cis_server_l1.profile
 new file mode 100644
-index 00000000..2da081cd
+index 000000000..a067db30c
 --- /dev/null
 +++ b/products/almalinux8/profiles/cis_server_l1.profile
-@@ -0,0 +1,22 @@
+@@ -0,0 +1,23 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: 1.0.1
++    version: 2.0.0
 +    SMEs:
++        - marcusburghardt
 +        - vojtapolasek
 +        - yuumasato
 +
@@ -29866,7 +31825,7 @@ index 00000000..2da081cd
 +description: |-
 +    This profile defines a baseline that aligns to the "Level 1 - Server"
 +    configuration from the Center for Internet Security®
-+    AlmaLinux OS 8 Benchmarkâ„¢, v1.0.0, released 10-22-2021.
++    AlmaLinux OS 8 Benchmarkâ„¢, v2.0.0, released 05-31-2022.
 +
 +    This profile includes Center for Internet Security®
 +    AlmaLinux OS 8 CIS Benchmarksâ„¢ content.
@@ -29875,15 +31834,16 @@ index 00000000..2da081cd
 +    - cis_rhel8:all:l1_server
 diff --git a/products/almalinux8/profiles/cis_workstation_l1.profile b/products/almalinux8/profiles/cis_workstation_l1.profile
 new file mode 100644
-index 00000000..2ee3bf7c
+index 000000000..247e968d2
 --- /dev/null
 +++ b/products/almalinux8/profiles/cis_workstation_l1.profile
-@@ -0,0 +1,22 @@
+@@ -0,0 +1,23 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: 1.0.1
++    version: 2.0.0
 +    SMEs:
++        - marcusburghardt
 +        - vojtapolasek
 +        - yuumasato
 +
@@ -29894,7 +31854,7 @@ index 00000000..2ee3bf7c
 +description: |-
 +    This profile defines a baseline that aligns to the "Level 1 - Workstation"
 +    configuration from the Center for Internet Security®
-+    AlmaLinux OS 8 Benchmarkâ„¢, v1.0.0, released 10-22-2021.
++    AlmaLinux OS 8 Benchmarkâ„¢, v2.0.0, released 05-31-2022.
 +
 +    This profile includes Center for Internet Security®
 +    AlmaLinux OS 8 CIS Benchmarksâ„¢ content.
@@ -29903,15 +31863,16 @@ index 00000000..2ee3bf7c
 +    - cis_rhel8:all:l1_workstation
 diff --git a/products/almalinux8/profiles/cis_workstation_l2.profile b/products/almalinux8/profiles/cis_workstation_l2.profile
 new file mode 100644
-index 00000000..8af16bfe
+index 000000000..bfe8bea3d
 --- /dev/null
 +++ b/products/almalinux8/profiles/cis_workstation_l2.profile
-@@ -0,0 +1,22 @@
+@@ -0,0 +1,23 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: 1.0.1
++    version: 2.0.0
 +    SMEs:
++        - marcusburghardt
 +        - vojtapolasek
 +        - yuumasato
 +
@@ -29922,7 +31883,7 @@ index 00000000..8af16bfe
 +description: |-
 +    This profile defines a baseline that aligns to the "Level 2 - Workstation"
 +    configuration from the Center for Internet Security®
-+    AlmaLinux OS 8 Benchmarkâ„¢, v1.0.0, released 10-22-2021.
++    AlmaLinux OS 8 Benchmarkâ„¢, v2.0.0, released 05-31-2022.
 +
 +    This profile includes Center for Internet Security®
 +    AlmaLinux OS 8 CIS Benchmarksâ„¢ content.
@@ -29931,10 +31892,10 @@ index 00000000..8af16bfe
 +    - cis_rhel8:all:l2_workstation
 diff --git a/products/almalinux8/profiles/cjis.profile b/products/almalinux8/profiles/cjis.profile
 new file mode 100644
-index 00000000..f3f28bda
+index 000000000..21ecf67a8
 --- /dev/null
 +++ b/products/almalinux8/profiles/cjis.profile
-@@ -0,0 +1,141 @@
+@@ -0,0 +1,143 @@
 +documentation_complete: false
 +
 +metadata:
@@ -30000,7 +31961,6 @@ index 00000000..f3f28bda
 +    - accounts_password_all_shadowed
 +    - no_empty_passwords
 +    - display_login_attempts
-+    - var_accounts_password_minlen_login_defs=12
 +    - var_accounts_maximum_age_login_defs=90
 +    - var_password_pam_unix_remember=10
 +    - var_account_disable_post_pw_expiration=0
@@ -30012,6 +31972,8 @@ index 00000000..f3f28bda
 +    - accounts_password_pam_minlen
 +    - accounts_minimum_age_login_defs
 +    - accounts_password_pam_difok
++    - var_authselect_profile=sssd
++    - enable_authselect
 +    - accounts_max_concurrent_login_sessions
 +    - set_password_hashing_algorithm_systemauth
 +    - set_password_hashing_algorithm_passwordauth
@@ -30033,6 +31995,7 @@ index 00000000..f3f28bda
 +    - var_accounts_passwords_pam_faillock_unlock_time=600
 +    - dconf_db_up_to_date
 +    - dconf_gnome_screensaver_idle_delay
++    - dconf_gnome_session_idle_user_locks
 +    - dconf_gnome_screensaver_idle_activation_enabled
 +    - dconf_gnome_screensaver_lock_enabled
 +    - dconf_gnome_screensaver_mode_blank
@@ -30078,7 +32041,7 @@ index 00000000..f3f28bda
 +    - kernel_module_bluetooth_disabled
 diff --git a/products/almalinux8/profiles/cui.profile b/products/almalinux8/profiles/cui.profile
 new file mode 100644
-index 00000000..b772740c
+index 000000000..216999b09
 --- /dev/null
 +++ b/products/almalinux8/profiles/cui.profile
 @@ -0,0 +1,32 @@
@@ -30106,7 +32069,7 @@ index 00000000..b772740c
 +    supplement the basic security requirements, are taken from the security controls
 +    in NIST Special Publication 800-53.
 +
-+    This profile configures AlmaLinux OS 8 to the NIST Special
++    This profile configures AlmaLinux 8 to the NIST Special
 +    Publication 800-53 controls identified for securing Controlled Unclassified
 +    Information (CUI)."
 +
@@ -30116,22 +32079,23 @@ index 00000000..b772740c
 +    - inactivity_timeout_value=10_minutes
 diff --git a/products/almalinux8/profiles/e8.profile b/products/almalinux8/profiles/e8.profile
 new file mode 100644
-index 00000000..65004519
+index 000000000..2a2a95394
 --- /dev/null
 +++ b/products/almalinux8/profiles/e8.profile
-@@ -0,0 +1,149 @@
+@@ -0,0 +1,152 @@
 +documentation_complete: true
 +
 +metadata:
 +    SMEs:
 +        - shaneboulden
++        - tjbutt58
 +
 +reference: https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers
 +
 +title: 'Australian Cyber Security Centre (ACSC) Essential Eight'
 +
 +description: |-
-+  This profile contains configuration checks for AlmaLinux OS 8
++  This profile contains configuration checks for AlmaLinux 8
 +  that align to the Australian Cyber Security Centre (ACSC) Essential Eight.
 +
 +  A copy of the Essential Eight in Linux Environments guide can be found at the
@@ -30196,6 +32160,8 @@ index 00000000..65004519
 +  - file_ownership_library_dirs
 +
 +  ### Passwords
++  - var_authselect_profile=sssd
++  - enable_authselect
 +  - no_empty_passwords
 +
 +  ### Partitioning
@@ -30271,10 +32237,10 @@ index 00000000..65004519
 +  - package_rear_installed
 diff --git a/products/almalinux8/profiles/hipaa.profile b/products/almalinux8/profiles/hipaa.profile
 new file mode 100644
-index 00000000..2e8a33d3
+index 000000000..40e3bb698
 --- /dev/null
 +++ b/products/almalinux8/profiles/hipaa.profile
-@@ -0,0 +1,164 @@
+@@ -0,0 +1,166 @@
 +documentation_complete: True
 +
 +metadata:
@@ -30301,7 +32267,6 @@ index 00000000..2e8a33d3
 +    - grub2_password
 +    - grub2_uefi_password
 +    - file_groupowner_grub2_cfg
-+    - file_permissions_grub2_cfg
 +    - file_owner_grub2_cfg
 +    - grub2_disable_interactive_boot
 +    - no_direct_root_logins
@@ -30332,6 +32297,8 @@ index 00000000..2e8a33d3
 +    - service_xinetd_disabled
 +    - service_zebra_disabled
 +    - use_kerberos_security_all_exports
++    - var_authselect_profile=sssd
++    - enable_authselect
 +    - disable_host_auth
 +    - sshd_allow_only_protocol2
 +    - sshd_disable_compression
@@ -30423,6 +32390,7 @@ index 00000000..2e8a33d3
 +    - audit_rules_session_events
 +    - audit_rules_sysadmin_actions
 +    - audit_rules_system_shutdown
++    - var_audit_failure_mode=panic
 +    - audit_rules_time_adjtimex
 +    - audit_rules_time_clock_settime
 +    - audit_rules_time_settimeofday
@@ -30441,17 +32409,19 @@ index 00000000..2e8a33d3
 +    - audit_rules_usergroup_modification_shadow
 diff --git a/products/almalinux8/profiles/ism_o.profile b/products/almalinux8/profiles/ism_o.profile
 new file mode 100644
-index 00000000..2a281cdc
+index 000000000..719f90700
 --- /dev/null
 +++ b/products/almalinux8/profiles/ism_o.profile
-@@ -0,0 +1,135 @@
+@@ -0,0 +1,139 @@
 +documentation_complete: true
 +
 +metadata:
 +    SMEs:
 +        - shaneboulden
 +        - wcushen
-+        - ahamilto156
++        - eliseelk
++        - sashperso
++        - anjuskantha
 +
 +reference: https://www.cyber.gov.au/ism
 +
@@ -30463,7 +32433,7 @@ index 00000000..2a281cdc
 +  with the applicability marking of OFFICIAL.
 +
 +  The ISM uses a risk-based approach to cyber security. This profile provides a guide to aligning
-+  Red Hat Enterprise Linux security controls with the ISM, which can be used to select controls
++  AlmaLinux security controls with the ISM, which can be used to select controls 
 +  specific to an organisation's security posture and risk profile.
 +
 +  A copy of the ISM can be found at the ACSC website:
@@ -30517,6 +32487,8 @@ index 00000000..2a281cdc
 +  - var_accounts_password_warn_age_login_defs=7
 +  - var_accounts_minimum_age_login_defs=1
 +  - var_accounts_maximum_age_login_defs=60
++  - var_authselect_profile=sssd
++  - enable_authselect
 +  - accounts_password_warn_age_login_defs
 +  - accounts_maximum_age_login_defs
 +  - accounts_minimum_age_login_defs
@@ -30580,43 +32552,12 @@ index 00000000..2a281cdc
 +  - sshd_enable_warning_banner
 +  - sshd_disable_x11_forwarding
 +  - file_permissions_sshd_private_key
-diff --git a/products/almalinux8/profiles/ospp-mls.profile b/products/almalinux8/profiles/ospp-mls.profile
-new file mode 100644
-index 00000000..d1d1b8af
---- /dev/null
-+++ b/products/almalinux8/profiles/ospp-mls.profile
-@@ -0,0 +1,25 @@
-+documentation_complete: false
-+
-+title: 'Protection Profile for General Purpose Operating Systems - MLS Mode'
-+
-+description: |-
-+    Placeholder to put MLS specific rules
-+
-+extends: ospp
-+
-+selections:
-+
-+    ################################################
-+    ## MUST INSTALL PACKAGES IN MLS MODE
-+    #cups
-+    #foomatic
-+    #ghostscript
-+    #ghostscript-fonts
-+    #checkpolicy
-+    #mcstrans
-+    #policycoreutils-newrole
-+    #selinux-policy-devel
-+    ##xinetd
-+    #iproute
-+    #iputils
-+    #netlabel_tools
 diff --git a/products/almalinux8/profiles/ospp.profile b/products/almalinux8/profiles/ospp.profile
 new file mode 100644
-index 00000000..9d06f9a9
+index 000000000..30b40b6d0
 --- /dev/null
 +++ b/products/almalinux8/profiles/ospp.profile
-@@ -0,0 +1,445 @@
+@@ -0,0 +1,437 @@
 +documentation_complete: true
 +
 +metadata:
@@ -30749,6 +32690,7 @@ index 00000000..9d06f9a9
 +    - grub2_audit_argument
 +    - grub2_audit_backlog_limit_argument
 +    - grub2_slub_debug_argument
++    - var_slub_debug_options=P
 +    - grub2_page_poison_argument
 +    - grub2_vsyscall_argument
 +    - grub2_vsyscall_argument.role=unscored
@@ -30782,9 +32724,8 @@ index 00000000..9d06f9a9
 +    - auditd_log_format
 +    - auditd_freq
 +    - auditd_name_format
-+    - auditd_audispd_syslog_plugin_activated
 +
-+    ### Module Blacklist
++    ### Module Disabled
 +    - kernel_module_cramfs_disabled
 +    - kernel_module_bluetooth_disabled
 +    - kernel_module_sctp_disabled
@@ -30812,8 +32753,6 @@ index 00000000..9d06f9a9
 +    - package_openssh-clients_installed
 +    - package_policycoreutils-python-utils_installed
 +    - package_rsyslog_installed
-+    - package_rsyslog-gnutls_installed
-+    - package_audispd-plugins_installed
 +    - package_chrony_installed
 +    - package_gnutls-utils_installed
 +
@@ -30826,10 +32765,10 @@ index 00000000..9d06f9a9
 +    - package_abrt-addon-kerneloops_removed
 +    - package_python3-abrt-addon_removed
 +    - package_abrt-addon-ccpp_removed
-+    - package_abrt-plugin-rhtsupport_removed
-+    - package_abrt-plugin-logger_removed
 +    - package_abrt-plugin-sosreport_removed
 +    - package_abrt-cli_removed
++    - package_libreport-plugin-rhtsupport_removed
++    - package_libreport-plugin-logger_removed
 +    - package_abrt_removed
 +
 +    ### Login
@@ -30841,6 +32780,8 @@ index 00000000..9d06f9a9
 +    - var_accounts_max_concurrent_login_sessions=10
 +    - accounts_max_concurrent_login_sessions
 +    - securetty_root_login_console_only
++    - var_authselect_profile=minimal
++    - enable_authselect
 +    - var_password_pam_unix_remember=5
 +    - accounts_password_pam_unix_remember
 +    - use_pam_wheel_for_su
@@ -30883,8 +32824,6 @@ index 00000000..9d06f9a9
 +
 +    ## Configure Minimum Password Length to 12 Characters
 +    ## IA-5 (1)(a) / FMT_MOF_EXT.1
-+    - var_accounts_password_minlen_login_defs=12
-+    - accounts_password_minlen_login_defs
 +    - var_password_pam_minlen=12
 +    - accounts_password_pam_minlen
 +
@@ -30925,7 +32864,7 @@ index 00000000..9d06f9a9
 +    ## Disable Unauthenticated Login (such as Guest Accounts)
 +    ## FIA_UAU.1
 +    - require_singleuser_auth
-+    - grub2_disable_interactive_boot
++    - grub2_disable_recovery
 +    - grub2_uefi_password
 +    - no_empty_passwords
 +
@@ -31036,9 +32975,6 @@ index 00000000..9d06f9a9
 +    # Enable dnf-automatic Timer
 +    - timer_dnf-automatic_enabled
 +
-+    # Configure TLS for remote logging
-+    - rsyslog_remote_tls
-+    - rsyslog_remote_tls_cacert
 +
 +    # Prevent Kerberos use by system daemons
 +    - kerberos_disable_no_keytab
@@ -31059,15 +32995,12 @@ index 00000000..9d06f9a9
 +    - zipl_audit_backlog_limit_argument
 +    - zipl_slub_debug_argument
 +    - zipl_page_poison_argument
-+    - zipl_vsyscall_argument
-+    - zipl_vsyscall_argument.role=unscored
-+    - zipl_vsyscall_argument.severity=info
 diff --git a/products/almalinux8/profiles/pci-dss.profile b/products/almalinux8/profiles/pci-dss.profile
 new file mode 100644
-index 00000000..7b64de5e
+index 000000000..da1de8359
 --- /dev/null
 +++ b/products/almalinux8/profiles/pci-dss.profile
-@@ -0,0 +1,149 @@
+@@ -0,0 +1,152 @@
 +documentation_complete: true
 +
 +metadata:
@@ -31168,10 +33101,13 @@ index 00000000..7b64de5e
 +    - no_empty_passwords
 +    - display_login_attempts
 +    - account_disable_post_pw_expiration
++    - var_authselect_profile=sssd
++    - enable_authselect
 +    - accounts_passwords_pam_faillock_deny
 +    - accounts_passwords_pam_faillock_unlock_time
 +    - dconf_db_up_to_date
 +    - dconf_gnome_screensaver_idle_delay
++    - dconf_gnome_session_idle_user_locks
 +    - dconf_gnome_screensaver_idle_activation_enabled
 +    - dconf_gnome_screensaver_lock_enabled
 +    - dconf_gnome_screensaver_mode_blank
@@ -31219,10 +33155,10 @@ index 00000000..7b64de5e
 +    - configure_kerberos_crypto_policy
 diff --git a/products/almalinux8/profiles/rht-ccp.profile b/products/almalinux8/profiles/rht-ccp.profile
 new file mode 100644
-index 00000000..2ac2f5e4
+index 000000000..7e13ea552
 --- /dev/null
 +++ b/products/almalinux8/profiles/rht-ccp.profile
-@@ -0,0 +1,102 @@
+@@ -0,0 +1,100 @@
 +documentation_complete: false
 +
 +title: 'Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)'
@@ -31236,10 +33172,7 @@ index 00000000..2ac2f5e4
 +selections:
 +    - var_selinux_state=enforcing
 +    - var_selinux_policy_name=targeted
-+    - file_owner_logfiles_value=root
-+    - file_groupowner_logfiles_value=root
 +    - sshd_idle_timeout_value=5_minutes
-+    - var_accounts_password_minlen_login_defs=6
 +    - var_accounts_minimum_age_login_defs=7
 +    - var_accounts_passwords_pam_faillock_deny=5
 +    - var_accounts_password_warn_age_login_defs=7
@@ -31268,9 +33201,10 @@ index 00000000..2ac2f5e4
 +    - no_empty_passwords
 +    - accounts_password_all_shadowed
 +    - accounts_no_uid_except_zero
-+    - accounts_password_minlen_login_defs
 +    - accounts_minimum_age_login_defs
 +    - accounts_password_warn_age_login_defs
++    - var_authselect_profile=sssd
++    - enable_authselect
 +    - accounts_password_pam_retry
 +    - accounts_password_pam_dcredit
 +    - accounts_password_pam_ucredit
@@ -31327,17 +33261,17 @@ index 00000000..2ac2f5e4
 +    - configure_ssh_crypto_policy
 diff --git a/products/almalinux8/profiles/standard.profile b/products/almalinux8/profiles/standard.profile
 new file mode 100644
-index 00000000..da736594
+index 000000000..7904d13c4
 --- /dev/null
 +++ b/products/almalinux8/profiles/standard.profile
 @@ -0,0 +1,67 @@
 +documentation_complete: false
 +
-+title: 'Standard System Security Profile for AlmaLinux OS 8'
++title: 'Standard System Security Profile for AlmaLinux 8'
 +
 +description: |-
 +    This profile contains rules to ensure standard security baseline
-+    of a AlmaLinux OS 8 system. Regardless of your system's workload
++    of a AlmaLinux 8 system. Regardless of your system's workload
 +    all of these checks should pass.
 +
 +selections:
@@ -31400,14 +33334,14 @@ index 00000000..da736594
 +    - configure_kerberos_crypto_policy
 diff --git a/products/almalinux8/profiles/stig.profile b/products/almalinux8/profiles/stig.profile
 new file mode 100644
-index 00000000..c76af959
+index 000000000..e8ef7f0c2
 --- /dev/null
 +++ b/products/almalinux8/profiles/stig.profile
-@@ -0,0 +1,1180 @@
+@@ -0,0 +1,1207 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: V1R5
++    version: V1R9
 +    SMEs:
 +        - mab879
 +        - ggbecker
@@ -31418,17 +33352,7 @@ index 00000000..c76af959
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG for Red Hat Enterprise Linux 8 V1R5.
-+
-+    In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this
-+    configuration baseline as applicable to the operating system tier of
-+    Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as:
-+
-+    - Red Hat Enterprise Linux Server
-+    - Red Hat Enterprise Linux Workstation and Desktop
-+    - Red Hat Enterprise Linux for HPC
-+    - Red Hat Storage
-+    - Red Hat Containers with a Red Hat Enterprise Linux 8 image
++    DISA STIG for Red Hat Enterprise Linux 8 V1R9.
 +
 +selections:
 +    ### Variables
@@ -31437,17 +33361,15 @@ index 00000000..c76af959
 +    - var_accounts_user_umask=077
 +    - var_password_pam_difok=8
 +    - var_password_pam_maxrepeat=3
-+    - var_sshd_disable_compression=no
 +    - var_password_hashing_algorithm=SHA512
 +    - var_password_pam_maxclassrepeat=4
 +    - var_password_pam_minclass=4
 +    - var_accounts_minimum_age_login_defs=1
 +    - var_accounts_max_concurrent_login_sessions=10
 +    - var_password_pam_remember=5
-+    - var_password_pam_remember_control_flag=required
++    - var_password_pam_remember_control_flag=requisite_or_required
 +    - var_selinux_state=enforcing
 +    - var_selinux_policy_name=targeted
-+    - var_accounts_password_minlen_login_defs=15
 +    - var_password_pam_unix_rounds=5000
 +    - var_password_pam_minlen=15
 +    - var_password_pam_ocredit=1
@@ -31457,7 +33379,7 @@ index 00000000..c76af959
 +    - var_password_pam_lcredit=1
 +    - var_password_pam_retry=3
 +    - var_password_pam_minlen=15
-+    # - var_sshd_set_keepalive=0
++    - var_sshd_set_keepalive=1
 +    - sshd_approved_macs=stig
 +    - sshd_approved_ciphers=stig
 +    - sshd_idle_timeout_value=10_minutes
@@ -31474,11 +33396,12 @@ index 00000000..c76af959
 +    - var_accounts_maximum_age_login_defs=60
 +    - var_auditd_space_left_percentage=25pc
 +    - var_auditd_space_left_action=email
-+    - var_auditd_disk_error_action=halt
++    - var_auditd_disk_error_action=rhel8
 +    - var_auditd_max_log_file_action=syslog
-+    - var_auditd_disk_full_action=halt
++    - var_auditd_disk_full_action=rhel8
 +    - var_sssd_certificate_verification_digest_function=sha1
 +    - login_banner_text=dod_banners
++    - var_authselect_profile=sssd
 +
 +    ### Enable / Configure FIPS
 +    - enable_fips_mode
@@ -31489,6 +33412,9 @@ index 00000000..c76af959
 +    - configure_kerberos_crypto_policy
 +    - enable_dracut_fips_module
 +
++    # Other needed rules
++    - enable_authselect
++
 +    ### Rules:
 +    # RHEL-08-010000
 +    - installed_OS_is_vendor_supported
@@ -31532,10 +33458,7 @@ index 00000000..c76af959
 +    - accounts_password_all_shadowed_sha512
 +
 +    # RHEL-08-010130
-+    - accounts_password_pam_unix_rounds_password_auth
-+
-+    # RHEL-08-010131
-+    - accounts_password_pam_unix_rounds_system_auth
++    - set_password_hashing_min_rounds_logindefs
 +
 +    # RHEL-08-010140
 +    - grub2_uefi_password
@@ -31576,13 +33499,13 @@ index 00000000..c76af959
 +    # RHEL-08-010190
 +    - dir_perms_world_writable_sticky_bits
 +
-+    # These two items don't behave as they used to in RHEL8.6 and RHEL9
-+    # anymore. They will be disabled for now until an alternative
-+    # solution is found.
-+    # # RHEL-08-010200
-+    # - sshd_set_keepalive_0
-+    # # RHEL-08-010201
-+    # - sshd_set_idle_timeout
++    # Although these rules have a different behavior in RHEL>=8.6
++    # they still need to be selected so it follows exactly what STIG
++    # states.
++    # RHEL-08-010200
++    - sshd_set_keepalive
++    # RHEL-08-010201
++    - sshd_set_idle_timeout
 +
 +    # RHEL-08-010210
 +    - file_permissions_var_log_messages
@@ -31654,12 +33577,17 @@ index 00000000..c76af959
 +
 +    # RHEL-08-010359
 +    - package_aide_installed
++    - aide_build_database
 +
 +    # RHEL-08-010360
 +    - aide_scan_notification
 +
 +    # RHEL-08-010370
 +    - ensure_gpgcheck_globally_activated
++    - ensure_gpgcheck_never_disabled
++
++    # Necessary for package installs after gpgcheck is enabled
++    - ensure_almalinux_gpgkey_installed
 +
 +    # RHEL-08-010371
 +    - ensure_gpgcheck_local_packages
@@ -31718,6 +33646,7 @@ index 00000000..c76af959
 +
 +    # RHEL-08-010423
 +    - grub2_slub_debug_argument
++    - var_slub_debug_options=P
 +
 +    # RHEL-08-010430
 +    - sysctl_kernel_randomize_va_space
@@ -31735,7 +33664,7 @@ index 00000000..c76af959
 +    - no_user_host_based_files
 +
 +    # RHEL-08-010471
-+    - service_rngd_enabled
++    # currently there is not a relevant rule which would improve RNG for RHEL in this context
 +
 +    # RHEL-08-010472
 +    - package_rng-tools_installed
@@ -31749,9 +33678,6 @@ index 00000000..c76af959
 +    # RHEL-08-010500
 +    - sshd_enable_strictmodes
 +
-+    # RHEL-08-010510
-+    - sshd_disable_compression
-+
 +    # RHEL-08-010520
 +    - sshd_disable_user_known_hosts
 +
@@ -31788,6 +33714,9 @@ index 00000000..c76af959
 +    # RHEL-08-010571
 +    - mount_option_boot_nosuid
 +
++    # RHEL-08-010572
++    - mount_option_boot_efi_nosuid
++
 +    # RHEL-08-010580
 +    - mount_option_nodev_nonroot_local_partitions
 +
@@ -31843,6 +33772,7 @@ index 00000000..c76af959
 +    - dir_perms_world_writable_root_owned
 +
 +    # RHEL-08-010710
++    - dir_perms_world_writable_system_owned_group
 +
 +    # RHEL-08-010720
 +    - accounts_user_interactive_home_directory_defined
@@ -31850,9 +33780,15 @@ index 00000000..c76af959
 +    # RHEL-08-010730
 +    - file_permissions_home_directories
 +
++    # RHEL-08-010731
++    - accounts_users_home_files_permissions
++
 +    # RHEL-08-010740
 +    - file_groupownership_home_directories
 +
++    # RHEL-08-010741
++    - accounts_users_home_files_groupownership
++
 +    # RHEL-08-010750
 +    - accounts_user_interactive_home_directory_exists
 +
@@ -31886,17 +33822,17 @@ index 00000000..c76af959
 +    # RHEL-08-020012, RHEL-08-020013
 +    - accounts_passwords_pam_faillock_interval
 +
-+    # RHEL-08-020014, RHEL-08-020016, RHEL-08-020017
++    # RHEL-08-020014, RHEL-08-020015
 +    - accounts_passwords_pam_faillock_unlock_time
 +
-+    # RHEL-08-020015
++    # RHEL-08-020016, RHEL-08-020017
++    - accounts_passwords_pam_faillock_dir
 +
-+    # RHEL-08-020018, RHEL-08-020019
-+    - accounts_passwords_pam_faillock_deny
++    # # RHEL-08-020018, RHEL-08-020019
++    - accounts_passwords_pam_faillock_silent
 +
-+    # RHEL-08-020020
-+
-+    # RHEL-08-020021
++    # RHEL-08-020020, RHEL-08-020021
++    - accounts_passwords_pam_faillock_audit
 +
 +    # RHEL-08-020022, RHEL-08-020023
 +    - accounts_passwords_pam_faillock_deny_root
@@ -31904,17 +33840,28 @@ index 00000000..c76af959
 +    # RHEL-08-020024
 +    - accounts_max_concurrent_login_sessions
 +
++    # RHEL-08-020027, RHEL-08-020028
++    - account_password_selinux_faillock_dir
++
 +    # RHEL-08-020030
 +    - dconf_gnome_screensaver_lock_enabled
 +
++    # RHEL-08-020031, RHEL-08-020080
++    - dconf_gnome_screensaver_lock_delay
++    - var_screensaver_lock_delay=5_seconds
++
++    # RHEL-08-020032
++    - dconf_gnome_disable_user_list
++
 +    # RHEL-08-020039
 +    - package_tmux_installed
 +
 +    # RHEL-08-020040
 +    - configure_tmux_lock_command
++    - configure_tmux_lock_keybinding
 +
 +    # RHEL-08-020041
-+    - configure_bashrc_exec_tmux
++    - configure_bashrc_tmux
 +
 +    # RHEL-08-020042
 +    - no_tmux_in_shells
@@ -31929,6 +33876,10 @@ index 00000000..c76af959
 +    - configure_tmux_lock_after_time
 +
 +    # RHEL-08-020080
++    - dconf_gnome_screensaver_user_locks
++
++    # RHEL-08-020081
++    - dconf_gnome_session_idle_user_locks
 +
 +    # RHEL-08-020090
 +    - sssd_enable_certmap
@@ -31992,9 +33943,6 @@ index 00000000..c76af959
 +    # RHEL-08-020230
 +    - accounts_password_pam_minlen
 +
-+    # RHEL-08-020231
-+    - accounts_password_minlen_login_defs
-+
 +    # RHEL-08-020240
 +    - account_unique_id
 +
@@ -32057,14 +34005,12 @@ index 00000000..c76af959
 +    - auditd_data_retention_action_mail_acct
 +
 +    # RHEL-08-030030
-+    - postfix_client_configure_mail_alias
++    - postfix_client_configure_mail_alias_postmaster
++    - package_postfix_installed
 +
 +    # RHEL-08-030040
 +    - auditd_data_disk_error_action
 +
-+    # RHEL-08-030050
-+    - auditd_data_retention_max_log_file_action
-+
 +    # RHEL-08-030060
 +    - auditd_data_disk_full_action
 +
@@ -32105,7 +34051,7 @@ index 00000000..c76af959
 +    - audit_rules_immutable
 +
 +    # RHEL-08-030122
-+    - audit_immutable_login_uids
++    - audit_rules_immutable_login_uids
 +
 +    # RHEL-08-030130
 +    - audit_rules_usergroup_modification_shadow
@@ -32279,10 +34225,13 @@ index 00000000..c76af959
 +    - file_permissions_etc_audit_rulesd
 +
 +    # RHEL-08-030620
++    - file_audit_tools_permissions
 +
 +    # RHEL-08-030630
++    - file_audit_tools_ownership
 +
 +    # RHEL-08-030640
++    - file_audit_tools_group_ownership
 +
 +    # RHEL-08-030650
 +    - aide_check_audit_tools
@@ -32335,9 +34284,9 @@ index 00000000..c76af959
 +    - package_abrt-addon-kerneloops_removed
 +    - package_python3-abrt-addon_removed
 +    - package_abrt-cli_removed
-+    - package_abrt-plugin-logger_removed
-+    - package_abrt-plugin-rhtsupport_removed
 +    - package_abrt-plugin-sosreport_removed
++    - package_libreport-plugin-rhtsupport_removed
++    - package_libreport-plugin-logger_removed
 +
 +    # RHEL-08-040002
 +    - package_sendmail_removed
@@ -32448,6 +34397,9 @@ index 00000000..c76af959
 +    # RHEL-08-040136
 +    - service_fapolicyd_enabled
 +
++    # RHEL-08-040137
++    - fapolicy_default_deny
++
 +    # RHEL-08-040139
 +    - package_usbguard_installed
 +
@@ -32510,8 +34462,11 @@ index 00000000..c76af959
 +    # RHEL-08-040250
 +    - sysctl_net_ipv6_conf_default_accept_source_route
 +
++    # RHEL-08-040259
++    - sysctl_net_ipv4_conf_all_forwarding
++
 +    # RHEL-08-040260
-+    - sysctl_net_ipv4_ip_forward
++    - sysctl_net_ipv6_conf_all_forwarding
 +
 +    # RHEL-08-040261
 +    - sysctl_net_ipv6_conf_all_accept_ra
@@ -32584,16 +34539,22 @@ index 00000000..c76af959
 +
 +    # RHEL-08-040390
 +    - package_tuned_removed
++
++    # RHEL-08-040400
++    - selinux_user_login_roles
++
++    # RHEL-08-010163
++    - package_krb5-server_removed
 diff --git a/products/almalinux8/profiles/stig_gui.profile b/products/almalinux8/profiles/stig_gui.profile
 new file mode 100644
-index 00000000..d29ceb9c
+index 000000000..a3f39db52
 --- /dev/null
 +++ b/products/almalinux8/profiles/stig_gui.profile
-@@ -0,0 +1,40 @@
+@@ -0,0 +1,33 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: V1R5
++    version: V1R9
 +    SMEs:
 +        - mab879
 +        - ggbecker
@@ -32604,17 +34565,7 @@ index 00000000..d29ceb9c
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG with GUI for Red Hat Enterprise Linux 8 V1R5.
-+
-+    In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this
-+    configuration baseline as applicable to the operating system tier of
-+    Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as:
-+
-+    - Red Hat Enterprise Linux Server
-+    - Red Hat Enterprise Linux Workstation and Desktop
-+    - Red Hat Enterprise Linux for HPC
-+    - Red Hat Storage
-+    - Red Hat Containers with a Red Hat Enterprise Linux 8 image
++    DISA STIG with GUI for Red Hat Enterprise Linux 8 V1R9.
 +
 +    Warning: The installation and use of a Graphical User Interface (GUI)
 +    increases your attack vector and decreases your overall security posture. If
@@ -32630,21 +34581,12 @@ index 00000000..d29ceb9c
 +
 +    # RHEL-08-040321
 +    - '!xwindows_runlevel_target'
-diff --git a/products/almalinux8/transforms/cci2html.xsl b/products/almalinux8/transforms/cci2html.xsl
-new file mode 100644
-index 00000000..f5e327b3
---- /dev/null
-+++ b/products/almalinux8/transforms/cci2html.xsl
-@@ -0,0 +1,6 @@
-+
-+
-+
-+
-+
-+
++
++    # RHEL-08-040001
++    - '!package_libreport-plugin-rhtsupport_removed'
 diff --git a/products/almalinux8/transforms/constants.xslt b/products/almalinux8/transforms/constants.xslt
 new file mode 100644
-index 00000000..92f8f9c4
+index 000000000..92f8f9c4c
 --- /dev/null
 +++ b/products/almalinux8/transforms/constants.xslt
 @@ -0,0 +1,13 @@
@@ -32661,51 +34603,9 @@ index 00000000..92f8f9c4
 +
 +
 +
-diff --git a/products/almalinux8/transforms/table-add-srgitems.xslt b/products/almalinux8/transforms/table-add-srgitems.xslt
-new file mode 100644
-index 00000000..2e92d670
---- /dev/null
-+++ b/products/almalinux8/transforms/table-add-srgitems.xslt
-@@ -0,0 +1,7 @@
-+
-+
-+
-+
-+
-+
-+
-diff --git a/products/almalinux8/transforms/table-sortbyref.xslt b/products/almalinux8/transforms/table-sortbyref.xslt
-new file mode 100644
-index 00000000..bb57e7f5
---- /dev/null
-+++ b/products/almalinux8/transforms/table-sortbyref.xslt
-@@ -0,0 +1,6 @@
-+
-+
-+
-+
-+
-+
-diff --git a/products/almalinux8/transforms/table-srgmap.xslt b/products/almalinux8/transforms/table-srgmap.xslt
-new file mode 100644
-index 00000000..5798a489
---- /dev/null
-+++ b/products/almalinux8/transforms/table-srgmap.xslt
-@@ -0,0 +1,11 @@
-+
-+
-+
-+
-+
-+
-+
-+
-+
-+
-+
 diff --git a/products/almalinux8/transforms/table-style.xslt b/products/almalinux8/transforms/table-style.xslt
 new file mode 100644
-index 00000000..8b6caeab
+index 000000000..8b6caeab8
 --- /dev/null
 +++ b/products/almalinux8/transforms/table-style.xslt
 @@ -0,0 +1,5 @@
@@ -32716,7 +34616,7 @@ index 00000000..8b6caeab
 +
 diff --git a/products/almalinux8/transforms/xccdf-apply-overlay-stig.xslt b/products/almalinux8/transforms/xccdf-apply-overlay-stig.xslt
 new file mode 100644
-index 00000000..4789419b
+index 000000000..4789419b8
 --- /dev/null
 +++ b/products/almalinux8/transforms/xccdf-apply-overlay-stig.xslt
 @@ -0,0 +1,8 @@
@@ -32728,22 +34628,9 @@ index 00000000..4789419b
 +
 +
 +
-diff --git a/products/almalinux8/transforms/xccdf2stigformat.xslt b/products/almalinux8/transforms/xccdf2stigformat.xslt
-new file mode 100644
-index 00000000..a4e7d736
---- /dev/null
-+++ b/products/almalinux8/transforms/xccdf2stigformat.xslt
-@@ -0,0 +1,7 @@
-+
-+
-+
-+
-+
-+
-+
 diff --git a/products/almalinux8/transforms/xccdf2table-cce.xslt b/products/almalinux8/transforms/xccdf2table-cce.xslt
 new file mode 100644
-index 00000000..f156a669
+index 000000000..f156a6695
 --- /dev/null
 +++ b/products/almalinux8/transforms/xccdf2table-cce.xslt
 @@ -0,0 +1,9 @@
@@ -32758,7 +34645,7 @@ index 00000000..f156a669
 +
 diff --git a/products/almalinux8/transforms/xccdf2table-profileccirefs.xslt b/products/almalinux8/transforms/xccdf2table-profileccirefs.xslt
 new file mode 100644
-index 00000000..30419e92
+index 000000000..30419e92b
 --- /dev/null
 +++ b/products/almalinux8/transforms/xccdf2table-profileccirefs.xslt
 @@ -0,0 +1,9 @@
@@ -32771,66 +34658,8 @@ index 00000000..30419e92
 +
 +
 +
-diff --git a/products/almalinux8/transforms/xccdf2table-profilecisrefs.xslt b/products/almalinux8/transforms/xccdf2table-profilecisrefs.xslt
-new file mode 100644
-index 00000000..07d32124
---- /dev/null
-+++ b/products/almalinux8/transforms/xccdf2table-profilecisrefs.xslt
-@@ -0,0 +1,9 @@
-+
-+
-+
-+
-+
-+
-+
-+
-+
-diff --git a/products/almalinux8/transforms/xccdf2table-profilenistrefs-cui.xslt b/products/almalinux8/transforms/xccdf2table-profilenistrefs-cui.xslt
-new file mode 100644
-index 00000000..15efdd5f
---- /dev/null
-+++ b/products/almalinux8/transforms/xccdf2table-profilenistrefs-cui.xslt
-@@ -0,0 +1,8 @@
-+
-+
-+
-+
-+
-+
-+
-+
-diff --git a/products/almalinux8/transforms/xccdf2table-profilenistrefs.xslt b/products/almalinux8/transforms/xccdf2table-profilenistrefs.xslt
-new file mode 100644
-index 00000000..ea9f8b0d
---- /dev/null
-+++ b/products/almalinux8/transforms/xccdf2table-profilenistrefs.xslt
-@@ -0,0 +1,8 @@
-+
-+
-+
-+
-+
-+
-+
-+
-diff --git a/products/almalinux8/transforms/xccdf2table-stig.xslt b/products/almalinux8/transforms/xccdf2table-stig.xslt
-new file mode 100644
-index 00000000..a71d8364
---- /dev/null
-+++ b/products/almalinux8/transforms/xccdf2table-stig.xslt
-@@ -0,0 +1,9 @@
-+
-+
-+
-+
-+
-+
-+
-+
-+
 diff --git a/shared/checks/oval/install_mcafee_hbss.xml b/shared/checks/oval/install_mcafee_hbss.xml
-index 7e2f41cd..d20940a8 100644
+index ae2203571..ebc165296 100644
 --- a/shared/checks/oval/install_mcafee_hbss.xml
 +++ b/shared/checks/oval/install_mcafee_hbss.xml
 @@ -10,6 +10,7 @@
@@ -32843,7 +34672,7 @@ index 7e2f41cd..d20940a8 100644
  	multi_platform_ubuntu
 diff --git a/shared/checks/oval/installed_OS_is_almalinux8.xml b/shared/checks/oval/installed_OS_is_almalinux8.xml
 new file mode 100644
-index 00000000..91af880d
+index 000000000..91af880dd
 --- /dev/null
 +++ b/shared/checks/oval/installed_OS_is_almalinux8.xml
 @@ -0,0 +1,36 @@
@@ -32884,60 +34713,47 @@ index 00000000..91af880d
 +
 +    
 diff --git a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-index 41847663..be250510 100644
+index affb9770c..7273e6d7d 100644
 --- a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
 +++ b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-@@ -10,6 +10,7 @@
+@@ -12,6 +12,7 @@
  	multi_platform_ol
  	multi_platform_rhcos
  	multi_platform_rhel
 +multi_platform_almalinux
  	multi_platform_rhv
  	multi_platform_sle
- 	multi_platform_ubuntu
-diff --git a/shared/references/disa-stig-almalinux8-v1r4-xccdf-scap.xml b/shared/references/disa-stig-almalinux8-v1r4-xccdf-scap.xml
+     multi_platform_ubuntu
+diff --git a/shared/references/disa-stig-almalinux8-v1r8-xccdf-scap.xml b/shared/references/disa-stig-almalinux8-v1r8-xccdf-scap.xml
 new file mode 120000
-index 00000000..37c20342
+index 000000000..54c642fdf
 --- /dev/null
-+++ b/shared/references/disa-stig-almalinux8-v1r4-xccdf-scap.xml
++++ b/shared/references/disa-stig-almalinux8-v1r8-xccdf-scap.xml
 @@ -0,0 +1 @@
-+disa-stig-rhel8-v1r4-xccdf-scap.xml
++disa-stig-rhel8-v1r8-xccdf-scap.xml
 \ No newline at end of file
-diff --git a/shared/references/disa-stig-almalinux8-v1r5-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v1r5-xccdf-manual.xml
+diff --git a/shared/references/disa-stig-almalinux8-v1r9-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v1r9-xccdf-manual.xml
 new file mode 120000
-index 00000000..df167cfd
+index 000000000..083e51d2d
 --- /dev/null
-+++ b/shared/references/disa-stig-almalinux8-v1r5-xccdf-manual.xml
++++ b/shared/references/disa-stig-almalinux8-v1r9-xccdf-manual.xml
 @@ -0,0 +1 @@
-+disa-stig-rhel8-v1r5-xccdf-manual.xml
++disa-stig-rhel8-v1r9-xccdf-manual.xml
 \ No newline at end of file
-diff --git a/shared/references/disa-stig-ol7-v2r4-xccdf-manual.xml b/shared/references/disa-stig-ol7-v2r4-xccdf-manual.xml
-index 3c8a6475..457f2c2a 100644
---- a/shared/references/disa-stig-ol7-v2r4-xccdf-manual.xml
-+++ b/shared/references/disa-stig-ol7-v2r4-xccdf-manual.xml
-@@ -986,18 +986,18 @@ password_pbkdf2 root {hash from grub2-mkpasswd-pbkdf2 command}
- Generate a new "grub.conf" file with the new password with the following commands:
+diff --git a/shared/references/disa-stig-ol7-v2r9-xccdf-manual.xml b/shared/references/disa-stig-ol7-v2r9-xccdf-manual.xml
+index 45b7a0956..3c953e30f 100644
+--- a/shared/references/disa-stig-ol7-v2r9-xccdf-manual.xml
++++ b/shared/references/disa-stig-ol7-v2r9-xccdf-manual.xml
+@@ -930,7 +930,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
+ $ sudo grep -iw grub2_password /boot/grub2/user.cfg
+ GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
- # grub2-mkconfig --output=/tmp/grub2.cfg
--# mv /tmp/grub2.cfg /boot/efi/EFI/redhat/grub.cfgFor systems that use BIOS, this is Not Applicable.
-+# mv /tmp/grub2.cfg /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
- For systems that are running Oracle Linux 7.2 or newer, this is Not Applicable.
- 
- Check to see if an encrypted root password is set. On systems that use UEFI, use the following command:
- 
--# grep -i password /boot/efi/EFI/redhat/grub.cfg
-+# grep -i password /boot/efi/EFI/almalinux/grub.cfg
- 
- password_pbkdf2 [superusers-account] [password-hash]
- 
- If the root password entry does not begin with "password_pbkdf2", this is a finding.
- 
--If the "superusers-account" is not set to "root", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010491Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089V-99143SV-108247CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
-+If the "superusers-account" is not set to "root", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010491Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089V-99143SV-108247CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+-If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010491Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089V-99143SV-108247CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010491Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089V-99143SV-108247CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -1009,7 +1009,7 @@ For systems that are running a version of Oracle Linux prior to 7.2, this is Not
+@@ -942,7 +942,7 @@ For systems that are running a version of Oracle Linux prior to 7.2, this is Not
  
  Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
  
@@ -32945,8 +34761,8 @@ index 3c8a6475..457f2c2a 100644
 +$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
- If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000104-GPOS-00051<GroupDescription></GroupDescription>OL07-00-010500The Oracle Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.<VulnDiscussion>To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
-@@ -1919,7 +1919,7 @@ On BIOS-based machines, use the following command:
+ If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000104-GPOS-00051<GroupDescription></GroupDescription>OL07-00-010500The Oracle Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.<VulnDiscussion>To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
+@@ -1845,7 +1845,7 @@ On BIOS-based machines, use the following command:
  
  On UEFI-based machines, use the following command:
  
@@ -32955,7 +34771,7 @@ index 3c8a6475..457f2c2a 100644
  
  If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=<partition of /boot or /boot/efi> must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
  
-@@ -1950,7 +1950,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
+@@ -1876,7 +1876,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
  
  If a "dracut-fips" package is installed, check to see if the kernel command line is configured to use FIPS mode with the following command:
  
@@ -32964,9 +34780,9 @@ index 3c8a6475..457f2c2a 100644
  
  # grep fips /boot/grub2/grub.cfg
  /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0 rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us rd.lvm.lv=rhel/root rhgb fips=1 quiet
-@@ -2047,14 +2047,14 @@ All=p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
+@@ -1971,14 +1971,14 @@ All=p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
  
- If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2 approved cryptographic hashes for validating file contents and directories, this is a finding.SRG-OS-000364-GPOS-00151<GroupDescription></GroupDescription>OL07-00-021700The Oracle Linux operating system must not allow removable media to be used as the boot loader unless approved.<VulnDiscussion>Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the Information System Security Officer (ISSO).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089SV-108367V-99263CCI-001813Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.Verify the system is not configured to use a boot loader on removable media.
+ If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.SRG-OS-000364-GPOS-00151<GroupDescription></GroupDescription>OL07-00-021700The Oracle Linux operating system must not allow removable media to be used as the boot loader unless approved.<VulnDiscussion>Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the Information System Security Officer (ISSO).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089SV-108367V-99263CCI-001813Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.Verify the system is not configured to use a boot loader on removable media.
  
 -Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
 +Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
@@ -32981,16 +34797,13 @@ index 3c8a6475..457f2c2a 100644
  
  Check that the grub configuration file has the set root command in each menu entry with the following commands:
  
-@@ -5058,7 +5058,7 @@ export superusers
+@@ -4492,12 +4492,12 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
  
- If "superusers" is not set to a unique name or is missing a name, this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010492Oracle Linux operating systems version 7.2 or newer booted with United Extensible Firmware Interface (UEFI) must have a unique name for the grub superusers account when booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089CCI-000213Configure the system to require a grub bootloader password for the grub superusers account.
+ Generate a new grub.cfg file with the following command:
  
--Edit the /boot/efi/EFI/redhat/grub.cfg file and add or modify the following lines in the "### BEGIN /etc/grub.d/01_users ###" section:
-+Edit the /boot/efi/EFI/almalinux/grub.cfg file and add or modify the following lines in the "### BEGIN /etc/grub.d/01_users ###" section:
+-$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfgFor systems that use BIOS, this is Not Applicable.
++$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
  
- set superusers="[someuniquestringhere]"
- export superusers
-@@ -5067,7 +5067,7 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}SRG-OS-000033-GPOS-00014<GroupDescription></GroupDescription>OL08-00-010020OL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.<VulnDiscussion>Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated. 
-  
--OL 8 uses GRUB 2 as the default bootloader. Note that GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines. 
-+OL 8 uses GRUB 2 as the default bootloader. Note that GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines. 
-  
- The fips=1 kernel option needs to be added to the kernel command line during system installation so that key generation is done with FIPS-approved algorithms and continuous monitoring tests in place. Users should also ensure the system has plenty of entropy during the installation process by moving the mouse around, or if no mouse is available, ensuring that many keystrokes are typed. The recommended number of keystrokes is 256 and more. Fewer than 256 keystrokes may generate a non-unique key.
+diff --git a/shared/references/disa-stig-ol8-v1r4-xccdf-manual.xml b/shared/references/disa-stig-ol8-v1r4-xccdf-manual.xml
+index 55252a9e0..a1aa5b167 100644
+--- a/shared/references/disa-stig-ol8-v1r4-xccdf-manual.xml
++++ b/shared/references/disa-stig-ol8-v1r4-xccdf-manual.xml
+@@ -439,7 +439,7 @@ $ sudo egrep "^SHA_CRYPT_" /etc/login.defs
  
-@@ -450,7 +450,7 @@ $ sudo grep rounds /etc/pam.d/system-auth
-  
- password sufficient pam_unix.so sha512 rounds=5000 
-  
--If "rounds" has a value below "5000" or is commented out, this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL08-00-010140OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 8DISADPMS TargetOracle Linux 85416CCI-000213Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
-+If "rounds" has a value below "5000" or is commented out, this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL08-00-010140OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 8DISADPMS TargetOracle Linux 85416CCI-000213Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
+ If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "5000", this is a finding.
+ 
+-If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "5000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL08-00-010140OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 8DISADPMS TargetOracle Linux 85416CCI-000213Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
++If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "5000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL08-00-010140OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 8DISADPMS TargetOracle Linux 85416CCI-000213Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
   
  Generate an encrypted grub2 password for the grub superusers account with the following command: 
   
-@@ -460,7 +460,7 @@ Confirm password:For systems that use BIOS, this is Not Applicable.
-+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
+-$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfgFor systems that use BIOS, this is Not Applicable.
++$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
  
  Verify that a unique name is set as the "superusers" account:
  
@@ -33044,11 +34848,11 @@ index 130e3620..56b71d82 100644
  set superusers="[someuniqueUserNamehere]"
  export superusers
  
-diff --git a/shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml b/shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml
-index a674d506..e8361c77 100644
---- a/shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml
-+++ b/shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml
-@@ -905,7 +905,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
+diff --git a/shared/references/disa-stig-rhel7-v3r10-xccdf-manual.xml b/shared/references/disa-stig-rhel7-v3r10-xccdf-manual.xml
+index 2ac417f0e..b84cd4b83 100644
+--- a/shared/references/disa-stig-rhel7-v3r10-xccdf-manual.xml
++++ b/shared/references/disa-stig-rhel7-v3r10-xccdf-manual.xml
+@@ -902,7 +902,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
  $ sudo grep -iw grub2_password /boot/grub2/user.cfg
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
@@ -33057,7 +34861,7 @@ index a674d506..e8361c77 100644
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -917,7 +917,7 @@ For systems that are running a version of RHEL prior to 7.2, this is Not Applica
+@@ -914,7 +914,7 @@ For systems that are running a version of RHEL prior to 7.2, this is Not Applica
  
  Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
  
@@ -33065,8 +34869,8 @@ index a674d506..e8361c77 100644
 +$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
- If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000104-GPOS-00051<GroupDescription></GroupDescription>RHEL-07-010500The Red Hat Enterprise Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.<VulnDiscussion>To assure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
-@@ -1866,7 +1866,7 @@ On BIOS-based machines, use the following command:
+ If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000104-GPOS-00051<GroupDescription></GroupDescription>RHEL-07-010500The Red Hat Enterprise Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.<VulnDiscussion>To assure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
+@@ -1851,7 +1851,7 @@ On BIOS-based machines, use the following command:
  
  On UEFI-based machines, use the following command:
  
@@ -33075,7 +34879,7 @@ index a674d506..e8361c77 100644
  
  If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=<partition of /boot or /boot/efi> must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
  
-@@ -1897,7 +1897,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
+@@ -1882,7 +1882,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
  
  If a "dracut-fips" package is installed, check to see if the kernel command line is configured to use FIPS mode with the following command:
  
@@ -33084,9 +34888,9 @@ index a674d506..e8361c77 100644
  
  # grep fips /boot/grub2/grub.cfg
  /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0 rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us rd.lvm.lv=rhel/root rhgb fips=1 quiet
-@@ -1995,14 +1995,14 @@ All=p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
+@@ -1955,14 +1955,14 @@ An example rule that includes the "sha512" rule follows:
  
- If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.SRG-OS-000364-GPOS-00151<GroupDescription></GroupDescription>RHEL-07-021700The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved.<VulnDiscussion>Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the Information System Security Officer (ISSO).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 7DISADPMS TargetRed Hat Enterprise Linux 72899SV-86699V-72075CCI-000318CCI-000368CCI-001812CCI-001813CCI-001814Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.Verify the system is not configured to use a boot loader on removable media.
+ If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.SRG-OS-000364-GPOS-00151<GroupDescription></GroupDescription>RHEL-07-021700The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved.<VulnDiscussion>Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the Information System Security Officer (ISSO).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 7DISADPMS TargetRed Hat Enterprise Linux 72899SV-86699V-72075CCI-000318CCI-000368CCI-001812CCI-001813CCI-001814Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.Verify the system is not configured to use a boot loader on removable media.
  
 -Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
 +Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
@@ -33101,16 +34905,14 @@ index a674d506..e8361c77 100644
  
  Check that the grub configuration file has the set root command in each menu entry with the following commands:
  
-@@ -4969,7 +4969,7 @@ Verify that a unique name is set as the "superusers" account:
- If "superusers" is identical to any OS account name or is missing a name, this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-07-010492Red Hat Enterprise Linux operating systems version 7.2 or newer booted with United Extensible Firmware Interface (UEFI) must have a unique name for the grub superusers account when booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
- The GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 7DISADPMS TargetRed Hat Enterprise Linux 72899CCI-000213Configure the system to have a unique name for the grub superusers account.
+@@ -4452,13 +4452,13 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
  
--Edit the /boot/efi/EFI/redhat/grub.cfg file and add or modify the following lines in the "### BEGIN /etc/grub.d/01_users ###" section:
-+Edit the /boot/efi/EFI/almalinux/grub.cfg file and add or modify the following lines in the "### BEGIN /etc/grub.d/01_users ###" section:
+ Generate a new grub.cfg file with the following command:
  
- set superusers="[someuniquestringhere]"
- export superusers
-@@ -4979,7 +4979,7 @@ For systems that are running a version of RHEL prior to 7.2, this is Not Applica
+-$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfgFor systems that use BIOS, this is Not Applicable.
++$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
+ 
+ For systems that are running a version of RHEL prior to 7.2, this is Not Applicable.
  
  Verify that a unique name is set as the "superusers" account:
  
@@ -33119,11 +34921,11 @@ index a674d506..e8361c77 100644
      set superusers="[someuniquestringhere]"
      export superusers
  
-diff --git a/shared/references/disa-stig-rhel7-v3r5-xccdf-scap.xml b/shared/references/disa-stig-rhel7-v3r5-xccdf-scap.xml
-index 9a270474..6750a087 100644
---- a/shared/references/disa-stig-rhel7-v3r5-xccdf-scap.xml
-+++ b/shared/references/disa-stig-rhel7-v3r5-xccdf-scap.xml
-@@ -3449,7 +3449,7 @@ Confirm password:
+diff --git a/shared/references/disa-stig-rhel7-v3r10-xccdf-scap.xml b/shared/references/disa-stig-rhel7-v3r10-xccdf-scap.xml
+index ee53d1416..c298fc185 100644
+--- a/shared/references/disa-stig-rhel7-v3r10-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel7-v3r10-xccdf-scap.xml
+@@ -3236,7 +3236,7 @@ Confirm password:
            SV-95719
            V-81007
            CCI-000213
@@ -33132,7 +34934,7 @@ index 9a270474..6750a087 100644
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -4223,7 +4223,7 @@ On BIOS-based machines, use the following command:
+@@ -4010,7 +4010,7 @@ On BIOS-based machines, use the following command:
  
  On UEFI-based machines, use the following command:
  
@@ -33141,7 +34943,7 @@ index 9a270474..6750a087 100644
  
  If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=<partition of /boot or /boot/efi> must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
  
-@@ -8494,7 +8494,8 @@ Note: The "[value]" must be a number that is greater than or equal to "0".Disable Prelinking
              
                multi_platform_fedora
@@ -33151,7 +34953,7 @@ index 9a270474..6750a087 100644
                multi_platform_rhel-osp
              
              The prelinking feature can interfere with the operation of
-@@ -8525,7 +8526,8 @@ Note: The "[value]" must be a number that is greater than or equal to "0".
              Package openssh-server Removed
              
@@ -33161,7 +34963,7 @@ index 9a270474..6750a087 100644
                multi_platform_fedora
                multi_platform_sle
              
-@@ -9442,7 +9444,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+@@ -8346,7 +8348,8 @@ Password complexity is one factor of several that determines how long it takes t
            
              Limit Password Reuse
              
@@ -33171,7 +34973,7 @@ index 9a270474..6750a087 100644
                multi_platform_fedora
              
              The passwords to remember should be set correctly.
-@@ -9464,7 +9467,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+@@ -8362,7 +8365,8 @@ Password complexity is one factor of several that determines how long it takes t
            
              RHEL-07-040160 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements.
              
@@ -33181,19 +34983,19 @@ index 9a270474..6750a087 100644
              
              Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free up resources committed by the managed network element. 
  
-@@ -9573,7 +9577,8 @@ Terminating network connections associated with communications sessions includes
+@@ -8456,7 +8460,8 @@ Terminating network connections associated with communications sessions includes
            
-             Audit Discretionary Access Control Modification Events - chmod
+             RHEL-07-030410 - The Red Hat Enterprise Linux operating system must audit all uses of the chmod, fchmod and fchmodat syscalls.
              
 -              multi_platform_rhel
 +              multi_platform_rhel
 +multi_platform_almalinux
              
-             The changing of file permissions and attributes should be audited.
-             
-@@ -9616,7 +9621,8 @@ Terminating network connections associated with communications sessions includes
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -8512,7 +8517,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
-             Audit Discretionary Access Control Modification Events - chown
+             RHEL-07-030370 - The Red Hat Enterprise Linux operating system must audit all uses of the chown, fchown, fchownat and lchown syscalls.
              
 -              multi_platform_rhel
 +              multi_platform_rhel
@@ -33201,109 +35003,9 @@ index 9a270474..6750a087 100644
              
              
              
-@@ -9645,7 +9651,8 @@ Terminating network connections associated with communications sessions includes
+@@ -8558,7 +8564,8 @@ When a user logs on, the auid is set to the uid of the account that is being aut
            
-             Audit Discretionary Access Control Modification Events - fchmod
-             
--              multi_platform_rhel
-+              multi_platform_rhel
-+multi_platform_almalinux
-             
-             
-             
-@@ -9674,7 +9681,8 @@ Terminating network connections associated with communications sessions includes
-           
-             Audit Discretionary Access Control Modification Events - fchmodat
-             
--              multi_platform_rhel
-+              multi_platform_rhel
-+multi_platform_almalinux
-             
-             
-             
-@@ -9703,7 +9711,8 @@ Terminating network connections associated with communications sessions includes
-           
-             Audit Discretionary Access Control Modification Events - fchown
-             
--              multi_platform_rhel
-+              multi_platform_rhel
-+multi_platform_almalinux
-             
-             
-             
-@@ -9732,7 +9741,8 @@ Terminating network connections associated with communications sessions includes
-           
-             Audit Discretionary Access Control Modification Events - fchownat
-             
--              multi_platform_rhel
-+              multi_platform_rhel
-+multi_platform_almalinux
-             
-             
-             
-@@ -9761,7 +9771,8 @@ Terminating network connections associated with communications sessions includes
-           
-             Audit Discretionary Access Control Modification Events - fremovexattr
-             
--              multi_platform_rhel
-+              multi_platform_rhel
-+multi_platform_almalinux
-             
-             
-             
-@@ -9790,7 +9801,8 @@ Terminating network connections associated with communications sessions includes
-           
-             Audit Discretionary Access Control Modification Events - fsetxattr
-             
--              multi_platform_rhel
-+              multi_platform_rhel
-+multi_platform_almalinux
-             
-             
-             
-@@ -9819,7 +9831,8 @@ Terminating network connections associated with communications sessions includes
-           
-             Audit Discretionary Access Control Modification Events - lchown
-             
--              multi_platform_rhel
-+              multi_platform_rhel
-+multi_platform_almalinux
-             
-             
-             
-@@ -9848,7 +9861,8 @@ Terminating network connections associated with communications sessions includes
-           
-             Audit Discretionary Access Control Modification Events - lremovexattr
-             
--              multi_platform_rhel
-+              multi_platform_rhel
-+multi_platform_almalinux
-             
-             
-             
-@@ -9877,7 +9891,8 @@ Terminating network connections associated with communications sessions includes
-           
-             Audit Discretionary Access Control Modification Events - lsetxattr
-             
--              multi_platform_rhel
-+              multi_platform_rhel
-+multi_platform_almalinux
-             
-             
-             
-@@ -9906,7 +9921,8 @@ Terminating network connections associated with communications sessions includes
-           
-             Audit Discretionary Access Control Modification Events - removexattr
-             
--              multi_platform_rhel
-+              multi_platform_rhel
-+multi_platform_almalinux
-             
-             
-             
-@@ -9935,7 +9951,8 @@ Terminating network connections associated with communications sessions includes
-           
-             Audit Discretionary Access Control Modification Events - setxattr
+             RHEL-07-030440 - The Red Hat Enterprise Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr and lremovexattr syscalls.
              
 -              multi_platform_rhel
 +              multi_platform_rhel
@@ -33311,7 +35013,7 @@ index 9a270474..6750a087 100644
              
              
              
-@@ -11246,7 +11263,8 @@ Terminating network connections associated with communications sessions includes
+@@ -9655,7 +9662,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              Disable Host-Based Authentication
              
@@ -33321,7 +35023,7 @@ index 9a270474..6750a087 100644
              
              SSH host-based authentication should be disabled.
              
-@@ -11261,7 +11279,8 @@ Terminating network connections associated with communications sessions includes
+@@ -9670,7 +9678,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              Package prelink Removed
              
@@ -33331,7 +35033,7 @@ index 9a270474..6750a087 100644
              
              The RPM package prelink should be removed.
              
-@@ -11404,7 +11423,8 @@ Terminating network connections associated with communications sessions includes
+@@ -9813,7 +9822,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              Mount Remote Filesystems with nosuid
              
@@ -33341,7 +35043,7 @@ index 9a270474..6750a087 100644
              
              
              
-@@ -11434,7 +11454,8 @@ Terminating network connections associated with communications sessions includes
+@@ -9843,7 +9853,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              Package net-snmp Removed
              
@@ -33351,7 +35053,7 @@ index 9a270474..6750a087 100644
              
              The RPM package net-snmp should be removed.
              
-@@ -11461,7 +11482,8 @@ Terminating network connections associated with communications sessions includes
+@@ -9870,7 +9881,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              Package telnet-server Removed
              
@@ -33361,7 +35063,7 @@ index 9a270474..6750a087 100644
              
              The RPM package telnet-server should be removed.
              
-@@ -11489,7 +11511,8 @@ Terminating network connections associated with communications sessions includes
+@@ -9898,7 +9910,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              Package vsftpd Removed
              
@@ -33371,7 +35073,7 @@ index 9a270474..6750a087 100644
              
              The RPM package vsftpd should be removed.
              
-@@ -11502,7 +11525,8 @@ Terminating network connections associated with communications sessions includes
+@@ -9911,7 +9924,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              Package xorg-x11-server-common Removed
              
@@ -33381,7 +35083,7 @@ index 9a270474..6750a087 100644
                multi_platform_fedora
              
              
-@@ -11531,7 +11555,8 @@ Terminating network connections associated with communications sessions includes
+@@ -9940,7 +9954,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              Ensure /home Located On Separate Partition
              
@@ -33391,7 +35093,7 @@ index 9a270474..6750a087 100644
              
              If user home directories will be stored locally, create a
        separate partition for /home. If /home will be mounted from another
-@@ -11549,7 +11574,8 @@ Terminating network connections associated with communications sessions includes
+@@ -9958,7 +9973,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              Ensure /var Located On Separate Partition
              
@@ -33401,7 +35103,7 @@ index 9a270474..6750a087 100644
              
              
              
-@@ -11567,7 +11593,8 @@ Terminating network connections associated with communications sessions includes
+@@ -9976,7 +9992,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              Ensure /var/log/audit Located On Separate Partition
              
@@ -33411,7 +35113,7 @@ index 9a270474..6750a087 100644
              
              
              
-@@ -11586,7 +11613,8 @@ Terminating network connections associated with communications sessions includes
+@@ -9995,7 +10012,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
              Verify File Hashes with RPM
              
                multi_platform_fedora
@@ -33421,7 +35123,7 @@ index 9a270474..6750a087 100644
              
              Verify the RPM digests of system binaries using the RPM database.
              
-@@ -11660,7 +11688,8 @@ Terminating network connections associated with communications sessions includes
+@@ -10069,7 +10087,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              Ensure Only Protocol 2 Connections Allowed
              
@@ -33431,7 +35133,7 @@ index 9a270474..6750a087 100644
                multi_platform_debian
                multi_platform_ubuntu
              
-@@ -11696,7 +11725,8 @@ Terminating network connections associated with communications sessions includes
+@@ -10105,7 +10124,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              Disable .rhosts Files
              
@@ -33441,7 +35143,7 @@ index 9a270474..6750a087 100644
              
              
              
-@@ -11761,7 +11791,8 @@ This should be disabled.
+@@ -10170,7 +10190,8 @@ This should be disabled.
            
              Do Not Allow Users to Set Environment Options
              
@@ -33451,7 +35153,7 @@ index 9a270474..6750a087 100644
              
              PermitUserEnvironment should be disabled
              
-@@ -12113,7 +12144,8 @@ By specifying a cipher list with the order of ciphers being in a "strongest to w
+@@ -10519,7 +10540,8 @@ By specifying a cipher list with the order of ciphers being in a "strongest to w
            
              Package openssh-server is version 7.4 or higher
              
@@ -33461,7 +35163,7 @@ index 9a270474..6750a087 100644
                multi_platform_fedora
                multi_platform_sle
              
-@@ -12384,12 +12416,12 @@ The ability to enable/disable a session lock is given to the user by default. Di
+@@ -10756,12 +10778,12 @@ The ability to enable/disable a session lock is given to the user by default. Di
              The UEFI grub2 boot loader should have password protection enabled.
              
            
@@ -33478,7 +35180,7 @@ index 9a270474..6750a087 100644
              
            
          
-@@ -13399,7 +13431,7 @@ The ability to enable/disable a session lock is given to the user by default. Di
+@@ -11660,7 +11682,7 @@ The ability to enable/disable a session lock is given to the user by default. Di
          
            
          
@@ -33487,7 +35189,7 @@ index 9a270474..6750a087 100644
            
          
          
-@@ -13964,10 +13996,10 @@ The ability to enable/disable a session lock is given to the user by default. Di
+@@ -12210,10 +12232,10 @@ The ability to enable/disable a session lock is given to the user by default. Di
          
            
          
@@ -33500,7 +35202,7 @@ index 9a270474..6750a087 100644
            
          
          
-@@ -15542,7 +15574,7 @@ The ability to enable/disable a session lock is given to the user by default. Di
+@@ -13637,7 +13659,7 @@ The ability to enable/disable a session lock is given to the user by default. Di
            /boot/grub2/grub.cfg
          
          
@@ -33509,7 +35211,7 @@ index 9a270474..6750a087 100644
          
          
            
-@@ -16385,12 +16417,12 @@ The ability to enable/disable a session lock is given to the user by default. Di
+@@ -14472,12 +14494,12 @@ The ability to enable/disable a session lock is given to the user by default. Di
            1
          
          
@@ -33524,20 +35226,20 @@ index 9a270474..6750a087 100644
            ^[\s]*set[\s]+superusers=\"\S+\"$
            1
          
-@@ -16950,7 +16982,7 @@ The ability to enable/disable a session lock is given to the user by default. Di
-         
+@@ -15057,7 +15079,7 @@ The ability to enable/disable a session lock is given to the user by default. Di
+         
          
            /boot/grub2/grub.cfg
 -          /boot/efi/EFI/redhat/grub.cfg
 +          /boot/efi/EFI/almalinux/grub.cfg
          
-         
-           
-diff --git a/shared/references/disa-stig-rhel8-v1r4-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v1r4-xccdf-scap.xml
-index 24c8f3e5..122efe4f 100644
---- a/shared/references/disa-stig-rhel8-v1r4-xccdf-scap.xml
-+++ b/shared/references/disa-stig-rhel8-v1r4-xccdf-scap.xml
-@@ -2493,7 +2493,7 @@ SHA_CRYPT_MIN_ROUNDS 5000
+         
+           /etc/sysctl.d
+diff --git a/shared/references/disa-stig-rhel8-v1r8-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v1r8-xccdf-scap.xml
+index 92f67b352..bfda2b2a3 100644
+--- a/shared/references/disa-stig-rhel8-v1r8-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel8-v1r8-xccdf-scap.xml
+@@ -2531,7 +2531,7 @@ SHA_CRYPT_MIN_ROUNDS 5000
              2921
            
            CCI-000213
@@ -33546,7 +35248,17 @@ index 24c8f3e5..122efe4f 100644
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -9399,7 +9399,8 @@ Note: The "[value]" must be a number that is greater than or equal to "0".
+           
+             The RHEL 8 version is RHEL 8.2 or newer.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             External definition used to determine if the RHEL 8 version is RHEL 8.2 or newer for version applicability based requirements.
+           
+@@ -9759,7 +9760,8 @@ $ sudo passwd -l [username]
            
              IPv6 is disabled in the kernel.
              
@@ -33556,7 +35268,7 @@ index 24c8f3e5..122efe4f 100644
              
              IPv6 is disabled in the kernel, either via a kernel cmdline option or sysctl.
            
-@@ -9415,7 +9416,8 @@ Note: The "[value]" must be a number that is greater than or equal to "0".
            
              OpenSSH is installed.
              
@@ -33566,7 +35278,7 @@ index 24c8f3e5..122efe4f 100644
              
              OpenSSH is installed
            
-@@ -9443,7 +9445,8 @@ Red Hat offers the Extended Update Support (EUS) ad-on to a Red Hat Enterprise L
+@@ -9803,7 +9806,8 @@ Red Hat offers the Extended Update Support (EUS) ad-on to a Red Hat Enterprise L
            
              RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
              
@@ -33576,7 +35288,7 @@ index 24c8f3e5..122efe4f 100644
              
              Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the Federal Government since this provides assurance they have been tested and validated.
  
-@@ -9460,7 +9463,8 @@ The fips=1 kernel option needs to be added to the kernel command line during sys
+@@ -9820,7 +9824,8 @@ The fips=1 kernel option needs to be added to the kernel command line during sys
            
              RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
              
@@ -33586,7 +35298,7 @@ index 24c8f3e5..122efe4f 100644
              
              Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.
  
-@@ -9476,7 +9480,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -9836,7 +9841,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.
              
@@ -33596,7 +35308,7 @@ index 24c8f3e5..122efe4f 100644
              
              The system must use a strong hashing algorithm to store the password.
  
-@@ -9490,7 +9495,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -9850,7 +9856,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            
              RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.
              
@@ -33606,7 +35318,7 @@ index 24c8f3e5..122efe4f 100644
              
              The system must use a strong hashing algorithm to store the password. The system must use a sufficient number of hashing rounds to ensure the required level of entropy.
  
-@@ -9505,15 +9511,16 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -9865,15 +9872,16 @@ Passwords need to be protected at all times, and encryption is the standard meth
            
              RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance.
              
@@ -33628,7 +35340,7 @@ index 24c8f3e5..122efe4f 100644
              
            
          
-@@ -9521,7 +9528,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -9881,7 +9889,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            
              RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.
              
@@ -33638,7 +35350,7 @@ index 24c8f3e5..122efe4f 100644
              
              If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
            
-@@ -9537,7 +9545,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -9897,7 +9906,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            
              RHEL-08-010160 - RHEL 8 operating systems must require authentication upon booting into rescue mode.
              
@@ -33648,7 +35360,7 @@ index 24c8f3e5..122efe4f 100644
              
              If the system does not require valid root authentication before it boots into rescue mode, anyone who invokes rescue mode is granted privileged access to all files on the system.
            
-@@ -9549,7 +9558,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -9909,7 +9919,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            
              RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
              
@@ -33658,7 +35370,7 @@ index 24c8f3e5..122efe4f 100644
              
              Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -9565,7 +9575,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -9925,7 +9936,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication.
              
@@ -33668,7 +35380,7 @@ index 24c8f3e5..122efe4f 100644
              
              Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -9585,7 +9596,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -9945,7 +9957,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.
              
@@ -33678,7 +35390,7 @@ index 24c8f3e5..122efe4f 100644
              
              Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -9605,7 +9617,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -9965,7 +9978,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-010171 - RHEL 8 must have the policycoreutils package installed.
              
@@ -33688,7 +35400,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
  
-@@ -9619,7 +9632,8 @@ Policycoreutils contains the policy core utilities that are required for basic o
+@@ -9979,7 +9993,8 @@ Policycoreutils contains the policy core utilities that are required for basic o
            
              RHEL-08-010200 - RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements.
              
@@ -33698,7 +35410,7 @@ index 24c8f3e5..122efe4f 100644
              
              Terminating an idle SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
  
-@@ -9636,7 +9650,8 @@ RHEL 8 utilizes /etc/ssh/sshd_config for configurations of OpenSSH. Within the s
+@@ -9996,7 +10011,8 @@ RHEL 8 utilizes /etc/ssh/sshd_config for configurations of OpenSSH. Within the s
            
              RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive.
              
@@ -33708,7 +35420,7 @@ index 24c8f3e5..122efe4f 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -9650,7 +9665,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10010,7 +10026,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-010220 - The RHEL 8 /var/log/messages file must be owned by root.
              
@@ -33718,7 +35430,7 @@ index 24c8f3e5..122efe4f 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -9664,7 +9680,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10024,7 +10041,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-010230 - The RHEL 8 /var/log/messages file must be group-owned by root.
              
@@ -33728,7 +35440,7 @@ index 24c8f3e5..122efe4f 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -9678,7 +9695,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10038,7 +10056,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-010240 - The RHEL 8 /var/log directory must have mode 0755 or less permissive.
              
@@ -33738,7 +35450,7 @@ index 24c8f3e5..122efe4f 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -9692,7 +9710,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10052,7 +10071,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-010250 - The RHEL 8 /var/log directory must be owned by root.
              
@@ -33748,7 +35460,7 @@ index 24c8f3e5..122efe4f 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -9706,7 +9725,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10066,7 +10086,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root.
              
@@ -33758,7 +35470,7 @@ index 24c8f3e5..122efe4f 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -9720,7 +9740,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10080,7 +10101,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-010292 - RHEL 8 must ensure the SSH server uses strong entropy.
              
@@ -33768,7 +35480,7 @@ index 24c8f3e5..122efe4f 100644
              
              The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.
  
-@@ -9736,7 +9757,8 @@ The SSH implementation in RHEL8 uses the OPENSSL library, which does not use hig
+@@ -10096,7 +10118,8 @@ The SSH implementation in RHEL8 uses the OPENSSL library, which does not use hig
            
              RHEL-08-010294 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the OpenSSL package.
              
@@ -33778,7 +35490,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
  
-@@ -9764,7 +9786,8 @@ RHEL 8 incorporates system-wide crypto policies by default.  The employed algori
+@@ -10124,7 +10147,8 @@ RHEL 8 incorporates system-wide crypto policies by default.  The employed algori
            
              RHEL-08-010300 - RHEL 8 system commands must have mode 755 or less permissive.
              
@@ -33788,7 +35500,7 @@ index 24c8f3e5..122efe4f 100644
              
              If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
  
-@@ -9778,7 +9801,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+@@ -10138,7 +10162,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
            
              RHEL-08-010310 - RHEL 8 system commands must be owned by root.
              
@@ -33798,7 +35510,7 @@ index 24c8f3e5..122efe4f 100644
              
              If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
  
-@@ -9792,7 +9816,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+@@ -10152,7 +10177,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
            
              RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account.
              
@@ -33808,7 +35520,7 @@ index 24c8f3e5..122efe4f 100644
              
              If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
  
-@@ -9806,7 +9831,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+@@ -10166,7 +10192,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
            
              RHEL-08-010370 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
              
@@ -33818,7 +35530,7 @@ index 24c8f3e5..122efe4f 100644
              
              Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
  
-@@ -9823,7 +9849,8 @@ Verifying the authenticity of the software prior to installation validates the i
+@@ -10183,7 +10210,8 @@ Verifying the authenticity of the software prior to installation validates the i
            
              RHEL-08-010371 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
              
@@ -33828,7 +35540,7 @@ index 24c8f3e5..122efe4f 100644
              
              Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
  
-@@ -9839,7 +9866,8 @@ Verifying the authenticity of the software prior to installation validates the i
+@@ -10199,7 +10227,8 @@ Verifying the authenticity of the software prior to installation validates the i
            
              RHEL-08-010372 - RHEL 8 must prevent the loading of a new kernel for later execution.
              
@@ -33837,8 +35549,8 @@ index 24c8f3e5..122efe4f 100644
 +AlmaLinux 8
              
              Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
- Disabling kexec_load prevents an unsigned kernel image (that could be a windows kernel or modified vulnerable kernel) from being loaded. Kexec can be used subvert the entire secureboot process and should be avoided at all costs especially since it can load unsigned kernel images.
-@@ -9861,7 +9889,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+ 
+@@ -10222,7 +10251,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010373 - RHEL 8 must enable kernel parameters to enforce discretionary access control on symlinks.
              
@@ -33848,7 +35560,7 @@ index 24c8f3e5..122efe4f 100644
              
              Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write).  Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment.  DAC allows the owner to determine who will have access to objects they control.  An example of DAC includes user-controlled file permissions.  
  
-@@ -9887,7 +9916,8 @@ Based on the information above, if a configuration file begins with "99-" is cre
+@@ -10246,7 +10276,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010374 - RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.
              
@@ -33858,7 +35570,7 @@ index 24c8f3e5..122efe4f 100644
              
              Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
  
-@@ -9914,7 +9944,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -10271,7 +10302,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010375 - RHEL 8 must restrict access to the kernel message buffer.
              
@@ -33868,7 +35580,7 @@ index 24c8f3e5..122efe4f 100644
              
              Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
  
-@@ -9942,7 +9973,8 @@ Based on the information above, if a configuration file begins with "99-" is cre
+@@ -10297,7 +10329,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010376 - RHEL 8 must prevent kernel profiling by unprivileged users.
              
@@ -33878,7 +35590,7 @@ index 24c8f3e5..122efe4f 100644
              
              Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
  
-@@ -9971,7 +10003,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -10324,7 +10357,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010380 - RHEL 8 must require users to provide a password for privilege escalation.
              
@@ -33888,7 +35600,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
  
-@@ -9986,7 +10019,8 @@ When operating systems provide the capability to escalate a functional capabilit
+@@ -10339,7 +10373,8 @@ When operating systems provide the capability to escalate a functional capabilit
            
              RHEL-08-010381 - RHEL 8 must require users to reauthenticate for privilege escalation.
              
@@ -33898,7 +35610,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
  
-@@ -10001,7 +10035,8 @@ When operating systems provide the capability to escalate a functional capabilit
+@@ -10354,7 +10389,8 @@ When operating systems provide the capability to escalate a functional capabilit
            
              RHEL-08-010390 - RHEL 8 must have the packages required for multifactor authentication installed.
              
@@ -33908,7 +35620,17 @@ index 24c8f3e5..122efe4f 100644
              
              Using an authentication device, such as a DoD Common Access Card (CAC) or token that is separate from the information system, ensures that even if the information system is compromised, credentials stored on the authentication device will not be affected.
  
-@@ -10021,7 +10056,8 @@ This requirement only applies to components where this is specific to the functi
+@@ -10374,7 +10410,8 @@ This requirement only applies to components where this is specific to the functi
+           
+             RHEL-08-010430 - RHEL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
+ 
+@@ -10397,7 +10434,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8.
              
@@ -33918,7 +35640,7 @@ index 24c8f3e5..122efe4f 100644
              
              Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.
            
-@@ -10033,7 +10069,8 @@ This requirement only applies to components where this is specific to the functi
+@@ -10409,7 +10447,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy.
              
@@ -33928,7 +35650,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
  
-@@ -10047,7 +10084,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10423,7 +10462,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010460 - There must be no shosts.equiv files on the RHEL 8 operating system.
              
@@ -33938,7 +35660,7 @@ index 24c8f3e5..122efe4f 100644
              
              The "shosts.equiv" files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
            
-@@ -10059,7 +10097,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10435,7 +10475,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010470 - There must be no .shosts files on the RHEL 8 operating system.
              
@@ -33948,7 +35670,7 @@ index 24c8f3e5..122efe4f 100644
              
              The ".shosts" files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
            
-@@ -10071,7 +10110,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10447,7 +10488,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010480 - The RHEL 8 SSH public host key files must have mode 0644 or less permissive.
              
@@ -33958,9 +35680,9 @@ index 24c8f3e5..122efe4f 100644
              
              If a public host key file is modified by an unauthorized user, the SSH service may be compromised.
            
-@@ -10084,7 +10124,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10460,7 +10502,8 @@ This requirement applies to operating systems performing security function verif
            
-             RHEL-08-010490 - The RHEL 8 SSH private host key files must have mode 0600 or less permissive.
+             RHEL-08-010490 - The RHEL 8 SSH private host key files must have mode 0640 or less permissive.
              
 -              Red Hat Enterprise Linux 8
 +              Red Hat Enterprise Linux 8
@@ -33968,7 +35690,7 @@ index 24c8f3e5..122efe4f 100644
              
              If an unauthorized user obtains the private SSH host key file, the host could be impersonated.
            
-@@ -10097,7 +10138,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10473,7 +10516,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010500 - The RHEL 8 SSH daemon must perform strict mode checking of home directory configuration files.
              
@@ -33978,17 +35700,7 @@ index 24c8f3e5..122efe4f 100644
              
              If other users have access to modify user-specific SSH configuration files, they may be able to log on to the system as another user.
            
-@@ -10110,7 +10152,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010510 - The RHEL 8 SSH daemon must not allow compression or must only allow compression after successful authentication.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.
-           
-@@ -10123,7 +10166,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10486,7 +10530,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010520 - The RHEL 8 SSH daemon must not allow authentication using known hosts authentication.
              
@@ -33998,7 +35710,7 @@ index 24c8f3e5..122efe4f 100644
              
              Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.
            
-@@ -10136,7 +10180,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10499,7 +10544,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010521 - The RHEL 8 SSH daemon must not allow Kerberos authentication, except to fulfill documented and validated mission requirements.
              
@@ -34008,7 +35720,7 @@ index 24c8f3e5..122efe4f 100644
              
              Configuring these settings for the SSH daemon provides additional assurance that remote logon via SSH will not use Kerberos authentication, even in the event of misconfiguration elsewhere.
            
-@@ -10149,7 +10194,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10512,7 +10558,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010540 - RHEL 8 must use a separate file system for /var.
              
@@ -34018,7 +35730,7 @@ index 24c8f3e5..122efe4f 100644
              
              The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
            
-@@ -10162,7 +10208,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10525,7 +10572,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010541 - RHEL 8 must use a separate file system for /var/log.
              
@@ -34028,7 +35740,7 @@ index 24c8f3e5..122efe4f 100644
              
              The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
            
-@@ -10175,7 +10222,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10538,7 +10586,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010542 - RHEL 8 must use a separate file system for the system audit data path.
              
@@ -34038,7 +35750,7 @@ index 24c8f3e5..122efe4f 100644
              
              The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
            
-@@ -10188,7 +10236,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10551,7 +10600,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010543 - A separate RHEL 8 filesystem must be used for the /tmp directory.
              
@@ -34048,7 +35760,7 @@ index 24c8f3e5..122efe4f 100644
              
              The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
            
-@@ -10201,7 +10250,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10564,7 +10614,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010550 - RHEL 8 must not permit direct logons to the root account using remote access via SSH.
              
@@ -34058,7 +35770,7 @@ index 24c8f3e5..122efe4f 100644
              
              Even though the communications channel may be encrypted, an additional layer of security is gained by extending the policy of not logging on directly as root. In addition, logging on with a user-specific account provides individual accountability of actions performed on the system.
            
-@@ -10214,7 +10264,8 @@ This requirement applies to operating systems performing security function verif
+@@ -10577,7 +10628,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010560 - The auditd service must be running in RHEL 8.
              
@@ -34068,7 +35780,7 @@ index 24c8f3e5..122efe4f 100644
              
              Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
  
-@@ -10229,7 +10280,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10592,7 +10644,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010561 - The rsyslog service must be running in RHEL 8.
              
@@ -34078,7 +35790,7 @@ index 24c8f3e5..122efe4f 100644
              
              Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
  
-@@ -10244,12 +10296,13 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10607,12 +10660,13 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010571 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.
              
@@ -34094,7 +35806,7 @@ index 24c8f3e5..122efe4f 100644
              
                
                
-@@ -10260,7 +10313,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10623,7 +10677,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010580 - RHEL 8 must prevent special devices on non-root local partitions.
              
@@ -34104,7 +35816,7 @@ index 24c8f3e5..122efe4f 100644
              
              The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.  The only legitimate location for device files is the /dev directory located on the root partition.
            
-@@ -10273,7 +10327,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10636,7 +10691,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010630 - RHEL 8 must prevent code from being executed on file systems that are imported via Network File System (NFS).
              
@@ -34114,7 +35826,7 @@ index 24c8f3e5..122efe4f 100644
              
              The "noexec" mount option causes the system not to execute binary files. This option must be used for mounting any file system not containing approved binary as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
            
-@@ -10286,7 +10341,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10649,7 +10705,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010640 - RHEL 8 must prevent special devices on file systems that are imported via Network File System (NFS).
              
@@ -34124,7 +35836,7 @@ index 24c8f3e5..122efe4f 100644
              
              The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
            
-@@ -10299,7 +10355,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10662,7 +10719,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010650 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS).
              
@@ -34134,7 +35846,7 @@ index 24c8f3e5..122efe4f 100644
              
              The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
            
-@@ -10312,7 +10369,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10675,7 +10733,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010671 - RHEL 8 must disable the kernel.core_pattern.
              
@@ -34144,7 +35856,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -10335,7 +10393,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -10696,7 +10755,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010673 - RHEL 8 must disable core dumps for all users.
              
@@ -34154,7 +35866,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -10350,7 +10409,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -10711,7 +10771,8 @@ A core dump includes a memory image taken at the time the operating system termi
            
              RHEL-08-010674 - RHEL 8 must disable storing core dumps.
              
@@ -34164,7 +35876,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -10364,7 +10424,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -10725,7 +10786,8 @@ A core dump includes a memory image taken at the time the operating system termi
            
              RHEL-08-010675 - RHEL 8 must disable core dump backtraces.
              
@@ -34174,7 +35886,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -10378,7 +10439,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -10739,7 +10801,8 @@ A core dump includes a memory image taken at the time the operating system termi
            
              RHEL-08-010760 - All RHEL 8 local interactive user accounts must be assigned a home directory upon creation
              
@@ -34184,7 +35896,7 @@ index 24c8f3e5..122efe4f 100644
              
              If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
            
-@@ -10390,7 +10452,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -10751,7 +10814,8 @@ A core dump includes a memory image taken at the time the operating system termi
            
              RHEL-08-010830 - RHEL 8 must not allow users to override SSH environment variables.
              
@@ -34194,7 +35906,7 @@ index 24c8f3e5..122efe4f 100644
              
              SSH environment options potentially allow users to bypass access restriction in some configurations.
            
-@@ -10403,7 +10466,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -10764,7 +10828,8 @@ A core dump includes a memory image taken at the time the operating system termi
            
              RHEL-08-020010 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
              
@@ -34204,7 +35916,7 @@ index 24c8f3e5..122efe4f 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10427,7 +10491,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -10788,7 +10853,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            
              RHEL-08-020011 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
              
@@ -34214,7 +35926,7 @@ index 24c8f3e5..122efe4f 100644
              
              In RHEL 8.2 the "/etc/security/faillock.conf" file was incorporated to centralize the configuration of the pam_faillock.so module.  Also introduced is a "local_users_only" option that will only track failed user authentication attempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP, etc.) users to allow the centralized platform to solely manage user lockout.
  
-@@ -10442,7 +10507,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -10803,7 +10869,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
              
@@ -34224,7 +35936,7 @@ index 24c8f3e5..122efe4f 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10462,7 +10528,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -10823,7 +10890,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            
              RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
              
@@ -34234,7 +35946,7 @@ index 24c8f3e5..122efe4f 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10479,7 +10546,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -10840,7 +10908,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020014 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
              
@@ -34244,7 +35956,7 @@ index 24c8f3e5..122efe4f 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10501,7 +10569,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -10862,7 +10931,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            
              RHEL-08-020015 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
              
@@ -34254,7 +35966,7 @@ index 24c8f3e5..122efe4f 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10518,7 +10587,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -10879,7 +10949,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020018 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
              
@@ -34264,7 +35976,7 @@ index 24c8f3e5..122efe4f 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10538,7 +10608,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -10899,7 +10970,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            
              RHEL-08-020019 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
              
@@ -34274,7 +35986,7 @@ index 24c8f3e5..122efe4f 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10555,7 +10626,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -10916,7 +10988,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020020 - RHEL 8 must log user name information when unsuccessful logon attempts occur.
              
@@ -34284,7 +35996,7 @@ index 24c8f3e5..122efe4f 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10575,7 +10647,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -10936,7 +11009,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            
              RHEL-08-020021 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
              
@@ -34294,7 +36006,7 @@ index 24c8f3e5..122efe4f 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10592,7 +10665,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -10953,7 +11027,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020022 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
              
@@ -34304,7 +36016,7 @@ index 24c8f3e5..122efe4f 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10612,7 +10686,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -10973,7 +11048,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            
              RHEL-08-020023 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
              
@@ -34314,7 +36026,7 @@ index 24c8f3e5..122efe4f 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -10629,7 +10704,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -10990,7 +11066,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020024 - RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types.
              
@@ -34324,7 +36036,7 @@ index 24c8f3e5..122efe4f 100644
              
              Operating system management includes the ability to control the number of users and user sessions that utilize an operating system. Limiting the number of allowed users and sessions per user is helpful in reducing the risks related to DoS attacks.
  
-@@ -10644,7 +10720,8 @@ This requirement addresses concurrent sessions for information system accounts a
+@@ -11005,7 +11082,8 @@ This requirement addresses concurrent sessions for information system accounts a
            
              RHEL-08-020040 - RHEL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for command line sessions.
              
@@ -34334,7 +36046,7 @@ index 24c8f3e5..122efe4f 100644
              
              A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
  
-@@ -10660,7 +10737,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
+@@ -11022,7 +11100,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
            
              RHEL-08-020041 - RHEL 8 must ensure session control is automatically started at shell initialization.
              
@@ -34344,7 +36056,7 @@ index 24c8f3e5..122efe4f 100644
              
              A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
  
-@@ -10677,7 +10755,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
+@@ -11039,7 +11118,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
            
              RHEL-08-020042 - RHEL 8 must prevent users from disabling session control mechanisms.
              
@@ -34354,7 +36066,7 @@ index 24c8f3e5..122efe4f 100644
              
              A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
  
-@@ -10693,7 +10772,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
+@@ -11055,7 +11135,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
            
              RHEL-08-020100 - RHEL 8 must ensure the password complexity module is enabled in the password-auth file.
              
@@ -34364,7 +36076,7 @@ index 24c8f3e5..122efe4f 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
  
-@@ -10709,7 +10789,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. This
+@@ -11071,7 +11152,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. This
            
              RHEL-08-020110 - RHEL 8 must enforce password complexity by requiring that at least one uppercase character be used.
              
@@ -34374,7 +36086,7 @@ index 24c8f3e5..122efe4f 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -10725,7 +10806,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
+@@ -11087,7 +11169,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
            
              RHEL-08-020120 - RHEL 8 must enforce password complexity by requiring that at least one lower-case character be used.
              
@@ -34384,7 +36096,7 @@ index 24c8f3e5..122efe4f 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -10741,7 +10823,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
+@@ -11103,7 +11186,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
            
              RHEL-08-020130 - RHEL 8 must enforce password complexity by requiring that at least one numeric character be used.
              
@@ -34394,7 +36106,7 @@ index 24c8f3e5..122efe4f 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -10757,7 +10840,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+@@ -11119,7 +11203,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
            
              RHEL-08-020140 - RHEL 8 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed.
              
@@ -34404,7 +36116,7 @@ index 24c8f3e5..122efe4f 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -10773,7 +10857,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -11135,7 +11220,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020150 - RHEL 8 must require the maximum number of repeating characters be limited to three when passwords are changed.
              
@@ -34414,7 +36126,7 @@ index 24c8f3e5..122efe4f 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -10789,7 +10874,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -11151,7 +11237,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020160 - RHEL 8 must require the change of at least four character classes when passwords are changed.
              
@@ -34424,7 +36136,7 @@ index 24c8f3e5..122efe4f 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -10805,7 +10891,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -11167,7 +11254,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020170 - RHEL 8 must require the change of at least 8 characters when passwords are changed.
              
@@ -34434,7 +36146,7 @@ index 24c8f3e5..122efe4f 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -10821,7 +10908,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -11183,7 +11271,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020180 - RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime restriction in /etc/shadow.
              
@@ -34444,7 +36156,7 @@ index 24c8f3e5..122efe4f 100644
              
              Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
            
-@@ -10834,7 +10922,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -11196,7 +11285,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020190 - RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/logins.def.
              
@@ -34454,7 +36166,7 @@ index 24c8f3e5..122efe4f 100644
              
              Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
            
-@@ -10846,7 +10935,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -11208,7 +11298,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020200 - RHEL 8 user account passwords must have a 60-day maximum password lifetime restriction.
              
@@ -34464,7 +36176,7 @@ index 24c8f3e5..122efe4f 100644
              
              Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
            
-@@ -10858,7 +10948,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -11220,7 +11311,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020210 - RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
              
@@ -34474,7 +36186,7 @@ index 24c8f3e5..122efe4f 100644
              
              Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
            
-@@ -10873,7 +10964,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -11235,7 +11327,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020220 - RHEL 8 must be configured in the password-auth file to prohibit password reuse for a minimum of five generations.
              
@@ -34484,7 +36196,7 @@ index 24c8f3e5..122efe4f 100644
              
              Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.
  
-@@ -10891,7 +10983,8 @@ Note that manual changes to the listed files may be overwritten by the "authsele
+@@ -11253,7 +11346,8 @@ Note that manual changes to the listed files may be overwritten by the "authsele
            
              RHEL-08-020230 - RHEL 8 passwords must have a minimum of 15 characters.
              
@@ -34494,7 +36206,7 @@ index 24c8f3e5..122efe4f 100644
              
              The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
  
-@@ -10911,7 +11004,8 @@ The DoD minimum password requirement is 15 characters.
+@@ -11273,7 +11367,8 @@ The DoD minimum password requirement is 15 characters.
            
              RHEL-08-020231 - RHEL 8 passwords for new users must have a minimum of 15 characters.
              
@@ -34504,7 +36216,7 @@ index 24c8f3e5..122efe4f 100644
              
              The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
  
-@@ -10927,7 +11021,8 @@ The DoD minimum password requirement is 15 characters.
+@@ -11289,7 +11384,8 @@ The DoD minimum password requirement is 15 characters.
            
              RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.
              
@@ -34514,7 +36226,7 @@ index 24c8f3e5..122efe4f 100644
              
              Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
  
-@@ -10941,7 +11036,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
+@@ -11303,7 +11399,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
            
              RHEL-08-020280 - All RHEL 8 passwords must contain at least one special character.
              
@@ -34524,9 +36236,9 @@ index 24c8f3e5..122efe4f 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -10957,7 +11053,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+@@ -11319,7 +11416,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
            
-             RHEL-08-020300 - RHEL 8 must prevent the use of dictionary words for passwords.
+             RHEL-08-021400 - RHEL 8 must prevent the use of dictionary words for passwords.
              
 -              Red Hat Enterprise Linux 8
 +              Red Hat Enterprise Linux 8
@@ -34534,7 +36246,7 @@ index 24c8f3e5..122efe4f 100644
              
              If RHEL 8 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses, and brute-force attacks.
            
-@@ -10970,7 +11067,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+@@ -11331,7 +11429,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
            
              RHEL-08-020310 - RHEL 8 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.
              
@@ -34544,7 +36256,7 @@ index 24c8f3e5..122efe4f 100644
              
              Configuring the operating system to implement organization-wide security implementation guides and security checklists verifies compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
  
-@@ -10984,7 +11082,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11345,7 +11444,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-020330 - RHEL 8 must not have accounts configured with blank or null passwords.
              
@@ -34554,7 +36266,7 @@ index 24c8f3e5..122efe4f 100644
              
              If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
            
-@@ -10996,7 +11095,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11357,7 +11457,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-020350 - RHEL 8 must display the date and time of the last successful account logon upon an SSH logon.
              
@@ -34564,7 +36276,7 @@ index 24c8f3e5..122efe4f 100644
              
              Providing users with feedback on when account accesses via SSH last occurred facilitates user recognition and reporting of unauthorized account use.
            
-@@ -11009,7 +11109,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11370,7 +11471,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-020351 - RHEL 8 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.
              
@@ -34574,7 +36286,7 @@ index 24c8f3e5..122efe4f 100644
              
              Setting the most restrictive default permissions ensures that when new accounts are created, they do not have unnecessary access.
            
-@@ -11021,7 +11122,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11382,7 +11484,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-030000 - The RHEL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.
              
@@ -34584,7 +36296,7 @@ index 24c8f3e5..122efe4f 100644
              
              Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider threats and the advanced persistent threat.
            
-@@ -11037,7 +11139,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11398,7 +11501,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-030020 - The RHEL 8 System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.
              
@@ -34594,7 +36306,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
  
-@@ -11053,7 +11156,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+@@ -11414,7 +11518,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
            
              RHEL-08-030040 - The RHEL 8 System must take appropriate action when an audit processing failure occurs.
              
@@ -34604,7 +36316,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
  
-@@ -11069,7 +11173,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+@@ -11430,7 +11535,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
            
              RHEL-08-030060 - The RHEL 8 audit system must take appropriate action when the audit storage volume is full.
              
@@ -34614,7 +36326,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is critical that when RHEL 8 is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.
  
-@@ -11087,7 +11192,8 @@ When availability is an overriding concern, other approved actions in response t
+@@ -11448,7 +11554,8 @@ When availability is an overriding concern, other approved actions in response t
            
              RHEL-08-030061 - The RHEL 8 audit system must audit local events.
              
@@ -34624,7 +36336,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
  
-@@ -11101,7 +11207,8 @@ Audit record content that may be necessary to satisfy this requirement includes,
+@@ -11462,7 +11569,8 @@ Audit record content that may be necessary to satisfy this requirement includes,
            
              RHEL-08-030062 - RHEL 8 must label all off-loaded audit logs before sending them to the central log server.
              
@@ -34634,7 +36346,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
  
-@@ -11119,7 +11226,8 @@ When audit logs are not labeled before they are sent to a central log server, th
+@@ -11480,7 +11588,8 @@ When audit logs are not labeled before they are sent to a central log server, th
            
              RHEL-08-030063 - RHEL 8 must resolve audit information before writing to disk.
              
@@ -34644,7 +36356,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
  
-@@ -11135,7 +11243,8 @@ Enriched logging aids in making sense of who, what, and when events occur on a s
+@@ -11496,7 +11605,8 @@ Enriched logging aids in making sense of who, what, and when events occur on a s
            
              RHEL-08-030070 - RHEL 8 audit logs must have a mode of 0600 or less permissive to prevent unauthorized read access.
              
@@ -34654,7 +36366,7 @@ index 24c8f3e5..122efe4f 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -11149,7 +11258,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -11510,7 +11620,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-030080 - RHEL 8 audit logs must be owned by root to prevent unauthorized read access.
              
@@ -34664,7 +36376,7 @@ index 24c8f3e5..122efe4f 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -11163,7 +11273,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -11524,7 +11635,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-030090 - RHEL 8 audit logs must be group-owned by root to prevent unauthorized read access.
              
@@ -34674,7 +36386,7 @@ index 24c8f3e5..122efe4f 100644
              
              Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11177,7 +11288,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+@@ -11538,7 +11650,8 @@ Audit information includes all information (e.g., audit records, audit settings,
            
              RHEL-08-030100 - RHEL 8 audit log directory must be owned by root to prevent unauthorized read access.
              
@@ -34684,7 +36396,7 @@ index 24c8f3e5..122efe4f 100644
              
              Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11191,7 +11303,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+@@ -11552,7 +11665,8 @@ Audit information includes all information (e.g., audit records, audit settings,
            
              RHEL-08-030110 - RHEL 8 audit log directory must be group-owned by root to prevent unauthorized read access.
              
@@ -34694,7 +36406,7 @@ index 24c8f3e5..122efe4f 100644
              
              Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11205,7 +11318,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+@@ -11566,7 +11680,8 @@ Audit information includes all information (e.g., audit records, audit settings,
            
              RHEL-08-030120 - RHEL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access.
              
@@ -34704,7 +36416,7 @@ index 24c8f3e5..122efe4f 100644
              
              Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11219,7 +11333,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+@@ -11580,7 +11695,8 @@ Audit information includes all information (e.g., audit records, audit settings,
            
              RHEL-08-030121 - RHEL 8 audit system must protect auditing rules from unauthorized change.
              
@@ -34714,7 +36426,7 @@ index 24c8f3e5..122efe4f 100644
              
              Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11235,7 +11350,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
+@@ -11596,7 +11712,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
            
              RHEL-08-030122 - RHEL 8 audit system must protect logon UIDs from unauthorized change.
              
@@ -34724,7 +36436,7 @@ index 24c8f3e5..122efe4f 100644
              
              Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11251,7 +11367,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
+@@ -11612,7 +11729,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
            
              RHEL-08-030130 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.
              
@@ -34734,7 +36446,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11266,7 +11383,8 @@ Audit records can be generated from various components within the information sy
+@@ -11627,7 +11745,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030140 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd.
              
@@ -34744,7 +36456,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11281,7 +11399,8 @@ Audit records can be generated from various components within the information sy
+@@ -11642,7 +11761,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030150 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.
              
@@ -34754,7 +36466,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11296,7 +11415,8 @@ Audit records can be generated from various components within the information sy
+@@ -11657,7 +11777,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030160 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.
              
@@ -34764,7 +36476,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11311,7 +11431,8 @@ Audit records can be generated from various components within the information sy
+@@ -11672,7 +11793,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030170 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.
              
@@ -34774,7 +36486,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11326,7 +11447,8 @@ Audit records can be generated from various components within the information sy
+@@ -11687,7 +11809,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030171 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.
              
@@ -34784,7 +36496,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11341,7 +11463,8 @@ Audit records can be generated from various components within the information sy
+@@ -11702,7 +11825,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030172 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/.
              
@@ -34794,7 +36506,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11356,7 +11479,8 @@ Audit records can be generated from various components within the information sy
+@@ -11717,7 +11841,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030180 - The RHEL 8 audit package must be installed.
              
@@ -34804,7 +36516,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
  
-@@ -11372,7 +11496,8 @@ Associating event types with detected events in RHEL 8 audit logs provides a mea
+@@ -11733,7 +11858,8 @@ Associating event types with detected events in RHEL 8 audit logs provides a mea
            
              RHEL-08-030190 - Successful/unsuccessful uses of the su command in RHEL 8 must generate an audit record.
              
@@ -34814,7 +36526,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11389,7 +11514,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11750,7 +11876,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030200 - The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr and lremovexattr system calls.
              
@@ -34824,7 +36536,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11436,7 +11562,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -11797,7 +11924,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              RHEL-08-030250 - Successful/unsuccessful uses of the chage command in RHEL 8 must generate an audit record
              
@@ -34834,7 +36546,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11455,7 +11582,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+@@ -11816,7 +11944,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
            
              RHEL-08-030260 - Successful/unsuccessful uses of the chcon command in RHEL 8 must generate an audit record
              
@@ -34844,7 +36556,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11474,7 +11602,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+@@ -11835,7 +11964,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
            
              RHEL-08-030280 - Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate an audit record.
              
@@ -34854,7 +36566,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11491,7 +11620,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11852,7 +11982,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030290 - Successful/unsuccessful uses of the passwd command in RHEL 8 must generate an audit record.
              
@@ -34864,7 +36576,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11508,7 +11638,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11869,7 +12000,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030300 - Successful/unsuccessful uses of the mount command in RHEL 8 must generate an audit record.
              
@@ -34874,7 +36586,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11525,7 +11656,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11886,7 +12018,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030301 - Successful/unsuccessful uses of the umount command in RHEL 8 must generate an audit record.
              
@@ -34884,7 +36596,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11542,7 +11674,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11903,7 +12036,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030302 - Successful/unsuccessful uses of the mount syscall in RHEL 8 must generate an audit record.
              
@@ -34894,7 +36606,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11560,7 +11693,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11921,7 +12055,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030310 - Successful/unsuccessful uses of the unix_update in RHEL 8 must generate an audit record.
              
@@ -34904,7 +36616,7 @@ index 24c8f3e5..122efe4f 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -11577,7 +11711,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11938,7 +12073,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030311 - Successful/unsuccessful uses of postdrop in RHEL 8 must generate an audit record.
              
@@ -34914,7 +36626,7 @@ index 24c8f3e5..122efe4f 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -11594,7 +11729,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11955,7 +12091,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030312 - Successful/unsuccessful uses of postqueue in RHEL 8 must generate an audit record.
              
@@ -34924,7 +36636,7 @@ index 24c8f3e5..122efe4f 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -11611,7 +11747,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11972,7 +12109,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record.
              
@@ -34934,7 +36646,7 @@ index 24c8f3e5..122efe4f 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -11628,7 +11765,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11989,7 +12127,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030314 - Successful/unsuccessful uses of setfiles in RHEL 8 must generate an audit record.
              
@@ -34944,7 +36656,7 @@ index 24c8f3e5..122efe4f 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -11645,7 +11783,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12006,7 +12145,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030315 - Successful/unsuccessful uses of userhelper in RHEL 8 must generate an audit record.
              
@@ -34954,7 +36666,7 @@ index 24c8f3e5..122efe4f 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -11662,7 +11801,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12023,7 +12163,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030316 - Successful/unsuccessful uses of setsebool in RHEL 8 must generate an audit record.
              
@@ -34964,7 +36676,7 @@ index 24c8f3e5..122efe4f 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -11679,7 +11819,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12040,7 +12181,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030317 - Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an audit record.
              
@@ -34974,7 +36686,7 @@ index 24c8f3e5..122efe4f 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -11696,7 +11837,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12057,7 +12199,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030320 - Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must generate an audit record.
              
@@ -34984,7 +36696,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11713,7 +11855,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12074,7 +12217,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030330 - Successful/unsuccessful uses of the setfacl command in RHEL 8 must generate an audit record.
              
@@ -34994,7 +36706,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11730,7 +11873,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12091,7 +12235,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record.
              
@@ -35004,7 +36716,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11747,7 +11891,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12108,7 +12253,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030350 - Successful/unsuccessful uses of the newgrp command in RHEL 8 must generate an audit record.
              
@@ -35014,7 +36726,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11764,7 +11909,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12125,7 +12271,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030360 - Successful/unsuccessful uses of the init_module and finit_module command system calls in RHEL 8 must generate an audit record.
              
@@ -35024,7 +36736,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11786,7 +11932,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12147,7 +12294,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              RHEL-08-030361 - Successful/unsuccessful uses of the rename, unlink, rmdir, renameat and unlinkat commandsystem calls in RHEL 8 must generate an audit record.
              
@@ -35034,7 +36746,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11817,7 +11964,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12178,7 +12326,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              RHEL-08-030370 - Successful/unsuccessful uses of the gpasswd command in RHEL 8 must generate an audit record.
              
@@ -35044,7 +36756,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11834,7 +11982,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12195,7 +12344,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030390 - Successful/unsuccessful uses of the delete_module command in RHEL 8 must generate an audit record.
              
@@ -35054,7 +36766,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11852,7 +12001,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12213,7 +12363,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030400 - Successful/unsuccessful uses of the crontab command in RHEL 8 must generate an audit record.
              
@@ -35064,7 +36776,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11869,7 +12019,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12230,7 +12381,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030410 - Successful/unsuccessful uses of the chsh command in RHEL 8 must generate an audit record.
              
@@ -35074,7 +36786,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11886,7 +12037,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12247,7 +12399,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030420 - Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.
              
@@ -35084,7 +36796,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11931,7 +12083,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12292,7 +12445,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              RHEL-08-030480 - Successful/unsuccessful uses of the chown, fchown, fchownat and lchown system calls in RHEL 8 must generate an audit record.
              
@@ -35094,7 +36806,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11960,7 +12113,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12321,7 +12475,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              RHEL-08-030490 - Successful/unsuccessful uses of the chmod, fchmod and fchmodat system calls in RHEL 8 must generate an audit record.
              
@@ -35104,7 +36816,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11985,7 +12139,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12346,7 +12501,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              RHEL-08-030550 - Successful/unsuccessful uses of the sudo command in RHEL 8 must generate an audit record.
              
@@ -35114,7 +36826,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12002,7 +12157,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12363,7 +12519,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030560 - Successful/unsuccessful uses of the usermod command in RHEL 8 must generate an audit record.
              
@@ -35124,7 +36836,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12019,7 +12175,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12380,7 +12537,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030570 - Successful/unsuccessful uses of the chacl command in RHEL 8 must generate an audit record.
              
@@ -35134,7 +36846,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12036,7 +12193,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12397,7 +12555,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030580 - Successful/unsuccessful uses of the kmod command in RHEL 8 must generate an audit record.
              
@@ -35144,7 +36856,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12063,7 +12221,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
+@@ -12424,7 +12583,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
            
              RHEL-08-030600 - Successful/unsuccessful modifications to the lastlog file in RHEL 8 must generate an audit record.
              
@@ -35154,7 +36866,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12090,7 +12249,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
+@@ -12451,7 +12611,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
            
              RHEL-08-030610 - RHEL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.
              
@@ -35164,7 +36876,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
            
-@@ -12103,7 +12263,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
+@@ -12464,7 +12625,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
            
              RHEL-08-030620 - RHEL 8 audit tools must have a mode of 0755 or less permissive.
              
@@ -35174,7 +36886,7 @@ index 24c8f3e5..122efe4f 100644
              
              Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
  
-@@ -12119,7 +12280,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+@@ -12480,7 +12642,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
            
              RHEL-08-030630 - RHEL 8 audit tools must be owned by root.
              
@@ -35184,7 +36896,7 @@ index 24c8f3e5..122efe4f 100644
              
              Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
  
-@@ -12135,7 +12297,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+@@ -12496,7 +12659,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
            
              RHEL-08-030640 - RHEL 8 audit tools must be group-owned by root.
              
@@ -35194,7 +36906,7 @@ index 24c8f3e5..122efe4f 100644
              
              Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
  
-@@ -12151,7 +12314,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+@@ -12512,7 +12676,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
            
              RHEL-08-030680 - RHEL 8 must have the packages required for encrypting offloaded audit logs installed.
              
@@ -35204,7 +36916,7 @@ index 24c8f3e5..122efe4f 100644
              
              Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
  
-@@ -12174,7 +12338,8 @@ Note that a port number was given as there is no standard port for RELP.
              RHEL-08-030700 - RHEL 8 must take appropriate action when the internal event queue is full.
              
@@ -35214,7 +36926,7 @@ index 24c8f3e5..122efe4f 100644
              
              Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
  
-@@ -12190,7 +12355,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
+@@ -12551,7 +12717,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
            
              RHEL-08-030730 - RHEL 8 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.
              
@@ -35224,7 +36936,7 @@ index 24c8f3e5..122efe4f 100644
              
              If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.
            
-@@ -12202,7 +12368,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
+@@ -12563,7 +12730,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
            
              RHEL-08-030741 - RHEL 8 must disable the chrony daemon from acting as a server.
              
@@ -35234,7 +36946,7 @@ index 24c8f3e5..122efe4f 100644
              
              Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
  
-@@ -12220,7 +12387,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
+@@ -12581,7 +12749,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
            
              RHEL-08-030742 - RHEL 8 must disable network management of the chrony daemon.
              
@@ -35244,7 +36956,7 @@ index 24c8f3e5..122efe4f 100644
              
              Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
  
-@@ -12238,7 +12406,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
+@@ -12599,7 +12768,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
            
              RHEL-08-040000 - RHEL 8 must not have the telnet-server package installed.
              
@@ -35254,7 +36966,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12260,7 +12429,8 @@ If a privileged user were to log on using this service, the privileged user pass
+@@ -12621,7 +12791,8 @@ If a privileged user were to log on using this service, the privileged user pass
            
              RHEL-08-040001 - RHEL 8 must not have any automated bug reporting tools installed.
              
@@ -35264,7 +36976,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12278,7 +12448,8 @@ Verify the operating system is configured to disable non-essential capabilities.
+@@ -12639,7 +12810,8 @@ Verify the operating system is configured to disable non-essential capabilities.
            
              RHEL-08-040002 - RHEL 8 must not have the sendmail package installed.
              
@@ -35274,7 +36986,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12296,7 +12467,8 @@ Verify the operating system is configured to disable non-essential capabilities.
+@@ -12657,7 +12829,8 @@ Verify the operating system is configured to disable non-essential capabilities.
            
              RHEL-08-040010 - RHEL 8 must not have the rsh-server package installed.
              
@@ -35284,7 +36996,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12314,7 +12486,8 @@ If a privileged user were to log on using this service, the privileged user pass
+@@ -12675,7 +12848,8 @@ If a privileged user were to log on using this service, the privileged user pass
            
              RHEL-08-040021 - RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.
              
@@ -35294,7 +37006,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12331,7 +12504,8 @@ The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data li
+@@ -12692,7 +12866,8 @@ The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data li
            
              RHEL-08-040022 - RHEL 8 must disable the controller area network (CAN) protocol.
              
@@ -35304,7 +37016,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12348,7 +12522,8 @@ The Controller Area Network (CAN) is a serial communications protocol, which was
+@@ -12709,7 +12884,8 @@ The Controller Area Network (CAN) is a serial communications protocol, which was
            
              RHEL-08-040023 - RHEL 8 must disable the stream control transmission (SCTP) protocol.
              
@@ -35314,7 +37026,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12365,7 +12540,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
+@@ -12726,7 +12902,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
            
              RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol.
              
@@ -35324,7 +37036,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12382,7 +12558,8 @@ The Transparent Inter-Process Communication (TIPC) protocol is designed to provi
+@@ -12743,7 +12920,8 @@ The Transparent Inter-Process Communication (TIPC) protocol is designed to provi
            
              RHEL-08-040025 - RHEL 8 must disable mounting of cramfs.
              
@@ -35334,7 +37046,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12399,7 +12576,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
+@@ -12760,7 +12938,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
            
              RHEL-08-040026 - RHEL 8 must disable IEEE 1394 (FireWire) Support.
              
@@ -35344,7 +37056,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12414,7 +12592,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
+@@ -12775,7 +12954,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
            
              RHEL-08-040060 - RHEL 8 must enforce SSHv2 for network access to all accounts.
              
@@ -35354,7 +37066,7 @@ index 24c8f3e5..122efe4f 100644
              
              A replay attack may enable an unauthorized user to gain access to RHEL 8. Authentication sessions between the authenticator and RHEL 8 validating the user credentials must not be vulnerable to a replay attack.
  
-@@ -12435,7 +12614,8 @@ RHEL 8 incorporates OpenSSH as a default ssh provider. OpenSSH has been a 100 pe
+@@ -12796,7 +12976,8 @@ RHEL 8 incorporates OpenSSH as a default ssh provider. OpenSSH has been a 100 pe
            
              RHEL-08-040080 - RHEL 8 must be configured to disable USB mass storage.
              
@@ -35364,7 +37076,7 @@ index 24c8f3e5..122efe4f 100644
              
              USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity.
            
-@@ -12448,7 +12628,8 @@ RHEL 8 incorporates OpenSSH as a default ssh provider. OpenSSH has been a 100 pe
+@@ -12809,7 +12990,8 @@ RHEL 8 incorporates OpenSSH as a default ssh provider. OpenSSH has been a 100 pe
            
              RHEL-08-040111 - RHEL 8 Bluetooth must be disabled.
              
@@ -35374,7 +37086,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without protection of communications with wireless peripherals, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read, altered, or used to compromise the RHEL 8 operating system.
  
-@@ -12464,7 +12645,8 @@ Protecting the confidentiality and integrity of communications with wireless per
+@@ -12826,7 +13008,8 @@ Protecting the confidentiality and integrity of communications with wireless per
            
              RHEL-08-040120 - RHEL 8 must mount /dev/shm with the nodev option.
              
@@ -35384,7 +37096,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12483,7 +12665,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12845,7 +13028,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040121 - RHEL 8 must mount /dev/shm with the nosuid option.
              
@@ -35394,7 +37106,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12500,7 +12683,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12862,7 +13046,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040122 - RHEL 8 must mount /dev/shm with the noexec option.
              
@@ -35404,7 +37116,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12519,7 +12703,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12881,7 +13066,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040123 - RHEL 8 must mount /tmp with the nodev option.
              
@@ -35414,7 +37126,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12539,7 +12724,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12901,7 +13087,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040124 - RHEL 8 must mount /tmp with the nosuid option.
              
@@ -35424,7 +37136,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12557,7 +12743,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12919,7 +13106,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040125 - RHEL 8 must mount /tmp with the noexec option.
              
@@ -35434,7 +37146,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12577,7 +12764,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12939,7 +13127,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040126 - RHEL 8 must mount /var/log with the nodev option.
              
@@ -35444,7 +37156,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12597,7 +12785,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12959,7 +13148,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040127 - RHEL 8 must mount /var/log with the nosuid option.
              
@@ -35454,7 +37166,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12617,7 +12806,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12979,7 +13169,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040128 - RHEL 8 must mount /var/log with the noexec option.
              
@@ -35464,7 +37176,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12637,7 +12827,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12999,7 +13190,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040129 - RHEL 8 must mount /var/log/audit with the nodev option.
              
@@ -35474,7 +37186,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12657,7 +12848,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13019,7 +13211,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040130 - RHEL 8 must mount /var/log/audit with the nosuid option.
              
@@ -35484,7 +37196,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12677,7 +12869,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13039,7 +13232,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040131 - RHEL 8 must mount /var/log/audit with the noexec option.
              
@@ -35494,7 +37206,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12697,7 +12890,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13059,7 +13253,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040132 - RHEL 8 must mount /var/tmp with the nodev option.
              
@@ -35504,7 +37216,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12716,7 +12910,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13078,7 +13273,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040133 - RHEL 8 must mount /var/tmp with the nosuid option.
              
@@ -35514,7 +37226,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12735,7 +12930,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13097,7 +13293,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040134 - RHEL 8 must mount /var/tmp with the noexec option.
              
@@ -35524,7 +37236,7 @@ index 24c8f3e5..122efe4f 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12754,7 +12950,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13116,7 +13313,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040160 - All RHEL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
              
@@ -35534,7 +37246,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
  
-@@ -12771,7 +12968,8 @@ Protecting the confidentiality and integrity of organizational information can b
+@@ -13133,7 +13331,8 @@ Protecting the confidentiality and integrity of organizational information can b
            
              RHEL 8 must force a frequent session key renegotiation for SSH connections to the server.
              
@@ -35544,7 +37256,7 @@ index 24c8f3e5..122efe4f 100644
              
              Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
  
-@@ -12790,7 +12988,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+@@ -13152,7 +13351,8 @@ Session key regeneration limits the chances of a session key becoming compromise
            
              RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled.
              
@@ -35554,7 +37266,7 @@ index 24c8f3e5..122efe4f 100644
              
              A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
            
-@@ -12802,7 +13001,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+@@ -13164,7 +13364,8 @@ Session key regeneration limits the chances of a session key becoming compromise
            
              RHEL-08-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support.
              
@@ -35564,7 +37276,7 @@ index 24c8f3e5..122efe4f 100644
              
              If TFTP is required for operational support (such as the transmission of router configurations) its use must be documented with the Information System Security Officer (ISSO), restricted to only authorized personnel, and have access control rules established.
            
-@@ -12814,7 +13014,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+@@ -13176,7 +13377,8 @@ Session key regeneration limits the chances of a session key becoming compromise
            
              RHEL-08-040200 - The root account must be the only account having unrestricted access to the RHEL 8 system.
              
@@ -35574,7 +37286,7 @@ index 24c8f3e5..122efe4f 100644
              
              If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.
            
-@@ -12826,7 +13027,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+@@ -13188,7 +13390,8 @@ Session key regeneration limits the chances of a session key becoming compromise
            
              RHEL-08-040210 - RHEL 8 must prevent Internet Control Message Protocol (ICMP) redirect messages from being accepted.
              
@@ -35582,9 +37294,9 @@ index 24c8f3e5..122efe4f 100644
 +              Red Hat Enterprise Linux 8
 +AlmaLinux 8
              
-             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
-           
-@@ -12842,7 +13044,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+ 
+@@ -13212,7 +13415,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040220 - RHEL 8 must not send Internet Control Message Protocol (ICMP) redirects.
              
@@ -35594,7 +37306,7 @@ index 24c8f3e5..122efe4f 100644
              
              ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
  
-@@ -12867,7 +13070,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -13235,7 +13439,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040230 - RHEL 8 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.
              
@@ -35604,7 +37316,7 @@ index 24c8f3e5..122efe4f 100644
              
              Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.
  
-@@ -12892,7 +13096,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -13258,7 +13463,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040240 - RHEL 8 must not forward source-routed packets.
              
@@ -35614,7 +37326,7 @@ index 24c8f3e5..122efe4f 100644
              
              Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
  
-@@ -12918,7 +13123,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -13282,7 +13488,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040250 - RHEL 8 must not forward source-routed packets by default.
              
@@ -35623,8 +37335,8 @@ index 24c8f3e5..122efe4f 100644
 +AlmaLinux 8
              
              Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
- 		
-@@ -12944,7 +13150,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+ 
+@@ -13306,7 +13513,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040260 - RHEL 8 must not be performing packet forwarding unless the system is a router.
              
@@ -35634,7 +37346,7 @@ index 24c8f3e5..122efe4f 100644
              
              Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
  
-@@ -12970,7 +13177,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -13330,7 +13538,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040261 - RHEL 8 must not accept router advertisements on all IPv6 interfaces.
              
@@ -35644,7 +37356,7 @@ index 24c8f3e5..122efe4f 100644
              
              Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
  
-@@ -12998,7 +13206,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -13356,7 +13565,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040262 - RHEL 8 must not accept router advertisements on all IPv6 interfaces by default.
              
@@ -35654,7 +37366,7 @@ index 24c8f3e5..122efe4f 100644
              
              Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
  
-@@ -13026,7 +13235,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -13382,7 +13592,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040270 - RHEL 8 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default.
              
@@ -35664,9 +37376,9 @@ index 24c8f3e5..122efe4f 100644
              
              ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
  
-@@ -13051,7 +13261,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -13405,7 +13616,8 @@ The sysctl --system command will load settings from all system configuration fil
            
-             RHEL-08-040280 - RHEL 8 must ignore Internet Control Message Protocol (ICMP) redirect messages.
+             RHEL-08-040280 - RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages.
              
 -              Red Hat Enterprise Linux 8
 +              Red Hat Enterprise Linux 8
@@ -35674,7 +37386,7 @@ index 24c8f3e5..122efe4f 100644
              
              ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
  
-@@ -13077,7 +13288,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -13429,7 +13641,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040281 - RHEL 8 must disable access to network bpf syscall from unprivileged processes.
              
@@ -35684,7 +37396,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13100,7 +13312,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -13450,7 +13663,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040282 - RHEL 8 must restrict usage of ptrace to descendant processes.
              
@@ -35694,7 +37406,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13123,7 +13336,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+@@ -13471,7 +13685,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040283 - RHEL 8 must restrict exposed kernel pointer addresses access.
              
@@ -35702,9 +37414,9 @@ index 24c8f3e5..122efe4f 100644
 +              Red Hat Enterprise Linux 8
 +AlmaLinux 8
              
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives.  These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.  
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13145,7 +13359,8 @@ Based on the information above, if a configuration file begins with "99-" is cre
+@@ -13492,7 +13707,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040284 - RHEL 8 must disable the use of user namespaces.
              
@@ -35714,7 +37426,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13167,7 +13382,8 @@ Based on the information above, if a configuration file begins with "99-" is cre
+@@ -13513,7 +13729,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces.
              
@@ -35724,7 +37436,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13189,7 +13405,8 @@ Based on the information above, if a configuration file begins with "99-" is cre
+@@ -13534,7 +13751,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying.
              
@@ -35734,7 +37446,7 @@ index 24c8f3e5..122efe4f 100644
              
              If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.
            
-@@ -13202,7 +13419,8 @@ Based on the information above, if a configuration file begins with "99-" is cre
+@@ -13547,7 +13765,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040340 - RHEL 8 remote X connections for interactive users must be disabled unless to fulfill documented and validated mission requirements.
              
@@ -35744,7 +37456,7 @@ index 24c8f3e5..122efe4f 100644
              
              The security risk of using X11 forwarding is that the client's X11 display server may be exposed to attack when the SSH client requests forwarding.  A system administrator may have a stance in which they want to protect clients that may expose themselves to attack by unwittingly requesting X11 forwarding, which can warrant a ''no'' setting.
  X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user's X11 authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring if the ForwardX11Trusted option is also enabled.
-@@ -13217,7 +13435,8 @@ If X11 services are not required for the system's intended function, they should
+@@ -13562,7 +13781,8 @@ If X11 services are not required for the system's intended function, they should
            
              RHEL-08-040341 - The RHEL 8 SSH daemon must prevent remote hosts from connecting to the proxy display.
              
@@ -35754,7 +37466,7 @@ index 24c8f3e5..122efe4f 100644
              
              When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address. By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DIPSLAY environment variable to localhost. This prevents remote hosts from connecting to the proxy display.
            
-@@ -13230,7 +13449,8 @@ If X11 services are not required for the system's intended function, they should
+@@ -13575,7 +13795,8 @@ If X11 services are not required for the system's intended function, they should
            
              RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode.
              
@@ -35764,7 +37476,7 @@ index 24c8f3e5..122efe4f 100644
              
              Restricting TFTP to a specific directory prevents remote users from copying, transferring, or overwriting system files.
            
-@@ -13243,7 +13463,8 @@ If X11 services are not required for the system's intended function, they should
+@@ -13588,7 +13809,8 @@ If X11 services are not required for the system's intended function, they should
            
              RHEL-08-040360 - A File Transfer Protocol (FTP) server package must not be installed unless mission essential on RHEL 8.
              
@@ -35774,7 +37486,7 @@ index 24c8f3e5..122efe4f 100644
              
              The FTP service provides an unencrypted remote access that does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. SSH or other encrypted file transfer methods must be used in place of this service.
            
-@@ -13255,7 +13476,8 @@ If X11 services are not required for the system's intended function, they should
+@@ -13600,7 +13822,8 @@ If X11 services are not required for the system's intended function, they should
            
              RHEL-08-040370 - The gssproxy package must not be installed unless mission essential on RHEL 8.
              
@@ -35784,7 +37496,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13271,7 +13493,8 @@ The gssproxy package is a proxy for GSS API credential handling and could expose
+@@ -13616,7 +13839,8 @@ The gssproxy package is a proxy for GSS API credential handling and could expose
            
              RHEL-08-040380 - The iprutils package must not be installed unless mission essential on RHEL 8.
              
@@ -35794,7 +37506,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13287,7 +13510,8 @@ The iprutils package provides a suite of utilities to manage and configure SCSI
+@@ -13632,7 +13856,8 @@ The iprutils package provides a suite of utilities to manage and configure SCSI
            
              RHEL-08-040390 - The tuned package must not be installed unless mission essential on RHEL 8.
              
@@ -35804,7 +37516,7 @@ index 24c8f3e5..122efe4f 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13303,7 +13527,8 @@ The tuned package contains a daemon that tunes the system settings dynamically.
+@@ -13648,7 +13873,8 @@ The tuned package contains a daemon that tunes the system settings dynamically.
            
              RHEL-08-030670 - RHEL 8 must have the packages required for offloading audit logs installed.
              
@@ -35814,7 +37526,7 @@ index 24c8f3e5..122efe4f 100644
              
              Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
  
-@@ -13326,7 +13551,8 @@ Note that a port number was given as there is no standard port for RELP.
              RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8.
              
@@ -35824,7 +37536,7 @@ index 24c8f3e5..122efe4f 100644
              
              Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -13345,7 +13571,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -13690,7 +13917,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-010382 - RHEL 8 must restrict privilege elevation to authorized personnel.
              
@@ -35834,7 +37546,7 @@ index 24c8f3e5..122efe4f 100644
              
              The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
            
-@@ -13358,7 +13585,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -13703,7 +13931,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-010383 - RHEL 8 must use the invoking user's password for privilege escalation when using "sudo".
              
@@ -35844,7 +37556,7 @@ index 24c8f3e5..122efe4f 100644
              
              The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password. 
  For more information on each of the listed configurations, reference the sudoers(5) manual page.
-@@ -13382,7 +13610,8 @@ For more information on each of the listed configurations, reference the sudoers
+@@ -13727,7 +13956,8 @@ For more information on each of the listed configurations, reference the sudoers
            
              RHEL-08-010384 - RHEL 8 must require re-authentication when using the "sudo" command.
              
@@ -35854,7 +37566,47 @@ index 24c8f3e5..122efe4f 100644
              
              Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
  
-@@ -13456,15 +13685,15 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+@@ -13743,7 +13973,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+           
+             RHEL-08-020331 - RHEL 8 must not allow blank or null passwords in the system-auth file.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
+           
+@@ -13755,7 +13986,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+           
+             RHEL-08-020332 - RHEL 8 must not allow blank or null passwords in the password-auth file.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
+           
+@@ -13767,7 +13999,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+           
+             RHEL-08-040286 - RHEL 8 must enable hardening for the Berkeley Packet Filter Just-in-time compiler.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -13790,7 +14023,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010121 - The RHEL 8 operating system must not have accounts configured with blank or null passwords.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
+           
+@@ -13863,15 +14097,15 @@ The sysctl --system command will load settings from all system configuration fil
            
            
          
@@ -35873,7 +37625,7 @@ index 24c8f3e5..122efe4f 100644
            
          
          
-@@ -14979,18 +15208,18 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+@@ -15390,18 +15624,18 @@ The sysctl --system command will load settings from all system configuration fil
            ^\s*SHA_CRYPT_MAX_ROUNDS\s+(\d+)\b
            1
          
@@ -35898,11 +37650,11 @@ index 24c8f3e5..122efe4f 100644
          
          
            /boot/grub2/grub.cfg
-diff --git a/shared/references/disa-stig-rhel8-v1r5-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v1r5-xccdf-manual.xml
-index 216e91f9..9cde5e5e 100644
---- a/shared/references/disa-stig-rhel8-v1r5-xccdf-manual.xml
-+++ b/shared/references/disa-stig-rhel8-v1r5-xccdf-manual.xml
-@@ -368,7 +368,7 @@ $ sudo egrep "^SHA_CRYPT_" /etc/login.defs
+diff --git a/shared/references/disa-stig-rhel8-v1r9-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v1r9-xccdf-manual.xml
+index 4d2982317..6d1974a59 100644
+--- a/shared/references/disa-stig-rhel8-v1r9-xccdf-manual.xml
++++ b/shared/references/disa-stig-rhel8-v1r9-xccdf-manual.xml
+@@ -374,7 +374,7 @@ SHA_CRYPT_MIN_ROUNDS 5000
+diff --git a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
+index b2eb8c411..ef45fb0c6 100644
+--- a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
++++ b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ 
+ source common.sh
+ 
+diff --git a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
+index 2cfd69a19..f3c352227 100644
+--- a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
++++ b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ 
+ source common.sh
+ 
 diff --git a/shared/templates/audit_rules_syscall_events/ansible.template b/shared/templates/audit_rules_syscall_events/ansible.template
-index 8c6ee906..cac54d94 100644
+index 16dec9827..5e953196e 100644
 --- a/shared/templates/audit_rules_syscall_events/ansible.template
 +++ b/shared/templates/audit_rules_syscall_events/ansible.template
 @@ -1,4 +1,4 @@
@@ -36083,17 +37845,17 @@ index 8c6ee906..cac54d94 100644
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_syscall_events/bash.template b/shared/templates/audit_rules_syscall_events/bash.template
-index 65325548..592ec6bd 100644
+index bd5bb94cb..d1f68626a 100644
 --- a/shared/templates/audit_rules_syscall_events/bash.template
 +++ b/shared/templates/audit_rules_syscall_events/bash.template
 @@ -1,4 +1,4 @@
 -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
- # Include source function library.
- . /usr/share/scap-security-guide/remediation_functions
+ # First perform the remediation of the syscall rule
+ # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
-index 1e930bcf..58d026a4 100644
+index 18d7dbd53..0b390b835 100644
 --- a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
 +++ b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
 @@ -1,4 +1,4 @@
@@ -36103,7 +37865,7 @@ index 1e930bcf..58d026a4 100644
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
-index ff9a4f5e..ae7f6000 100644
+index ff9a4f5e3..ae7f6000e 100644
 --- a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
 +++ b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
 @@ -1,4 +1,4 @@
@@ -36113,7 +37875,7 @@ index ff9a4f5e..ae7f6000 100644
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_usergroup_modification/ansible.template b/shared/templates/audit_rules_usergroup_modification/ansible.template
-index 87c8d2ce..57a2d0c0 100644
+index 43063a18f..f0440e169 100644
 --- a/shared/templates/audit_rules_usergroup_modification/ansible.template
 +++ b/shared/templates/audit_rules_usergroup_modification/ansible.template
 @@ -1,4 +1,4 @@
@@ -36123,7 +37885,7 @@ index 87c8d2ce..57a2d0c0 100644
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_usergroup_modification/bash.template b/shared/templates/audit_rules_usergroup_modification/bash.template
-index 62faac34..3461e4e2 100644
+index 62faac341..3461e4e29 100644
 --- a/shared/templates/audit_rules_usergroup_modification/bash.template
 +++ b/shared/templates/audit_rules_usergroup_modification/bash.template
 @@ -1,4 +1,4 @@
@@ -36133,7 +37895,7 @@ index 62faac34..3461e4e2 100644
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  
 diff --git a/shared/templates/grub2_bootloader_argument/ansible.template b/shared/templates/grub2_bootloader_argument/ansible.template
-index db3b4430..6d55ca29 100644
+index bebe5ccbc..11d89c67b 100644
 --- a/shared/templates/grub2_bootloader_argument/ansible.template
 +++ b/shared/templates/grub2_bootloader_argument/ansible.template
 @@ -1,4 +1,4 @@
@@ -36143,7 +37905,7 @@ index db3b4430..6d55ca29 100644
  # strategy = restrict
  # complexity = medium
 diff --git a/shared/templates/grub2_bootloader_argument/bash.template b/shared/templates/grub2_bootloader_argument/bash.template
-index 5f97efd4..24529bda 100644
+index 965f4d38e..7289a1c0c 100644
 --- a/shared/templates/grub2_bootloader_argument/bash.template
 +++ b/shared/templates/grub2_bootloader_argument/bash.template
 @@ -1,4 +1,4 @@
@@ -36152,75 +37914,110 @@ index 5f97efd4..24529bda 100644
  {{#
     See the OVAL template for more comments.
     Product-specific categorization should be synced across all template content types
-@@ -23,7 +23,7 @@ fi
- {{% set grub_helper_executable = "update-grub" -%}}
- {{% endif -%}}
- 
--{{% if product in ["rhel8", "ol8"] %}}
-+{{% if product in ["rhel8", "almalinux8", "ol8"] %}}
- {{# Suppress the None output of append -#}}
- {{{ grub_helper_args.append("--env=/boot/grub2/grubenv") or "" -}}}
- {{% endif -%}}
 diff --git a/shared/templates/grub2_bootloader_argument/blueprint.template b/shared/templates/grub2_bootloader_argument/blueprint.template
-index e07d5a4f..0c2c56ce 100644
+index 7e9ea909e..152f27303 100644
 --- a/shared/templates/grub2_bootloader_argument/blueprint.template
 +++ b/shared/templates/grub2_bootloader_argument/blueprint.template
 @@ -1,4 +1,4 @@
 -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
- 
- [customizations.kernel]
- append = "{{{ ARG_NAME_VALUE }}}"
-diff --git a/shared/templates/grub2_bootloader_argument/oval.template b/shared/templates/grub2_bootloader_argument/oval.template
-index 71367465..439ac799 100644
---- a/shared/templates/grub2_bootloader_argument/oval.template
-+++ b/shared/templates/grub2_bootloader_argument/oval.template
-@@ -16,7 +16,7 @@
- {{% set system_with_expanded_kernel_options_in_loader_entries = true %}}
- {{%- endif -%}}
- 
--{{% if product in ["rhel8"] -%}}
-+{{% if product in ["rhel8", "almalinux8"] -%}}
- {{% set system_with_referenced_kernel_options_in_loader_entries = true %}}
- {{% set system_with_kernel_options_in_grubenv = true %}}
- {{%- endif -%}}
+ {{%- if ARG_VARIABLE %}}
+ {{%- set ARG_NAME_VALUE = ARG_NAME ~ "=(blueprint-populate " ~ ARG_VARIABLE ~ ")" -%}}
+ {{%- endif %}}
 diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh
-index a270be45..0844a6d7 100644
+index 93907c794..289fcf4d9 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh
 +++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ # packages = grub2,grubby
  
- # Removes argument from kernel command line in /etc/default/grub
- if grep -q '^GRUB_CMDLINE_LINUX=.*{{{ARG_NAME}}}=.*"'  '/etc/default/grub' ; then
+ source common.sh
 diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh
-index fdf2a5d4..0e0e7297 100644
+index e52ae2417..5f5306e14 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh
 +++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  
--# platform = Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # packages = grub2,grubby
  
- # Removes audit argument from kernel command line in /boot/grub2/grubenv
- file="/boot/grub2/grubenv"
+ source common.sh
 diff --git a/shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh b/shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh
-index 5a97ec25..c679b04a 100644
+index 0c97377f2..2aef2ae6d 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh
 +++ b/shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh
-@@ -1,5 +1,5 @@
+@@ -1,6 +1,6 @@
  #!/bin/bash
+ 
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # packages = grub2,grubby
+ 
+ source common.sh
+diff --git a/shared/templates/grub2_bootloader_argument_absent/ansible.template b/shared/templates/grub2_bootloader_argument_absent/ansible.template
+index 51fc98b7a..c6b147d87 100644
+--- a/shared/templates/grub2_bootloader_argument_absent/ansible.template
++++ b/shared/templates/grub2_bootloader_argument_absent/ansible.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ # reboot = true
+ # strategy = restrict
+ # complexity = medium
+diff --git a/shared/templates/grub2_bootloader_argument_absent/bash.template b/shared/templates/grub2_bootloader_argument_absent/bash.template
+index 8d7d6e9ea..18b900e51 100644
+--- a/shared/templates/grub2_bootloader_argument_absent/bash.template
++++ b/shared/templates/grub2_bootloader_argument_absent/bash.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+ {{#
+    See the OVAL template for more comments.
+    Product-specific categorization should be synced across all template content types
+diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
+index 46ca33623..09ab75acc 100644
+--- a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
++++ b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # packages = grub2-tools,grubby
+ 
+ # Adds argument from kernel command line in /etc/default/grub
+diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_grubenv.fail.sh b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_grubenv.fail.sh
+index 4e4f5135e..3514796b5 100644
+--- a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_grubenv.fail.sh
++++ b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_grubenv.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
 -# platform = Red Hat Enterprise Linux 8
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+ # packages = grub2-tools,grubby
  
- # Break the argument in kernel command line in /boot/grub2/grubenv
- file="/boot/grub2/grubenv"
+ # Adds audit argument from kernel command line in /boot/grub2/grubenv
+diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh
+index e5ce738c3..d10d44c31 100644
+--- a/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh
++++ b/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # packages = grub2-tools,grubby
+ 
+ # Adds argument with a value from kernel command line in /etc/default/grub
 diff --git a/shared/templates/kernel_module_disabled/ansible.template b/shared/templates/kernel_module_disabled/ansible.template
-index 2526baf7..7962d86b 100644
+index f3296bc74..f99d51a1f 100644
 --- a/shared/templates/kernel_module_disabled/ansible.template
 +++ b/shared/templates/kernel_module_disabled/ansible.template
 @@ -1,4 +1,4 @@
@@ -36230,7 +38027,7 @@ index 2526baf7..7962d86b 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/kernel_module_disabled/bash.template b/shared/templates/kernel_module_disabled/bash.template
-index a0998bb9..f433e00d 100644
+index e0eb17685..9d14c4571 100644
 --- a/shared/templates/kernel_module_disabled/bash.template
 +++ b/shared/templates/kernel_module_disabled/bash.template
 @@ -1,4 +1,4 @@
@@ -36239,8 +38036,30 @@ index a0998bb9..f433e00d 100644
  # reboot = true
  # strategy = disable
  # complexity = low
+diff --git a/shared/templates/kernel_module_disabled/kubernetes.template b/shared/templates/kernel_module_disabled/kubernetes.template
+index bc678c80e..516c10ce4 100644
+--- a/shared/templates/kernel_module_disabled/kubernetes.template
++++ b/shared/templates/kernel_module_disabled/kubernetes.template
+@@ -1,5 +1,5 @@
+ ---
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos
+ # reboot = true
+ # strategy = disable
+ # complexity = low
+diff --git a/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh b/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
+index 175d5c8e6..4043fc0e2 100644
+--- a/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
++++ b/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+ 
+ echo > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
+ echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
 diff --git a/shared/templates/mount/anaconda.template b/shared/templates/mount/anaconda.template
-index fdcb4ee3..0d1d8dc2 100644
+index fdcb4ee3e..0d1d8dc24 100644
 --- a/shared/templates/mount/anaconda.template
 +++ b/shared/templates/mount/anaconda.template
 @@ -1,4 +1,4 @@
@@ -36250,7 +38069,7 @@ index fdcb4ee3..0d1d8dc2 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/mount/blueprint.template b/shared/templates/mount/blueprint.template
-index 56617467..3cdacd4d 100644
+index 56617467d..3cdacd4db 100644
 --- a/shared/templates/mount/blueprint.template
 +++ b/shared/templates/mount/blueprint.template
 @@ -1,4 +1,4 @@
@@ -36260,7 +38079,7 @@ index 56617467..3cdacd4d 100644
  [[customizations.filesystem]]
  mountpoint = "{{{ MOUNTPOINT }}}"
 diff --git a/shared/templates/mount_option/anaconda.template b/shared/templates/mount_option/anaconda.template
-index 083b0ef0..14f7018a 100644
+index 083b0ef00..14f7018a9 100644
 --- a/shared/templates/mount_option/anaconda.template
 +++ b/shared/templates/mount_option/anaconda.template
 @@ -1,4 +1,4 @@
@@ -36270,7 +38089,7 @@ index 083b0ef0..14f7018a 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/mount_option_removable_partitions/anaconda.template b/shared/templates/mount_option_removable_partitions/anaconda.template
-index 8665fb91..07cd9e3a 100644
+index 8665fb913..07cd9e3ad 100644
 --- a/shared/templates/mount_option_removable_partitions/anaconda.template
 +++ b/shared/templates/mount_option_removable_partitions/anaconda.template
 @@ -1,4 +1,4 @@
@@ -36280,7 +38099,7 @@ index 8665fb91..07cd9e3a 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/package_installed/anaconda.template b/shared/templates/package_installed/anaconda.template
-index 0ac55f51..dd0bcdde 100644
+index 0ac55f51f..dd0bcddea 100644
 --- a/shared/templates/package_installed/anaconda.template
 +++ b/shared/templates/package_installed/anaconda.template
 @@ -1,4 +1,4 @@
@@ -36290,7 +38109,7 @@ index 0ac55f51..dd0bcdde 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/package_installed/bash.template b/shared/templates/package_installed/bash.template
-index 473feef5..ef56a56a 100644
+index 473feef5c..ef56a56a6 100644
 --- a/shared/templates/package_installed/bash.template
 +++ b/shared/templates/package_installed/bash.template
 @@ -1,4 +1,4 @@
@@ -36300,7 +38119,7 @@ index 473feef5..ef56a56a 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/package_removed/anaconda.template b/shared/templates/package_removed/anaconda.template
-index 489f9bb0..0120d927 100644
+index 489f9bb0f..0120d927c 100644
 --- a/shared/templates/package_removed/anaconda.template
 +++ b/shared/templates/package_removed/anaconda.template
 @@ -1,4 +1,4 @@
@@ -36309,8 +38128,195 @@ index 489f9bb0..0120d927 100644
  # reboot = false
  # strategy = disable
  # complexity = low
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh
+index dc362ae00..36867bb2b 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_include_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_include_correct_attr.pass.sh
+index c742f4103..21fe2ed12 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_include_correct_attr.pass.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_include_correct_attr.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_include_incorrect_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_include_incorrect_attr.fail.sh
+index a12d0bc65..f07940da3 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_include_incorrect_attr.fail.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_include_incorrect_attr.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_incorrect_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_incorrect_attr.fail.sh
+index 25430db03..a391a419a 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_incorrect_attr.fail.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_incorrect_attr.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh
+index c1c5758d8..3e7441a4a 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_include_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_include_correct_attr.pass.sh
+index 023513053..a7d0ebd50 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_include_correct_attr.pass.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_include_correct_attr.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_include_incorrect_attr_legacy.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_include_incorrect_attr_legacy.fail.sh
+index bed0afaf5..3cc60d873 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_include_incorrect_attr_legacy.fail.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_include_incorrect_attr_legacy.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_include_incorrect_attr_rainer.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_include_incorrect_attr_rainer.fail.sh
+index 83c69b3a1..387ebac3e 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_include_incorrect_attr_rainer.fail.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_include_incorrect_attr_rainer.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_incorrect_attr_cloudinit.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_incorrect_attr_cloudinit.fail.sh
+index 43a6f2648..bb081ac8e 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_incorrect_attr_cloudinit.fail.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_incorrect_attr_cloudinit.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_incorrect_attr_legacy.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_incorrect_attr_legacy.fail.sh
+index f459e7377..c0e412b07 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_incorrect_attr_legacy.fail.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_incorrect_attr_legacy.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_incorrect_attr_rainer.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_incorrect_attr_rainer.fail.sh
+index 67193b69d..fcc87c883 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_incorrect_attr_rainer.fail.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_incorrect_attr_rainer.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh
+index abdb09c48..9cc24d061 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_correct_attr.pass.sh
+index 8b73578e3..51e9a3cbc 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_correct_attr.pass.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_correct_attr.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_incorrect_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_incorrect_attr.fail.sh
+index 4c25c09e2..3212033ff 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_incorrect_attr.fail.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_incorrect_attr.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_multiline_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_multiline_correct_attr.pass.sh
+index 508a5cf6e..42b1272e6 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_multiline_correct_attr.pass.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_multiline_correct_attr.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_multiline_incorrect_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_multiline_incorrect_attr.fail.sh
+index 49fada4cd..2a37d7536 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_multiline_incorrect_attr.fail.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_include_multiline_incorrect_attr.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
+diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_incorrect_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_incorrect_attr.fail.sh
+index b17eb6b74..1d9caba98 100755
+--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_incorrect_attr.fail.sh
++++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_incorrect_attr.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ 
+ # Declare variables used for the tests and define the create_rsyslog_test_logs function
+ source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/sebool/ansible.template b/shared/templates/sebool/ansible.template
-index 0b523cde..70198115 100644
+index 0b523cdea..70198115e 100644
 --- a/shared/templates/sebool/ansible.template
 +++ b/shared/templates/sebool/ansible.template
 @@ -1,4 +1,4 @@
@@ -36320,7 +38326,7 @@ index 0b523cde..70198115 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/sebool/bash.template b/shared/templates/sebool/bash.template
-index 9af01925..dcab0090 100644
+index 9af019254..dcab00908 100644
 --- a/shared/templates/sebool/bash.template
 +++ b/shared/templates/sebool/bash.template
 @@ -1,4 +1,4 @@
@@ -36330,7 +38336,7 @@ index 9af01925..dcab0090 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/service_disabled/bash.template b/shared/templates/service_disabled/bash.template
-index b9bf1b5b..79783edb 100644
+index 27666b03b..c5305b1a9 100644
 --- a/shared/templates/service_disabled/bash.template
 +++ b/shared/templates/service_disabled/bash.template
 @@ -1,4 +1,4 @@
@@ -36340,7 +38346,7 @@ index b9bf1b5b..79783edb 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/service_disabled/kubernetes.template b/shared/templates/service_disabled/kubernetes.template
-index 1ab45652..724e7b77 100644
+index 1ab456524..724e7b779 100644
 --- a/shared/templates/service_disabled/kubernetes.template
 +++ b/shared/templates/service_disabled/kubernetes.template
 @@ -1,4 +1,4 @@
@@ -36350,7 +38356,7 @@ index 1ab45652..724e7b77 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/service_enabled/bash.template b/shared/templates/service_enabled/bash.template
-index 5571989a..8d3ea035 100644
+index 00fd1ee2f..2d99ec854 100644
 --- a/shared/templates/service_enabled/bash.template
 +++ b/shared/templates/service_enabled/bash.template
 @@ -1,4 +1,4 @@
@@ -36360,7 +38366,7 @@ index 5571989a..8d3ea035 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/sysctl/bash.template b/shared/templates/sysctl/bash.template
-index 6c82e6e3..f50f0147 100644
+index 83f50a74a..9800c98c7 100644
 --- a/shared/templates/sysctl/bash.template
 +++ b/shared/templates/sysctl/bash.template
 @@ -1,4 +1,4 @@
@@ -36370,7 +38376,7 @@ index 6c82e6e3..f50f0147 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/zipl_bls_entries_option/ansible.template b/shared/templates/zipl_bls_entries_option/ansible.template
-index 336775e4..6411d1b9 100644
+index 336775e4f..6411d1b9b 100644
 --- a/shared/templates/zipl_bls_entries_option/ansible.template
 +++ b/shared/templates/zipl_bls_entries_option/ansible.template
 @@ -1,4 +1,4 @@
@@ -36380,7 +38386,7 @@ index 336775e4..6411d1b9 100644
  # strategy = configure
  # complexity = medium
 diff --git a/shared/templates/zipl_bls_entries_option/bash.template b/shared/templates/zipl_bls_entries_option/bash.template
-index 25cd7432..a415f2a3 100644
+index 25cd7432c..a415f2a38 100644
 --- a/shared/templates/zipl_bls_entries_option/bash.template
 +++ b/shared/templates/zipl_bls_entries_option/bash.template
 @@ -1,4 +1,4 @@
@@ -36390,67 +38396,84 @@ index 25cd7432..a415f2a3 100644
  # Correct BLS option using grubby, which is a thin wrapper around BLS operations
  grubby --update-kernel=ALL --args="{{{ ARG_NAME }}}={{{ ARG_VALUE }}}"
 diff --git a/ssg/constants.py b/ssg/constants.py
-index a2f66c55..4e9f667c 100644
+index 82520c396..535d4b55d 100644
 --- a/ssg/constants.py
 +++ b/ssg/constants.py
-@@ -38,6 +38,7 @@ SSG_REF_URIS = {
- }
- 
+@@ -41,6 +41,7 @@ SSG_REF_URIS = {
  product_directories = [
+     'alinux2',
+     'alinux3',
 +    'almalinux8',
+     'anolis8',
      'chromium',
-     'debian9', 'debian10', 'debian11',
-     'example',
-@@ -194,6 +195,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
- }
- 
+     'debian10', 'debian11',
+@@ -197,6 +198,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
  FULL_NAME_TO_PRODUCT_MAPPING = {
+     "Alibaba Cloud Linux 2": "alinux2",
+     "Alibaba Cloud Linux 3": "alinux3",
 +    "AlmaLinux 8": "almalinux8",
+     "Anolis OS 8": "anolis8",
      "Chromium": "chromium",
-     "Debian 9": "debian9",
      "Debian 10": "debian10",
-@@ -261,11 +263,12 @@ REFERENCES = dict(
+@@ -265,13 +267,14 @@ REFERENCES = dict(
  )
  
  
--MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhosp", "rhv", "debian", "ubuntu",
-+MULTI_PLATFORM_LIST = ["almalinux", "rhel", "fedora", "rhosp", "rhv", "debian", "ubuntu",
-                        "wrlinux", "opensuse", "sle", "ol", "ocp", "rhcos",
-                        "example", "eks"]
+-MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
++MULTI_PLATFORM_LIST = ["almalinux", "rhel", "fedora", "rhv", "debian", "ubuntu",
+                        "opensuse", "sle", "ol", "ocp", "rhcos",
+                        "example", "eks", "alinux", "uos", "anolis"]
  
  MULTI_PLATFORM_MAPPING = {
+     "multi_platform_alinux": ["alinux2", "alinux3"],
+     "multi_platform_anolis": ["anolis8"],
 +    "multi_platform_almalinux": ["almalinux8"],
-     "multi_platform_debian": ["debian9", "debian10", "debian11"],
+     "multi_platform_debian": ["debian10", "debian11"],
      "multi_platform_example": ["example"],
      "multi_platform_eks": ["eks"],
-@@ -452,6 +455,7 @@ MAKEFILE_ID_TO_PRODUCT_MAP = {
+@@ -454,6 +457,7 @@ MAKEFILE_ID_TO_PRODUCT_MAP = {
      'ocp': 'Red Hat OpenShift Container Platform',
      'rhcos': 'Red Hat Enterprise Linux CoreOS',
      'eks': 'Amazon Elastic Kubernetes Service',
 +    'almalinux': 'AlmaLinux',
  }
  
+ # References that can not be used with product-qualifiers
+diff --git a/tests/unit/ssg-module/data/accounts_tmout.yml b/tests/unit/ssg-module/data/accounts_tmout.yml
+index 6b470f9ad..514b21548 100644
+--- a/tests/unit/ssg-module/data/accounts_tmout.yml
++++ b/tests/unit/ssg-module/data/accounts_tmout.yml
+@@ -1,4 +1,4 @@
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+ title: Set Interactive Session Timeout
+ description: 'Setting the TMOUT option in /etc/profile ensures that
+ 
+diff --git a/tests/unit/ssg-module/data/accounts_tmout_without_ocil.yml b/tests/unit/ssg-module/data/accounts_tmout_without_ocil.yml
+index 151fb1c1b..286d11271 100644
+--- a/tests/unit/ssg-module/data/accounts_tmout_without_ocil.yml
++++ b/tests/unit/ssg-module/data/accounts_tmout_without_ocil.yml
+@@ -1,4 +1,4 @@
+-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+ title: Set Interactive Session Timeout
+ description: 'Setting the TMOUT option in /etc/profile ensures that
  
-@@ -465,4 +469,3 @@ DEFAULT_AIDE_CONF_PATH = '/etc/aide.conf'
- DEFAULT_AIDE_BIN_PATH = '/usr/sbin/aide'
- DEFAULT_SSH_DISTRIBUTED_CONFIG = 'false'
- DEFAULT_PRODUCT = 'example'
--
 diff --git a/tests/unit/ssg-module/data/file_owner_grub2_cfg.yml b/tests/unit/ssg-module/data/file_owner_grub2_cfg.yml
-index b0be0b4b..ef41579b 100644
+index 83d5532f5..bc9f9e17a 100644
 --- a/tests/unit/ssg-module/data/file_owner_grub2_cfg.yml
 +++ b/tests/unit/ssg-module/data/file_owner_grub2_cfg.yml
-@@ -20,7 +20,7 @@ platforms:
-   - machine
- # TODO: Make Rule get this from group, so it can be saved here
- # platforms: null
+@@ -22,7 +22,7 @@ platforms: !!set
+ cpe_platform_names: !!set
+     machine: null
+ inherited_platforms: []
 -prodtype: rhel7,rhel8,fedora,ol7,ol8
 +prodtype: rhel7,rhel8,almalinux8,fedora,ol7,ol8
  rationale: Only root should be able to modify important boot parameters.
  references: {cis: 1.4.1, cis-csc: '12,13,14,15,16,18,3,5', cjis: 5.5.2.2, cobit5: 'APO01.06,DSS05.04,DSS05.07,DSS06.02',
    cui: 3.4.5, disa: 'CCI-000225', hipaa: '164.308(a)(1)(ii)(B),164.308(a)(7)(i),164.308(a)(7)(ii)(A),164.310(a)(1),164.310(a)(2)(i),164.310(a)(2)(ii),164.310(a)(2)(iii),164.310(b),164.310(c),164.310(d)(1),164.310(d)(2)(iii)',
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml b/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml
-index ff0b30f0..0116294f 100644
+index ff0b30f03..0116294f1 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml
 @@ -1,4 +1,4 @@
@@ -36460,7 +38483,7 @@ index ff0b30f0..0116294f 100644
  # strategy = restrict
  # complexity = low
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml
-index 40e55f09..cd8b4c74 100644
+index f4f480be7..62c561f9a 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
@@ -36472,150 +38495,150 @@ index 40e55f09..cd8b4c74 100644
  title: 'Configure System Cryptography Policy'
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
-index efc1cab4..7e7ff6e1 100644
+index b607202c5..621420882 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # packages = crypto-policies-scripts
  
  # IMPORTANT: This is a false negative scenario.
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
-index 46d8e341..3e58358f 100644
+index e5b598342..539ea8f3c 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # packages = crypto-policies-scripts
  
  update-crypto-policies --set "DEFAULT"
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
-index a18ad25b..c7a3c469 100644
+index 7be3c82f3..776f79f4c 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
-index 04527eb2..7adf3b61 100644
+index 261dc3f96..e6a2f5d0e 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
-index 8864a8cd..6597c501 100644
+index 356aa3ffe..05dd9be57 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
-index 33719ca9..9de20e3c 100644
+index 06bd713dd..8de885e50 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
-index 6e53c39d..307cfba9 100644
+index 56a081eca..a5383733b 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
-index 1cb6ea49..2a5dc207 100644
+index 10cb25593..55f128c10 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_cis_server_l1,xccdf_org.ssgproject.content_profile_cis_workstation_l1
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
-index 51d35ff9..96db9dda 100644
+index a2107d146..b6d9804d2 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_e8
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
-index 053c5c1a..eafa80bc 100644
+index b06e035fa..679e23ee7 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
-index 07cbb3f6..ae916f02 100644
+index 6679f94bd..f2246ba0c 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
-index 99d975bc..125e4ce2 100644
+index 116f6b676..552ef54ea 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_cis,xccdf_org.ssgproject.content_profile_cis_workstation_l2
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
-index fc7aeeae..3e831ed3 100644
+index 9461c3ddd..5b5b06ac9 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/package_abrt_removed/rule.yml b/tests/unit/ssg-module/test_playbook_builder_data/guide/package_abrt_removed/rule.yml
-index 5becd90b..976bc6a8 100644
+index 5becd90b7..976bc6a85 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/package_abrt_removed/rule.yml
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/package_abrt_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -36627,7 +38650,7 @@ index 5becd90b..976bc6a8 100644
  title: 'Uninstall Automatic Bug Reporting Tool (abrt)'
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
-index 1c1560a8..fc86b614 100644
+index 1c1560a86..fc86b614e 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -36637,17 +38660,17 @@ index 1c1560a8..fc86b614 100644
  # strategy = restrict
  # complexity = low
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
-index 32baf94a..87ff017b 100644
+index 10ecee505..3d3098f4e 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/rules/selinux_state.yml b/tests/unit/ssg-module/test_playbook_builder_data/rules/selinux_state.yml
-index 64e6cee7..7bcd1518 100644
+index 64e6cee7f..7bcd15189 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/rules/selinux_state.yml
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/rules/selinux_state.yml
 @@ -14,7 +14,7 @@ ocil_clause: SELINUX is not set to enforcing
@@ -36659,15 +38682,27 @@ index 64e6cee7..7bcd1518 100644
  rationale: 'Setting the SELinux state to enforcing ensures SELinux is able to confine
  
    potentially compromised processes to the security policy, which is designed to
+diff --git a/tests/unit/ssg_test_suite/data/correct.pass.sh b/tests/unit/ssg_test_suite/data/correct.pass.sh
+index 8e5e284ee..ce1b79416 100644
+--- a/tests/unit/ssg_test_suite/data/correct.pass.sh
++++ b/tests/unit/ssg_test_suite/data/correct.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = sudo,authselect
+-# platform = multi_platform_rhel,Fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,Fedora
+ # profiles = xccdf_org.ssgproject.content_profile_cis
+ # remediation = none
+ # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
 diff --git a/utils/ansible_playbook_to_role.py b/utils/ansible_playbook_to_role.py
-index 7513b37e..3dd14360 100755
+index a25f2321d..85c39e45c 100755
 --- a/utils/ansible_playbook_to_role.py
 +++ b/utils/ansible_playbook_to_role.py
 @@ -57,6 +57,7 @@ yaml.add_constructor(_mapping_tag, dict_constructor)
- PRODUCT_WHITELIST = set([
+ PRODUCT_ALLOWLIST = set([
      "rhel7",
      "rhel8",
 +    "almalinux8",
  ])
  
- PROFILE_WHITELIST = set([
+ PROFILE_ALLOWLIST = set([