diff --git a/SOURCES/scap-security-guide-0.1.69-add-almalinux9-product.patch b/SOURCES/scap-security-guide-0.1.69-add-almalinux9-product.patch
index e83b7d4..f414eb6 100644
--- a/SOURCES/scap-security-guide-0.1.69-add-almalinux9-product.patch
+++ b/SOURCES/scap-security-guide-0.1.69-add-almalinux9-product.patch
@@ -106,6 +106,19 @@ index 6d494547b..52b80a324 100644
+ - ensure_almalinux_gpgkey_installed
status: automated
+diff --git a/controls/stig_rhel9.yml b/controls/stig_rhel9.yml
+index 73d9e9e1a..43e59c6f4 100644
+--- a/controls/stig_rhel9.yml
++++ b/controls/stig_rhel9.yml
+@@ -384,7 +384,7 @@ controls:
+ - medium
+ title: RHEL 9 must ensure cryptographic verification of vendor software packages.
+ rules:
+- - ensure_redhat_gpgkey_installed
++ - ensure_almalinux_gpgkey_installed
+ status: automated
+
+ - id: RHEL-09-214015
diff --git a/linux_os/guide/services/avahi/disable_avahi_group/package_avahi-autoipd_removed/rule.yml b/linux_os/guide/services/avahi/disable_avahi_group/package_avahi-autoipd_removed/rule.yml
index e88bbf4ef..ade250973 100644
--- a/linux_os/guide/services/avahi/disable_avahi_group/package_avahi-autoipd_removed/rule.yml
@@ -164,7 +177,7 @@ index 1f6a233ed..9f3a4d6b4 100644
kdump --disable
diff --git a/linux_os/guide/services/base/service_kdump_disabled/rule.yml b/linux_os/guide/services/base/service_kdump_disabled/rule.yml
-index 80fe7b688..5017c1c91 100644
+index 446f84e04..23719b6d5 100644
--- a/linux_os/guide/services/base/service_kdump_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_kdump_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -237,7 +250,7 @@ index 41571146d..c4e4f98eb 100644
title: 'Disable Red Hat Network Service (rhnsd)'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml
-index 77b163e60..2b3093504 100644
+index 00cd6c036..ce5cf54f0 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml
@@ -1,6 +1,6 @@
@@ -249,7 +262,7 @@ index 77b163e60..2b3093504 100644
title: 'Verify Group Who Owns cron.d'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml
-index ff0443ac5..bc0f43113 100644
+index cf786d35d..84b5ef139 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml
@@ -1,6 +1,6 @@
@@ -260,8 +273,20 @@ index ff0443ac5..bc0f43113 100644
title: 'Verify Group Who Owns cron.daily'
+diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_deny/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_deny/rule.yml
+index 7801c5599..bba610672 100644
+--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_deny/rule.yml
++++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_deny/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+
+-prodtype: rhel9
++prodtype: rhel9,almalinux9
+
+ title: 'Verify Group Who Owns cron.deny'
+
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml
-index 63dd951d7..f78c5ae9b 100644
+index 380e0e4ba..e7d6dbced 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml
@@ -1,6 +1,6 @@
@@ -273,7 +298,7 @@ index 63dd951d7..f78c5ae9b 100644
title: 'Verify Group Who Owns cron.hourly'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml
-index 6d4493560..9af1b0474 100644
+index 477b10101..d39694ac2 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml
@@ -1,6 +1,6 @@
@@ -285,7 +310,7 @@ index 6d4493560..9af1b0474 100644
title: 'Verify Group Who Owns cron.monthly'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml
-index 687b84698..12d707745 100644
+index f1f60548c..4b9a14286 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml
@@ -1,6 +1,6 @@
@@ -297,7 +322,7 @@ index 687b84698..12d707745 100644
title: 'Verify Group Who Owns cron.weekly'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml
-index b980bc125..2736ad53d 100644
+index c71eb204d..7494100f1 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml
@@ -1,6 +1,6 @@
@@ -309,7 +334,7 @@ index b980bc125..2736ad53d 100644
title: 'Verify Group Who Owns Crontab'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml
-index c2d050d27..88df46f3c 100644
+index af8937794..2fcab8ddb 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml
@@ -1,6 +1,6 @@
@@ -321,7 +346,7 @@ index c2d050d27..88df46f3c 100644
title: 'Verify Owner on cron.d'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml
-index 6024de5c6..e261fca99 100644
+index fa83630fd..4c7843423 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml
@@ -1,6 +1,6 @@
@@ -332,8 +357,20 @@ index 6024de5c6..e261fca99 100644
title: 'Verify Owner on cron.daily'
+diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_deny/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_deny/rule.yml
+index 9cf7aba1a..5bbd0e2b0 100644
+--- a/linux_os/guide/services/cron_and_at/file_owner_cron_deny/rule.yml
++++ b/linux_os/guide/services/cron_and_at/file_owner_cron_deny/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+
+-prodtype: rhel9
++prodtype: rhel9,almalinux9
+
+ title: 'Verify Owner on cron.deny'
+
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml
-index 46320b462..1bdc7e44c 100644
+index 98b900d12..309084b41 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml
@@ -1,6 +1,6 @@
@@ -345,7 +382,7 @@ index 46320b462..1bdc7e44c 100644
title: 'Verify Owner on cron.hourly'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml
-index 18afaf1da..3a00b40a4 100644
+index 2c8a38094..f80c90d80 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml
@@ -1,6 +1,6 @@
@@ -357,7 +394,7 @@ index 18afaf1da..3a00b40a4 100644
title: 'Verify Owner on cron.monthly'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml
-index d76c2031c..4941f09ae 100644
+index bbdf86746..36061a999 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml
@@ -1,6 +1,6 @@
@@ -369,7 +406,7 @@ index d76c2031c..4941f09ae 100644
title: 'Verify Owner on cron.weekly'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml
-index b9c4bcce4..e9dc5a1f1 100644
+index bb655e183..4f0327803 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml
@@ -1,6 +1,6 @@
@@ -381,7 +418,7 @@ index b9c4bcce4..e9dc5a1f1 100644
title: 'Verify Owner on crontab'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml
-index bdc53cc7c..abf85de61 100644
+index daf1affa1..f4ee4db77 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml
@@ -1,6 +1,6 @@
@@ -393,7 +430,7 @@ index bdc53cc7c..abf85de61 100644
title: 'Verify Permissions on cron.d'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml
-index 24b4cf5e5..27732bccc 100644
+index a72240104..2c6387f1e 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml
@@ -1,6 +1,6 @@
@@ -405,7 +442,7 @@ index 24b4cf5e5..27732bccc 100644
title: 'Verify Permissions on cron.daily'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml
-index 6e0da2bac..2deb5dfaf 100644
+index cfdd97a25..a2aaba8c3 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml
@@ -1,6 +1,6 @@
@@ -417,7 +454,7 @@ index 6e0da2bac..2deb5dfaf 100644
title: 'Verify Permissions on cron.hourly'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml
-index 5f5e5f6ec..c17983c4c 100644
+index 97ffef201..12af26c7e 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml
@@ -1,6 +1,6 @@
@@ -429,7 +466,7 @@ index 5f5e5f6ec..c17983c4c 100644
title: 'Verify Permissions on cron.monthly'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml
-index c4ea83653..9572cae38 100644
+index d1d9bbc76..76891c0f1 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml
@@ -1,6 +1,6 @@
@@ -441,7 +478,7 @@ index c4ea83653..9572cae38 100644
title: 'Verify Permissions on cron.weekly'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml
-index e29f65023..4e9e0284a 100644
+index 1befe3b76..0039283a9 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml
@@ -1,6 +1,6 @@
@@ -633,7 +670,7 @@ index c2de306f6..ce71aac0b 100644
title: 'Configure Fapolicy Module to Employ a Deny-all, Permit-by-exception Policy to Allow the Execution of Authorized Software Programs.'
diff --git a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
-index febad1cc8..dd4b61d46 100644
+index 1a37a12ac..47a6c393a 100644
--- a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
+++ b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -645,7 +682,7 @@ index febad1cc8..dd4b61d46 100644
title: 'Install fapolicyd Package'
diff --git a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
-index 57e01f723..a0014c7c1 100644
+index 95b90e426..0a234f7b3 100644
--- a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
+++ b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
@@ -1,6 +1,6 @@
@@ -657,7 +694,7 @@ index 57e01f723..a0014c7c1 100644
title: 'Enable the File Access Policy Service'
diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
-index f88eea4f0..7aae82b4d 100644
+index 28ba82292..2e6364c75 100644
--- a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
+++ b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
@@ -1,6 +1,6 @@
@@ -801,7 +838,7 @@ index 5968c1a2f..20b9d7190 100644
title: 'Disable Dovecot Service'
diff --git a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
-index 87375c0d9..6b557d161 100644
+index 764d43d0e..c73f3d040 100644
--- a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
+++ b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
@@ -898,8 +935,20 @@ index 565693471..974ace384 100644
title: 'Ensure Mail Transfer Agent is not Listening on any non-loopback Address'
+diff --git a/linux_os/guide/services/mail/package_s-nail_installed/rule.yml b/linux_os/guide/services/mail/package_s-nail_installed/rule.yml
+index ef11e3863..9c6687f44 100644
+--- a/linux_os/guide/services/mail/package_s-nail_installed/rule.yml
++++ b/linux_os/guide/services/mail/package_s-nail_installed/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+
+-prodtype: rhel9
++prodtype: rhel9,almalinux9
+
+ title: 'The s-nail Package Is Installed'
+
diff --git a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
-index 3674a8609..dc926b106 100644
+index f92f05f49..50488a9e4 100644
--- a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
+++ b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
@@ -1,6 +1,6 @@
@@ -963,7 +1012,7 @@ index 6366a2d1a..c93fb1488 100644
title: 'Disable Postfix Network Listening'
diff --git a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
-index 379999e33..6b7f19ae6 100644
+index 3c756f813..a02f9a912 100644
--- a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
+++ b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
@@ -1,6 +1,6 @@
@@ -1023,7 +1072,7 @@ index 083e7b30e..e4cf444c5 100644
title: 'Disable Network File System (nfs)'
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml
-index a48edf779..ce176f114 100644
+index 6f8ceede5..c581c5ab7 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml
@@ -1,6 +1,6 @@
@@ -1035,7 +1084,7 @@ index a48edf779..ce176f114 100644
title: 'Mount Remote Filesystems with Kerberos Security'
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
-index 6911a7163..cac07fc8b 100644
+index 21109c228..682322b38 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
@@ -1,6 +1,6 @@
@@ -1047,7 +1096,7 @@ index 6911a7163..cac07fc8b 100644
title: 'Mount Remote Filesystems with nodev'
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
-index 95c902246..f15463a1b 100644
+index 2fe699c03..8df1acb63 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
@@ -1,6 +1,6 @@
@@ -1059,7 +1108,7 @@ index 95c902246..f15463a1b 100644
title: 'Mount Remote Filesystems with noexec'
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
-index c2805a5cd..9b216fe37 100644
+index 6efe0d94b..8ce9e0a88 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
@@ -1,6 +1,6 @@
@@ -1083,7 +1132,7 @@ index b666538f2..53e539d8a 100644
title: 'Use Kerberos Security on All Exports'
diff --git a/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml b/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml
-index 3de7c8db0..ade1efaed 100644
+index fedf500ac..8d74a7740 100644
--- a/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml
@@ -1,6 +1,6 @@
@@ -1116,7 +1165,7 @@ index c435df983..b80ffbf7b 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
-index 0e9ab7fe9..d48978528 100644
+index 1b7d066a4..78ca9c4b4 100644
--- a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
@@ -1,6 +1,6 @@
@@ -1149,7 +1198,7 @@ index c435df983..b80ffbf7b 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
-index 782106734..f3177b0c6 100644
+index 4d71f0aa1..14bceedd9 100644
--- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
@@ -1,6 +1,6 @@
@@ -1172,7 +1221,7 @@ index c435df983..b80ffbf7b 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
-index b7bef7d30..15db9896f 100644
+index 8a95dbe3a..0d71cda87 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
@@ -1,6 +1,6 @@
@@ -1514,7 +1563,7 @@ index c5f90c495..4da134625 100644
title: 'Remove NIS Client'
diff --git a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml
-index b057fc5a8..561647d42 100644
+index c91b8af25..9ffcf7849 100644
--- a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml
@@ -1,6 +1,6 @@
@@ -1551,7 +1600,7 @@ index b7beb612c..2eff2429d 100644
title: 'Uninstall rsync Package'
diff --git a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
-index 7ba8c1008..0fa5c255c 100644
+index d695c7f41..b8860e3be 100644
--- a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
@@ -1,6 +1,6 @@
@@ -1583,7 +1632,7 @@ index e64838b15..baaa07631 100644
find /root -xdev -type f -name ".rhosts" -exec rm -f {} \;
find /home -maxdepth 2 -xdev -type f -name ".rhosts" -exec rm -f {} \;
diff --git a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
-index 8eb7f2db5..9cbcf4b86 100644
+index f8215f46c..fbf808ed8 100644
--- a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
@@ -1,6 +1,6 @@
@@ -1595,7 +1644,7 @@ index 8eb7f2db5..9cbcf4b86 100644
title: 'Remove User Host-Based Authentication Files'
diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
-index ccfe39dee..fbb7ec130 100644
+index 80e7dd7a8..72c0fff90 100644
--- a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
@@ -1,6 +1,6 @@
@@ -1668,7 +1717,7 @@ index 14317060b..4505ac061 100644
title: 'Uninstall talk Package'
diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
-index 080785dd8..20714ac5f 100644
+index bba0c3e05..e912aaaca 100644
--- a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
@@ -1,6 +1,6 @@
@@ -1704,7 +1753,7 @@ index a38c0cc48..9e69956ab 100644
title: 'Disable telnet Service'
diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
-index 9268c850c..5e583ad07 100644
+index 98c32a775..34e0336b7 100644
--- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
@@ -1,6 +1,6 @@
@@ -1728,7 +1777,7 @@ index 35e0a2f93..b25f376f7 100644
title: 'Remove tftp Daemon'
diff --git a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
-index 9dd7a8bdd..b809881ed 100644
+index f9773efea..4c2346c72 100644
--- a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
+++ b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
@@ -1,6 +1,6 @@
@@ -1800,7 +1849,7 @@ index 7c01c09b4..496e4d67f 100644
title: 'Remove the FreeRadius Server Package'
diff --git a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
-index 4e39496fc..fb72906c4 100644
+index 0a9f13f77..1a9865a8b 100644
--- a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
+++ b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
@@ -1,6 +1,6 @@
@@ -1812,7 +1861,7 @@ index 4e39496fc..fb72906c4 100644
title: 'Enable the Hardware RNG Entropy Gatherer Service'
diff --git a/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml b/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml
-index 40f9fa887..2ca019269 100644
+index d35875cda..a01b3cf7f 100644
--- a/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml
+++ b/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml
@@ -1,6 +1,6 @@
@@ -1940,7 +1989,7 @@ index 309efb9aa..6224d7923 100644
title: 'Configure SNMP Service to Use Only SNMPv3 or Newer'
diff --git a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
-index 2262fb3b8..6e2a16ba0 100644
+index 67e65e6e1..a76d3930d 100644
--- a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
+++ b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
@@ -1,6 +1,6 @@
@@ -2028,7 +2077,7 @@ index b6bef987d..799d5044b 100644
test_group="cac_testgroup"
groupadd $test_group
diff --git a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
-index 8785509dc..8812a43af 100644
+index bb5690e7d..b6b2857e5 100644
--- a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
+++ b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
@@ -1,6 +1,6 @@
@@ -2106,7 +2155,7 @@ index 16878dc1d..6c3983a9d 100644
test_user="cac_testuser"
useradd $test_user
diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
-index a69ba302e..1eb5a562c 100644
+index 5f1d6ced1..9dc396148 100644
--- a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
+++ b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
@@ -1,6 +1,6 @@
@@ -2151,7 +2200,7 @@ index 48ecfbcac..c5a05db8b 100644
FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
chown root:ssh_keys "$FAKE_KEY"
diff --git a/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml b/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml
-index 36ac1f29d..cff318080 100644
+index f32f1428f..18077c609 100644
--- a/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml
+++ b/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -2163,7 +2212,7 @@ index 36ac1f29d..cff318080 100644
title: 'Install OpenSSH client software'
diff --git a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
-index 5d7fd206b..518c6ef32 100644
+index e070bd229..f710ccbc5 100644
--- a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
+++ b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
@@ -1,6 +1,6 @@
@@ -2187,7 +2236,7 @@ index afc6d539c..8ebcfb5c1 100644
title: 'Configure session renegotiation for SSH client'
diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
-index 70d9bc7cc..12c9a37b5 100644
+index 79602a4d8..33e0fbb97 100644
--- a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
@@ -1,6 +1,6 @@
@@ -2244,7 +2293,7 @@ index 280020823..582a114c6 100644
.*\.nmconnection
{{% else %}}
diff --git a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
-index fb6956152..f7e55892b 100644
+index f2ea1d0df..552e6f6da 100644
--- a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
@@ -1,6 +1,6 @@
@@ -2673,7 +2722,7 @@ index f1e9853d6..15870678b 100644
title: 'SSH server uses strong entropy to seed'
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
-index 3a58720dd..a4e44202d 100644
+index 9e6d00a68..10f357fa3 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
@@ -1,6 +1,6 @@
@@ -2764,7 +2813,7 @@ index ea3c0946c..08e66dade 100644
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
-index cd24ded03..2b75556f8 100644
+index 09286f60c..6cbd0612e 100644
--- a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
@@ -1,6 +1,6 @@
@@ -2776,7 +2825,7 @@ index cd24ded03..2b75556f8 100644
title: 'Certificate status checking in SSSD'
diff --git a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
-index ed8b1c4e1..e6b74a5ac 100644
+index 833e4d405..01ea09201 100644
--- a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
@@ -1,6 +1,6 @@
@@ -2846,7 +2895,7 @@ index c2ae4d39a..850809262 100644
comment="tests the presence of try_cert_auth or require_cert_auth in /etc/pam.d/smartcard-auth"
id="test_sssd_enable_smartcards_allow_missing_name_smartcard_auth" version="2">
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
-index 6ed233a70..f902a54c8 100644
+index f026bdb48..e42439f38 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
@@ -1,6 +1,6 @@
@@ -2866,7 +2915,7 @@ index 6ed233a70..f902a54c8 100644
Add or update "pam_sss.so" line in auth section of "/etc/pam.d/system-auth" file to include
"try_cert_auth" or "require_cert_auth" option, like in the following example:
-@@ -62,7 +62,7 @@ ocil: |-
+@@ -63,7 +63,7 @@ ocil: |-
If configured properly, output should be
pam_cert_auth = True
@@ -2875,7 +2924,7 @@ index 6ed233a70..f902a54c8 100644
To verify that smart cards are enabled in PAM files, run the following command:
$ sudo grep -e "auth.*pam_sss\.so.*\(allow_missing_name\|try_cert_auth\)" /etc/pam.d/smartcard-auth /etc/pam.d/system-auth
If configured properly, output should be
-@@ -77,7 +77,7 @@ fixtext: |-
+@@ -78,7 +78,7 @@ fixtext: |-
pam_cert_auth = True
@@ -2969,7 +3018,7 @@ index 43e19d382..6c7a50002 100644
SSSD_FILE="/etc/sssd/sssd.conf"
rm -f $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
-index d71208630..21d24edcc 100644
+index 2e8193420..5c3ce18b0 100644
--- a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
@@ -1,6 +1,6 @@
@@ -3021,7 +3070,7 @@ index 890254c8e..2b6103e93 100644
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
-index 15ef6aa83..033bca316 100644
+index fabacb4e3..54f698643 100644
--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
@@ -1,6 +1,6 @@
@@ -3072,7 +3121,7 @@ index 331627492..72a361b30 100644
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
{{{ kubernetes_usbguard_set(["xccdf_org.ssgproject.content_rule_package_usbguard_installed"]) }}}
diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
-index c20527bf1..faa280e68 100644
+index ca6cb336c..0858ded40 100644
--- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
+++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
@@ -1,6 +1,6 @@
@@ -3095,7 +3144,7 @@ index 9f18591b3..b49d5217a 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
-index 47a65aeb6..46b83c460 100644
+index 3926b5efe..af30f75d3 100644
--- a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
+++ b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -3118,7 +3167,7 @@ index e9c55dfb0..9be805c13 100644
kind: MachineConfig
metadata:
diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
-index e382a886f..130a87454 100644
+index 17e4ffa3d..b4a0f2f39 100644
--- a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
+++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
@@ -1,6 +1,6 @@
@@ -3197,7 +3246,7 @@ index 88d55f160..f2f336700 100644
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
-index 40d4e8fb3..00796b4be 100644
+index a679baea6..b1f02dffd 100644
--- a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
+++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
@@ -1,6 +1,6 @@
@@ -3221,7 +3270,7 @@ index 170f89fc0..6308fa768 100644
title: 'Remove the X Windows Package Group'
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
-index 607ed945c..12eecd4ca 100644
+index b7a5cea6d..4afc098cf 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
@@ -1,6 +1,6 @@
@@ -3233,7 +3282,7 @@ index 607ed945c..12eecd4ca 100644
title: 'Disable graphical user interface'
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
-index ab3b7ccd5..3806444b2 100644
+index a61727fd0..704540113 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
@@ -1,6 +1,6 @@
@@ -3265,7 +3314,7 @@ index 63ceaaf88..e50ada3e4 100644
{{{ bash_instantiate_variables("login_banner_text") }}}
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
-index dbae8dd3a..b77c6ae92 100644
+index 4d159a35e..0f1c2a810 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
@@ -1,6 +1,6 @@
@@ -3439,7 +3488,7 @@ index 5814a30bd..aa4aa4c5c 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
-index b21996ff4..b9dcaa15a 100644
+index 6bfe3b563..af2420b35 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
@@ -1,6 +1,6 @@
@@ -3577,7 +3626,7 @@ index 510813790..15d7e9f61 100644
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
-index 74448292b..39b076c40 100644
+index ab60cf4b7..1d52ba009 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
@@ -1,6 +1,6 @@
@@ -3589,7 +3638,7 @@ index 74448292b..39b076c40 100644
title: 'Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
-index 912cd8c16..45711b865 100644
+index 6922b958c..79d3543ed 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
@@ -1,6 +1,6 @@
@@ -3601,7 +3650,7 @@ index 912cd8c16..45711b865 100644
title: 'Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
-index 61e58c8a0..85b7eb658 100644
+index 9cba88276..b060d1938 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
@@ -1,6 +1,6 @@
@@ -3678,7 +3727,7 @@ index 365006509..2a10d041b 100644
{{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
-index 6aaf7bf37..fe49dd7de 100644
+index 01fc1800e..5b685c525 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
@@ -1,6 +1,6 @@
@@ -3818,7 +3867,7 @@ index a55f86dc3..5506f8c40 100644
{{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
-index aeb999b8d..07d1c6ef0 100644
+index 05e8a9900..ca120bf8b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
@@ -1,6 +1,6 @@
@@ -4155,7 +4204,7 @@ index 449d912d0..22f5dc375 100644
{{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_deny") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
-index 0fa9fac37..f13d6f58f 100644
+index 42e2d0f25..d58ef83e0 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
@@ -1,6 +1,6 @@
@@ -4270,7 +4319,7 @@ index 09d8aeee0..72b3aeacb 100644
{{{ bash_pam_faillock_enable() }}}
{{{ bash_pam_faillock_parameter_value("even_deny_root", "") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
-index 94892c9d0..ce78d1fdf 100644
+index 6fd9186bd..37d8417b1 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
@@ -1,6 +1,6 @@
@@ -4341,7 +4390,7 @@ index 7c702d669..652c29b25 100644
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
-index 28753f735..785fd2940 100644
+index 749f570ac..a341d67a8 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
@@ -1,6 +1,6 @@
@@ -4489,7 +4538,7 @@ index a49ddf559..41dc70b88 100644
{{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_fail_interval") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
-index 6a3f5b169..17b16d3e5 100644
+index db746f7c6..60f28b8c6 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
@@ -1,6 +1,6 @@
@@ -4652,7 +4701,7 @@ index 3a32aad36..d1f4a0327 100644
{{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_unlock_time") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
-index f55ff2cef..66406f891 100644
+index 2b554ef25..fd677d4a8 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
@@ -1,6 +1,6 @@
@@ -4759,7 +4808,7 @@ index 48798893e..18b59569e 100644
title: 'Install pam_pwquality Package'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
-index e67cd8835..d7d49e1d7 100644
+index e720e7015..b16b84d56 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
@@ -1,6 +1,6 @@
@@ -4771,7 +4820,7 @@ index e67cd8835..d7d49e1d7 100644
title: 'Ensure PAM Enforces Password Requirements - Minimum Digit Characters'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
-index d41ca6c26..3d804a0e4 100644
+index 26640dcd7..d69ed5730 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
@@ -1,6 +1,6 @@
@@ -4783,7 +4832,7 @@ index d41ca6c26..3d804a0e4 100644
title: 'Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
-index e7fdf2e8b..11b69b5da 100644
+index 686bf9dbe..b418b72d1 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
@@ -1,6 +1,6 @@
@@ -4807,7 +4856,7 @@ index d94ecedae..810b3f4c5 100644
title: 'Ensure PAM Enforces Password Requirements - Enforce for Local Accounts Only'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml
-index 198475c87..260ac3b78 100644
+index 34f694013..35a04d06b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml
@@ -1,6 +1,6 @@
@@ -4819,7 +4868,7 @@ index 198475c87..260ac3b78 100644
title: 'Ensure PAM Enforces Password Requirements - Enforce for root User'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
-index 5799a7b12..a6044143d 100644
+index 2bd337a07..79906b369 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
@@ -1,6 +1,6 @@
@@ -4831,7 +4880,7 @@ index 5799a7b12..a6044143d 100644
title: 'Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
-index 5f812e16f..5f6cef716 100644
+index f502211ca..d6675d1fd 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
@@ -1,6 +1,6 @@
@@ -4843,7 +4892,7 @@ index 5f812e16f..5f6cef716 100644
title: 'Ensure PAM Enforces Password Requirements - Maximum Consecutive Repeating Characters from Same Character Class'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
-index 8984b63d9..17bc8eb97 100644
+index 816d07b46..b150d96a1 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
@@ -1,6 +1,6 @@
@@ -4855,7 +4904,7 @@ index 8984b63d9..17bc8eb97 100644
title: 'Set Password Maximum Consecutive Repeating Characters'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
-index 64f091504..0f469cecb 100644
+index bcf48e420..6af841ea1 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
@@ -1,6 +1,6 @@
@@ -4867,7 +4916,7 @@ index 64f091504..0f469cecb 100644
title: 'Ensure PAM Enforces Password Requirements - Minimum Different Categories'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
-index f75a68077..b1ae5b48e 100644
+index 28c9fcbe9..9fc95d18e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
@@ -1,6 +1,6 @@
@@ -4879,7 +4928,7 @@ index f75a68077..b1ae5b48e 100644
title: 'Ensure PAM Enforces Password Requirements - Minimum Length'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
-index 632aa24dc..e9ad8a3cd 100644
+index cd398e39f..54e057adb 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
@@ -1,6 +1,6 @@
@@ -4910,7 +4959,7 @@ index a55859203..377efc82e 100644
{{{ bash_ensure_pam_module_configuration('/etc/pam.d/password-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
-index 24b8bb7b8..0dbe5a01a 100644
+index bd3e9194a..d09c01fa1 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
@@ -1,6 +1,6 @@
@@ -5001,7 +5050,7 @@ index 4ea10f4c4..6c1de4e4c 100644
{{{ bash_ensure_pam_module_configuration('/etc/pam.d/system-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
-index 7d123e736..c0be4f004 100644
+index cf1206922..533191f89 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
@@ -1,6 +1,6 @@
@@ -5083,7 +5132,7 @@ index 36e9a27b9..fe1b603ab 100644
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
-index 73f5ec7a6..4d87174e6 100644
+index 7159ff14d..217c1aea8 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
@@ -1,6 +1,6 @@
@@ -5166,7 +5215,7 @@ index ea2eb57fe..31e80535f 100644
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
-index 6c631ea37..d526d691a 100644
+index 9ab3c177c..20175fee5 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
@@ -1,6 +1,6 @@
@@ -5198,7 +5247,7 @@ index 115273566..bd94d707c 100644
LIBUSER_CONF="/etc/libuser.conf"
CRYPT_STYLE_REGEX='[[:space:]]*\[defaults](.*(\n)+)+?[[:space:]]*crypt_style[[:space:]]*'
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
-index cadfa1905..8f75a5fc3 100644
+index 263480871..92137d911 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
@@ -1,6 +1,6 @@
@@ -5230,7 +5279,7 @@ index dcb9dd0af..98d2bbec9 100644
{{{ bash_instantiate_variables("var_password_hashing_algorithm") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
-index e58180a1b..aa0052486 100644
+index c7c68899f..5020bf12d 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
@@ -1,6 +1,6 @@
@@ -5261,7 +5310,7 @@ index 55f43ef98..2b993b52b 100644
{{{ bash_ensure_pam_module_configuration('/etc/pam.d/password-auth', 'password', 'sufficient', 'pam_unix.so', 'sha512', '', '') }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
-index 8d7b14d4e..a09fb3fd7 100644
+index 44a2ad62e..6b0e6232e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
@@ -1,6 +1,6 @@
@@ -5381,7 +5430,7 @@ index d4b163f24..819ad4b0a 100644
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
-index 9a490a8be..fdd2e7e0c 100644
+index add30938b..00a9d6047 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
@@ -1,6 +1,6 @@
@@ -5404,7 +5453,7 @@ index 3045574e5..7ce6bb466 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
-index 9c18a0c26..be97a6e6d 100644
+index b8c635ecc..0511500e7 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
@@ -1,6 +1,6 @@
@@ -5427,7 +5476,7 @@ index 517c83c6e..041e9a29c 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
-index cdb3cbf45..a19af6ca6 100644
+index d6ab8abde..3943cb43e 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
@@ -1,6 +1,6 @@
@@ -5439,7 +5488,7 @@ index cdb3cbf45..a19af6ca6 100644
title: 'Disable Ctrl-Alt-Del Reboot Activation'
diff --git a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
-index cf5da2ae1..02fa6e509 100644
+index e320cf4c1..927c734da 100644
--- a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
@@ -1,6 +1,6 @@
@@ -5451,7 +5500,7 @@ index cf5da2ae1..02fa6e509 100644
title: 'Verify that Interactive Boot is Disabled'
diff --git a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
-index 00e31fc21..646d6725c 100644
+index acf6d8964..805530e68 100644
--- a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
@@ -1,6 +1,6 @@
@@ -5511,7 +5560,7 @@ index fadfa300c..e123d8735 100644
{{%- else -%}}
^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\"
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
-index 534b5a093..0f2c9560a 100644
+index b501d1993..5457b9594 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
@@ -1,6 +1,6 @@
@@ -5522,7 +5571,7 @@ index 534b5a093..0f2c9560a 100644
title: 'Require Authentication for Emergency Systemd Target'
-@@ -56,7 +56,7 @@ ocil: |-
+@@ -57,7 +57,7 @@ ocil: |-
To check if authentication is required for emergency mode, run the following command:
$ grep sulogin /usr/lib/systemd/system/emergency.service
The output should be similar to the following, and the line must begin with
@@ -5531,7 +5580,7 @@ index 534b5a093..0f2c9560a 100644
ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency
{{%- else -%}}
-@@ -84,7 +84,7 @@ fixtext: |-
+@@ -85,7 +85,7 @@ fixtext: |-
Configure {{{ full_name }}} to require authentication for system emergency mode.
Add or edit the following line in "/usr/lib/systemd/system/emergency.service":
@@ -5611,7 +5660,7 @@ index 62fd1a76a..d4074b6b5 100644
{{%- else -%}}
^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\"
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
-index bd617f3e8..57cf588c0 100644
+index 1d23a329a..847a388a5 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
@@ -1,6 +1,6 @@
@@ -5622,7 +5671,7 @@ index bd617f3e8..57cf588c0 100644
title: 'Require Authentication for Single User Mode'
-@@ -60,7 +60,7 @@ ocil: |-
+@@ -61,7 +61,7 @@ ocil: |-
To check if authentication is required for single-user mode, run the following command:
$ grep sulogin /usr/lib/systemd/system/rescue.service
The output should be similar to the following, and the line must begin with
@@ -5631,7 +5680,7 @@ index bd617f3e8..57cf588c0 100644
ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue
{{%- elif product in ["rhel7"] -%}}
-@@ -93,7 +93,7 @@ fixtext: |-
+@@ -94,7 +94,7 @@ fixtext: |-
Configure {{{ full_name }}} to require authentication in single user mode.
Add or update the following line in "/usr/lib/systemd/system/rescue.service":
@@ -5673,7 +5722,7 @@ index 8a64b5ea8..1e81d2e92 100644
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml
-index 2b2bf8871..b62b17fc0 100644
+index df711a8aa..67a821f42 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml
@@ -1,6 +1,6 @@
@@ -5705,7 +5754,7 @@ index dc63eb653..dc6931307 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
-index de8fab7e5..9a75f3fc4 100644
+index 6bcc443af..cd28d3cc6 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
@@ -1,6 +1,6 @@
@@ -5717,7 +5766,7 @@ index de8fab7e5..9a75f3fc4 100644
title: 'Configure tmux to lock session after inactivity'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
-index 80856b34d..5cffbff2c 100644
+index 084fb3903..5746fcdc5 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
@@ -1,6 +1,6 @@
@@ -5740,7 +5789,7 @@ index 6b2d6cd5e..c20712c9f 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
-index ec8fee18b..ed04283bd 100644
+index cdbc70008..4fe95b9a2 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
@@ -1,6 +1,6 @@
@@ -5752,7 +5801,7 @@ index ec8fee18b..ed04283bd 100644
title: 'Prevent user from disabling the screen lock'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
-index 14207a44c..2c975a940 100644
+index 6a706f60d..5d2b9799b 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -5764,7 +5813,7 @@ index 14207a44c..2c975a940 100644
title: 'Install the tmux Package'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
-index a1e6ae87e..bb9ae4d3d 100644
+index 2a0f5121b..3cf8dd719 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
@@ -1,6 +1,6 @@
@@ -5788,7 +5837,7 @@ index 27d1884f2..82caf0779 100644
title: 'Force opensc To Use Defined Smart Card Driver'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
-index a75f509a3..c7fb9b03d 100644
+index e4e1a79dc..bf424efbb 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
@@ -12,7 +12,7 @@
@@ -5801,7 +5850,7 @@ index a75f509a3..c7fb9b03d 100644
title: 'Install Smart Card Packages For Multifactor Authentication'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
-index 56570f5c6..7009fc6dd 100644
+index 41d6e55b2..1259418f3 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -5813,7 +5862,7 @@ index 56570f5c6..7009fc6dd 100644
title: 'Install the opensc Package For Multifactor Authentication'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml
-index f3b1ef07a..611d50bd3 100644
+index b7a0b4cd8..d839b7584 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -5825,7 +5874,7 @@ index f3b1ef07a..611d50bd3 100644
title: 'Install the pcsc-lite package'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
-index dcad70a82..48e796463 100644
+index 2c5ed01fb..4a9c3c97a 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
@@ -1,6 +1,6 @@
@@ -5891,7 +5940,7 @@ index ff493491e..082c8e61a 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
-index aad6ad4b6..0ea11661e 100644
+index 0a857bd74..2c2386b19 100644
--- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -5923,7 +5972,7 @@ index f299285d4..52e841b61 100644
{{{ bash_instantiate_variables("var_account_disable_post_pw_expiration") }}}
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
-index da2a2d367..e1aed6fec 100644
+index 526a15acc..bb55597bd 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
@@ -1,6 +1,6 @@
@@ -5947,7 +5996,7 @@ index 826119eaf..d6e707d6f 100644
title: 'Assign Expiration Date to Emergency Accounts'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
-index 90045204c..ece6239ac 100644
+index 45fb51198..04e2f8b0a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
@@ -1,6 +1,6 @@
@@ -5959,7 +6008,7 @@ index 90045204c..ece6239ac 100644
title: 'Assign Expiration Date to Temporary Accounts'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
-index 487bfd63a..b34d490ee 100644
+index 2e376eee7..37ebed027 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
@@ -1,6 +1,6 @@
@@ -5971,7 +6020,7 @@ index 487bfd63a..b34d490ee 100644
title: 'Ensure All Accounts on the System Have Unique User IDs'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
-index 9bb4ecb9f..b33b83d55 100644
+index 374454f7b..89b13cc52 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
@@ -1,6 +1,6 @@
@@ -5994,7 +6043,7 @@ index aa147fdce..bb8288f5b 100644
var_accounts_authorized_local_users_regex="^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
-index 1ba8ed152..3a0b63e44 100644
+index 6193b3f80..c97a6c6dd 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
@@ -1,6 +1,6 @@
@@ -6066,7 +6115,7 @@ index 8ff7cba19..14ece5d17 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
-index d56b4e8c0..8274fcfd4 100644
+index e21c8282a..c727b4a7e 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
@@ -1,6 +1,6 @@
@@ -6078,7 +6127,7 @@ index d56b4e8c0..8274fcfd4 100644
title: 'Set Existing Passwords Maximum Age'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
-index 5e1fe03a2..908f94abc 100644
+index 6955ddfd1..605ccc89a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
@@ -1,6 +1,6 @@
@@ -6124,7 +6173,7 @@ index f0bf9d696..2c184af24 100644
title: 'Set existing passwords a period of inactivity before they been locked'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
-index 25ec7a969..d5b38106c 100644
+index da7c934ec..01aba0395 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
@@ -1,6 +1,6 @@
@@ -6156,7 +6205,7 @@ index a40010714..d244fc548 100644
{{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml
-index f29320755..893fddd0e 100644
+index e0a37b484..b8e2def1e 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml
@@ -1,6 +1,6 @@
@@ -6248,7 +6297,7 @@ index 8316e495a..bf8a4c240 100644
{{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml
-index c2c92fd71..dbb641111 100644
+index 914911dc7..1640139f9 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml
@@ -1,6 +1,6 @@
@@ -6470,7 +6519,7 @@ index 8f87bf06e..6bed5ef5a 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
-index 6a819ccd5..7bd66a55b 100644
+index f0b5cc754..a6dc21e51 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
@@ -1,6 +1,6 @@
@@ -6522,7 +6571,7 @@ index cf672ee28..ea4326138 100644
# uncomment the option if commented
sed '/^[[:space:]]*#[[:space:]]*auth[[:space:]]\+required[[:space:]]\+pam_wheel\.so[[:space:]]\+use_uid$/s/^[[:space:]]*#//' -i /etc/pam.d/su
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
-index 3320b393c..caa81bd57 100644
+index 7f2dbc648..c08c8af94 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
@@ -1,6 +1,6 @@
@@ -6546,7 +6595,7 @@ index d425057a3..c5b9fa2cc 100644
title: 'Enforce Usage of pam_wheel with Group Parameter for su Authentication'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
-index 9a8332e38..9a567824d 100644
+index 3d6faac7e..1780b7eaa 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
@@ -1,6 +1,6 @@
@@ -6598,7 +6647,7 @@ index 0005b2ccb..0329d6cdf 100644
{{{ bash_instantiate_variables("var_accounts_max_concurrent_login_sessions") }}}
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
-index e91ae0493..75a3d622d 100644
+index b392f7aa0..ba7d0b237 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
@@ -1,6 +1,6 @@
@@ -6610,7 +6659,7 @@ index e91ae0493..75a3d622d 100644
title: 'Set Interactive Session Timeout'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
-index e56be2792..1156b8b1f 100644
+index 11dc1815e..33d19876d 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
@@ -1,6 +1,6 @@
@@ -6622,7 +6671,7 @@ index e56be2792..1156b8b1f 100644
title: 'User Initialization Files Must Not Run World-Writable Programs'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
-index 56fc415f9..6b9b3de28 100644
+index 7a78dfc2b..15ecd80c3 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
@@ -1,6 +1,6 @@
@@ -6634,7 +6683,7 @@ index 56fc415f9..6b9b3de28 100644
title: 'Ensure that Users Path Contains Only Local Directories'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
-index b90ef5d7d..6f3b1467d 100644
+index 1402fb0a0..23a5d971a 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
@@ -1,6 +1,6 @@
@@ -6646,7 +6695,7 @@ index b90ef5d7d..6f3b1467d 100644
title: 'All Interactive Users Must Have A Home Directory Defined'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
-index 6811bb1c2..6cabdee89 100644
+index 575fdd0f9..4d9f3a6ea 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
@@ -1,6 +1,6 @@
@@ -6658,7 +6707,7 @@ index 6811bb1c2..6cabdee89 100644
title: 'All Interactive Users Home Directories Must Exist'
diff --git a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
-index 94c513327..395be0d3d 100644
+index ee58cd30a..599fa7cfb 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
@@ -1,6 +1,6 @@
@@ -6670,7 +6719,7 @@ index 94c513327..395be0d3d 100644
title: 'All Interactive User Home Directories Must Be Group-Owned By The Primary Group'
diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
-index 5bfdd4a14..3af680a4f 100644
+index eed6623b4..8eada80cc 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
@@ -1,6 +1,6 @@
@@ -6682,7 +6731,7 @@ index 5bfdd4a14..3af680a4f 100644
title: 'Ensure All User Initialization Files Have Mode 0740 Or Less Permissive'
diff --git a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
-index bda4bfd36..503f5dd85 100644
+index 72bef78d2..2f716fffd 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
@@ -1,6 +1,6 @@
@@ -6704,7 +6753,7 @@ index 5bfb963a1..77807dbfb 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
-index 8293b72ad..4b4778b29 100644
+index 200502c4b..d19d51de9 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
@@ -1,6 +1,6 @@
@@ -6726,7 +6775,7 @@ index 0f681a6db..846b47fee 100644
{{{ bash_instantiate_variables("var_accounts_user_umask") }}}
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
-index 21238691a..b32ebb548 100644
+index 7eeee3879..b121d96ac 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
@@ -1,6 +1,6 @@
@@ -6738,7 +6787,7 @@ index 21238691a..b32ebb548 100644
title: 'Ensure the Default C Shell Umask is Set Correctly'
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
-index ded8284be..f1d84c863 100644
+index 313ac772a..117c95c56 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
@@ -1,6 +1,6 @@
@@ -6835,7 +6884,7 @@ index 3bd07c62e..e328ca74c 100644
rm -f /etc/pam.d/{fingerprint-auth,password-auth,postlogin,smartcard-auth,system-auth}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
-index 1dc43e75f..f1c518f50 100644
+index c20140fce..a8df7583f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
@@ -11,13 +11,13 @@ description: |-
@@ -6871,7 +6920,7 @@ index 1dc43e75f..f1c518f50 100644
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
-index 261433ef9..356c6b915 100644
+index 0013304a8..28c0aa69d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
@@ -9,24 +9,24 @@ description: |-
@@ -6904,7 +6953,7 @@ index 261433ef9..356c6b915 100644
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
-index abe8228aa..b69180b41 100644
+index 85d2f6d05..1e24c8712 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
@@ -11,13 +11,13 @@ description: |-
@@ -6940,7 +6989,7 @@ index abe8228aa..b69180b41 100644
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
-index f855dd32b..406d2846a 100644
+index b36944ba4..b1bd302bb 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
@@ -9,24 +9,24 @@ description: |-
@@ -6973,7 +7022,7 @@ index f855dd32b..406d2846a 100644
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
-index 63d3490a4..d46e891f4 100644
+index 27e223fae..ffc215b13 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
@@ -10,13 +10,13 @@ description: |-
@@ -7009,7 +7058,7 @@ index 63d3490a4..d46e891f4 100644
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
-index ab4c0226e..00eb429aa 100644
+index 21610d36b..d7bba93f1 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
@@ -9,24 +9,24 @@ description: |-
@@ -7042,7 +7091,7 @@ index ab4c0226e..00eb429aa 100644
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
-index 2a15e8610..70b63bcf8 100644
+index f8e9a34d6..db4c4d95f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
@@ -1,6 +1,6 @@
@@ -7054,7 +7103,7 @@ index 2a15e8610..70b63bcf8 100644
title: 'Record Any Attempts to Run chacl'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
-index 8c1cec42e..805dd26ce 100644
+index 1a6802fc2..1485717ea 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
@@ -1,6 +1,6 @@
@@ -7066,7 +7115,7 @@ index 8c1cec42e..805dd26ce 100644
title: 'Record Any Attempts to Run setfacl'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
-index 4f4194fe8..a442db27a 100644
+index b2c8ab8f8..31ded68ed 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
@@ -1,10 +1,10 @@
@@ -7100,7 +7149,7 @@ index 786df6b45..03f695c90 100644
title: 'Record Any Attempts to Run restorecon'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
-index 43a9ae184..5b3e5de73 100644
+index 14a08e26b..9d84c44ac 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
@@ -1,10 +1,10 @@
@@ -7117,7 +7166,7 @@ index 43a9ae184..5b3e5de73 100644
title: 'Record Any Attempts to Run semanage'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml
-index 359326710..aa91706ca 100644
+index 432403663..65153618d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml
@@ -1,10 +1,10 @@
@@ -7134,7 +7183,7 @@ index 359326710..aa91706ca 100644
title: 'Record Any Attempts to Run setfiles'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
-index 810d62838..1009e7641 100644
+index b1444ef8f..0aa2f73d5 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
@@ -1,10 +1,10 @@
@@ -7585,7 +7634,7 @@ index b5857ab4f..bf38eb6ff 100644
title: 'Record Unsuccessful Ownership Changes to Files - chown'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
-index a3e663e12..41676e668 100644
+index 2f1ad3f06..909ddf6b3 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
@@ -1,6 +1,6 @@
@@ -7669,7 +7718,7 @@ index c0bf31449..fdc913a3f 100644
title: 'Record Unsuccessful Permission Changes to Files - fsetxattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
-index d088d91bc..706bbe595 100644
+index 449faf04e..38b334f4c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
@@ -1,6 +1,6 @@
@@ -7717,7 +7766,7 @@ index 249c0169c..a86b0ba90 100644
title: 'Record Unsuccessful Permission Changes to Files - lsetxattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
-index de8897a2c..236258921 100644
+index 406589c5f..963355aa2 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
@@ -1,6 +1,6 @@
@@ -7729,7 +7778,7 @@ index de8897a2c..236258921 100644
title: 'Record Unsuccessful Access Attempts to Files - open'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
-index 7b303e092..ce311256a 100644
+index 281886ca9..18a06bbb7 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
@@ -1,6 +1,6 @@
@@ -7867,7 +7916,7 @@ index 0da3156af..2ae183269 100644
title: 'Ensure auditd Rules For Unauthorized Attempts To open Are Ordered Correctly'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
-index c85d6d55c..c150d27b5 100644
+index 99183a570..b6bb9f57c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
@@ -1,6 +1,6 @@
@@ -7990,7 +8039,7 @@ index 094ab0e07..6449d4ab5 100644
title: 'Record Unsuccessful Permission Changes to Files - setxattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
-index b7e17951e..3a0b5cd01 100644
+index 02d9424fb..a8efd00bf 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
@@ -1,6 +1,6 @@
@@ -8092,7 +8141,7 @@ index 7c8e520c1..e5c1d9d93 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
-index d7973aed9..f854ab093 100644
+index b2fd7022a..93195efa7 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
@@ -1,6 +1,6 @@
@@ -8125,7 +8174,7 @@ index 639d76a21..7f4d463d6 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
-index 57bf26f06..e2f9b0221 100644
+index e5fd9bcdf..1c1b520ec 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
@@ -1,6 +1,6 @@
@@ -8158,7 +8207,7 @@ index 083a612a0..3228b89b7 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
-index 4392f855f..ca118c200 100644
+index b52273362..1bb20a388 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
@@ -1,6 +1,6 @@
@@ -8228,7 +8277,7 @@ index 9c69bc099..2c577274f 100644
{{% else %}}
{{% set faillock_path="/var/run/faillock" %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
-index 4dcd32e2c..089f82beb 100644
+index a8d92255a..135d9548a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
@@ -1,6 +1,6 @@
@@ -8240,7 +8289,7 @@ index 4dcd32e2c..089f82beb 100644
title: 'Record Attempts to Alter Logon and Logout Events - faillock'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
-index 45c08e4c4..fa08cd80f 100644
+index e323b64c2..0b763a44a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
@@ -1,6 +1,6 @@
@@ -8252,7 +8301,7 @@ index 45c08e4c4..fa08cd80f 100644
title: 'Record Attempts to Alter Logon and Logout Events - lastlog'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
-index 96f6e645f..c8a01d3a2 100644
+index 8ebbe44c0..82a4345ce 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
@@ -1,6 +1,6 @@
@@ -8467,7 +8516,7 @@ index 639e61446..6df3021a6 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - at'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
-index bc240650e..51f49e210 100644
+index 40531f203..703ddf79f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
@@ -1,10 +1,10 @@
@@ -8484,7 +8533,7 @@ index bc240650e..51f49e210 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - chage'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
-index 8603087c3..d0e113083 100644
+index a48a30098..8f4c3c927 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
@@ -1,10 +1,10 @@
@@ -8501,7 +8550,7 @@ index 8603087c3..d0e113083 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - chsh'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
-index 0846706f2..daea0305e 100644
+index 6c81b180d..b7b7dc389 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
@@ -1,10 +1,10 @@
@@ -8548,7 +8597,7 @@ index 6ac08b082..d4816e8cb 100644
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
-index 347eaee25..0f5e28e69 100644
+index c1865a24b..cf208e4e2 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
@@ -1,10 +1,10 @@
@@ -8595,7 +8644,7 @@ index 29bfc7be7..d0910b1c6 100644
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/sbin/insmod", "x", "modules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
-index 1f40fde77..4995a7473 100644
+index efc6edf3e..a7a955e56 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
@@ -1,4 +1,4 @@
@@ -8634,7 +8683,7 @@ index ed9771d0d..665d2cc0f 100644
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/sbin/modprobe", "x", "modules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml
-index 602518ad8..2211f6234 100644
+index c8b3db117..fea42400f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml
@@ -1,10 +1,10 @@
@@ -8678,7 +8727,7 @@ index 83c1c812f..f5975167e 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newgidmap'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
-index 59b4dcfbb..7364c6d0f 100644
+index 0057a2ea6..624215a4f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
@@ -1,10 +1,10 @@
@@ -8712,7 +8761,7 @@ index 41f9fc3de..450bbcd5d 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newuidmap'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
-index 0bda87b7d..23057f37a 100644
+index f5209ef8d..49a655c7a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
@@ -1,4 +1,4 @@
@@ -8731,7 +8780,7 @@ index 0bda87b7d..23057f37a 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - pam_timestamp_check'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
-index 19b6623a7..6ea58745c 100644
+index 36e693f8c..aed70bef8 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
@@ -1,10 +1,10 @@
@@ -8768,7 +8817,7 @@ index aae180149..570630d86 100644
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
-index 8408a93d0..0e2f11f15 100644
+index efba85f00..cbe53dfae 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
@@ -1,10 +1,10 @@
@@ -8785,7 +8834,7 @@ index 8408a93d0..0e2f11f15 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - postdrop'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
-index bbeabeb8d..f68603e67 100644
+index f8809fd83..3b39fc4bc 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
@@ -1,10 +1,10 @@
@@ -8839,7 +8888,7 @@ index bf0a58b43..0b13f7c0d 100644
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/sbin/rmmod", "x", "modules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml
-index e1d848144..0da4b277d 100644
+index e8ad41133..ec47287e9 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml
@@ -1,6 +1,6 @@
@@ -8851,7 +8900,7 @@ index e1d848144..0da4b277d 100644
title: 'Record Any Attempts to Run ssh-agent'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
-index fd3983b53..bc40e55bc 100644
+index f8e2f71a4..59761b0e6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
@@ -1,4 +1,4 @@
@@ -8910,7 +8959,7 @@ index 7c3c4c64a..978ee75ef 100644
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
-index 7a02e6220..aa0366661 100644
+index 53c04e298..665b23e45 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
@@ -1,10 +1,10 @@
@@ -8927,7 +8976,7 @@ index 7a02e6220..aa0366661 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - su'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
-index 55e5e24bd..14301e740 100644
+index e55272856..763d307f8 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
@@ -1,10 +1,10 @@
@@ -8944,7 +8993,7 @@ index 55e5e24bd..14301e740 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - sudo'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
-index ed40c3d03..b9548cd10 100644
+index 2dfd45f5f..2d75064df 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
@@ -1,10 +1,10 @@
@@ -8961,7 +9010,7 @@ index ed40c3d03..b9548cd10 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - sudoedit'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
-index 4ba40efd0..24875d8ca 100644
+index 379e854a7..25196f69e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
@@ -1,10 +1,10 @@
@@ -8978,7 +9027,7 @@ index 4ba40efd0..24875d8ca 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - umount'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
-index 53d21d2c8..b453a93ed 100644
+index 8cdc38b7d..862f929a1 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
@@ -1,10 +1,10 @@
@@ -8995,7 +9044,7 @@ index 53d21d2c8..b453a93ed 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - unix_chkpwd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml
-index 6ad48696d..a48487a53 100644
+index 77dfe3730..895b19be6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml
@@ -1,6 +1,6 @@
@@ -9007,7 +9056,7 @@ index 6ad48696d..a48487a53 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - unix_update'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
-index b1994fa98..b90c80334 100644
+index 9befc0b05..ae471bf62 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
@@ -1,10 +1,10 @@
@@ -9024,7 +9073,7 @@ index b1994fa98..b90c80334 100644
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - userhelper'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
-index 8af435987..d7f4105b0 100644
+index d7379274b..0f76c8b2c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
@@ -1,6 +1,6 @@
@@ -9350,7 +9399,7 @@ index 8b2377d44..39c2bba69 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml
-index 628dc4fd8..470dda95e 100644
+index 71f791476..5c233c449 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml
@@ -1,6 +1,6 @@
@@ -9362,7 +9411,7 @@ index 628dc4fd8..470dda95e 100644
title: 'Ensure auditd Collects System Administrator Actions - /etc/sudoers'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml
-index a8b33956b..d7810237a 100644
+index c85eef910..e0ac011c7 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml
@@ -1,6 +1,6 @@
@@ -9437,7 +9486,7 @@ index 323a798b1..46fad7416 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml
-index 49a665ded..6bbfe47d5 100644
+index 4802646e8..149c5721d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml
@@ -1,6 +1,6 @@
@@ -9470,7 +9519,7 @@ index 336beb2b7..26c47e462 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
-index 339a4846f..d28dabf18 100644
+index 724b11dc9..8b29acca4 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
@@ -1,6 +1,6 @@
@@ -9492,7 +9541,7 @@ index 07965e2c7..908fa6e54 100644
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/etc/group", "wa", "audit_rules_usergroup_modification") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
-index b213979b4..4de076a87 100644
+index b8a3aea14..8885f01de 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
@@ -1,6 +1,6 @@
@@ -9504,7 +9553,7 @@ index b213979b4..4de076a87 100644
title: 'Record Events that Modify User/Group Information - /etc/group'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
-index 0bb5e2238..d2927742d 100644
+index e857ced4d..6d7d96173 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
@@ -1,6 +1,6 @@
@@ -9516,7 +9565,7 @@ index 0bb5e2238..d2927742d 100644
title: 'Record Events that Modify User/Group Information - /etc/gshadow'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
-index 946cd6104..d8df5fc36 100644
+index 1891114f3..bf7ec37b8 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
@@ -1,6 +1,6 @@
@@ -9528,7 +9577,7 @@ index 946cd6104..d8df5fc36 100644
title: 'Record Events that Modify User/Group Information - /etc/security/opasswd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
-index 46cf595dd..4cbb92902 100644
+index 7372fe52a..d863bab18 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
@@ -1,6 +1,6 @@
@@ -9540,7 +9589,7 @@ index 46cf595dd..4cbb92902 100644
title: 'Record Events that Modify User/Group Information - /etc/passwd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
-index a4e780a39..79ae71305 100644
+index 5fc5fda83..4227e348e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
@@ -1,6 +1,6 @@
@@ -9676,7 +9725,7 @@ index ec17adf55..0ecb4079c 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml
-index dfff55bd3..c07d286d7 100644
+index 6b09bc56e..d1172cbf2 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml
@@ -1,6 +1,6 @@
@@ -9700,7 +9749,7 @@ index 09d4e8ff5..6a8e8bdab 100644
groupadd group_test
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml
-index 6a95e9f13..ed02bd2b6 100644
+index de7b97c75..891466348 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml
@@ -1,6 +1,6 @@
@@ -9858,7 +9907,7 @@ index 0b42da512..013401d8c 100644
if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then
FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
-index a7aa67de4..e4af05d51 100644
+index e73322c96..9f195e69b 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
@@ -1,6 +1,6 @@
@@ -9946,7 +9995,7 @@ index 9ec973546..54470bf57 100644
title: 'Configure audispd Plugin To Send Logs To Remote Server'
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
-index 5edbb9df9..bb2dee441 100644
+index 849847ad7..028e68767 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
@@ -1,6 +1,6 @@
@@ -10276,7 +10325,7 @@ index 55f407e01..b9084af21 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml
-index 01c5df5d6..8baf0d0ad 100644
+index d986d448f..6b51389b7 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml
@@ -1,6 +1,6 @@
@@ -10591,7 +10640,7 @@ index 55f407e01..b9084af21 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
-index c82d0d370..1e0e809ff 100644
+index de0e08d46..014f49e30 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
@@ -1,6 +1,6 @@
@@ -10636,7 +10685,7 @@ index 55f407e01..b9084af21 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
-index c93322835..b24919d0b 100644
+index 015e9d6ef..cb221f19e 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
@@ -1,4 +1,4 @@
@@ -10646,7 +10695,7 @@ index c93322835..b24919d0b 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
-index 67a1203dd..12a94396c 100644
+index a08fddc90..1b881f0ff 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
@@ -1,4 +1,4 @@
@@ -10698,7 +10747,7 @@ index 55f407e01..b9084af21 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
-index e81a90bc6..7f97fd716 100644
+index 2cb1b0028..f86d17a4b 100644
--- a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
+++ b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
@@ -1,6 +1,6 @@
@@ -10710,7 +10759,7 @@ index e81a90bc6..7f97fd716 100644
title: 'Enable Auditing for Processes Which Start Prior to the Audit Daemon'
diff --git a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
-index 65132d8ee..87202053a 100644
+index 80bb22293..3f43ccf20 100644
--- a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
+++ b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
@@ -1,6 +1,6 @@
@@ -10722,7 +10771,7 @@ index 65132d8ee..87202053a 100644
title: 'Extend Audit Backlog Limit for the Audit Daemon'
diff --git a/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml b/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml
-index e2d2b7fdb..122741d83 100644
+index 785c64971..3c76ed890 100644
--- a/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml
+++ b/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -11149,7 +11198,7 @@ index 4b6116733..42e1c3da2 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
-index c5295afeb..a3f50d94d 100644
+index dbf1015a1..006659fa1 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
@@ -1,6 +1,6 @@
@@ -11641,7 +11690,7 @@ index 9c8723e7a..afc2a1b32 100644
title: 'Enable randomization of the page allocator'
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
-index 70251f709..fb0fcd90b 100644
+index f855edebd..e0366b7b1 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
@@ -1,6 +1,6 @@
@@ -11653,7 +11702,7 @@ index 70251f709..fb0fcd90b 100644
title: 'Enable Kernel Page-Table Isolation (KPTI)'
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
-index 9a0f0d212..51ec8d39d 100644
+index 3e81a8aed..80a2fd8a3 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
@@ -1,6 +1,6 @@
@@ -11665,7 +11714,7 @@ index 9a0f0d212..51ec8d39d 100644
title: 'Disable vsyscalls'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
-index d0bdf2523..bc500e1ba 100644
+index b157d9b44..b617a9fef 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
@@ -11689,7 +11738,7 @@ index b7557c41f..5baf05fef 100644
title: 'Verify {{{ grub2_boot_path }}}/user.cfg Group Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
-index 2ef41b1c5..7cc14e6d3 100644
+index 3df07a568..ea563944d 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
@@ -11737,7 +11786,7 @@ index 8de6ef356..533ecca7d 100644
title: 'Verify {{{ grub2_boot_path }}}/user.cfg Permissions'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
-index 05e2deae0..5b2ff8875 100644
+index 49a7f8d5e..84d8931c5 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
@@ -1,6 +1,6 @@
@@ -11749,7 +11798,7 @@ index 05e2deae0..5b2ff8875 100644
title: 'Set the Boot Loader Admin Username to a Non-Default Value'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
-index 03031cd11..27be45e21 100644
+index bde98a410..bbd6914f0 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
@@ -1,6 +1,6 @@
@@ -12222,7 +12271,7 @@ index 35f88e89d..9dad78b62 100644
title: 'Disable the LDT (local descriptor table)'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml
-index db2575974..10704f264 100644
+index 3591e41c0..a0f8d639a 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml
@@ -1,6 +1,6 @@
@@ -12364,7 +12413,7 @@ index 773f88904..6060189e7 100644
if ! grep -s "^\s*cron\.\*\s*/var/log/cron$" /etc/rsyslog.conf /etc/rsyslog.d/*.conf; then
mkdir -p /etc/rsyslog.d
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
-index 8a7b722b9..5d691b060 100644
+index 546ae325a..2d68b4f1b 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
@@ -1,6 +1,6 @@
@@ -12408,7 +12457,7 @@ index 76f0e4b38..581668b67 100644
title: 'Ensure logging is configured'
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
-index bea5ed470..9585a0ad3 100644
+index e541c0a70..83bce753a 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
@@ -1,6 +1,6 @@
@@ -12479,7 +12528,7 @@ index 892523fc4..9fbba1ccb 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
-index 0abe60b2d..052486096 100644
+index 5e94cfdef..f3dbb9409 100644
--- a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
+++ b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -12491,7 +12540,7 @@ index 0abe60b2d..052486096 100644
description: |-
diff --git a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
-index 1ff4d159c..dd709d38f 100644
+index cf6f3069e..b1919e75a 100644
--- a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
+++ b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
@@ -1,6 +1,6 @@
@@ -12579,7 +12628,7 @@ index 1030537bd..15dbfaa69 100644
title: 'Configure CA certificate for rsyslog remote logging'
diff --git a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
-index cdf4f0eff..5cb39ffc4 100644
+index f9a95d2f8..9791b8ddf 100644
--- a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
@@ -1,6 +1,6 @@
@@ -12591,7 +12640,7 @@ index cdf4f0eff..5cb39ffc4 100644
title: 'Configure Firewalld to Use the Nftables Backend'
diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
-index fd1fe1494..04b6a045d 100644
+index 02a06babe..6596d2be1 100644
--- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -12603,7 +12652,7 @@ index fd1fe1494..04b6a045d 100644
title: 'Install firewalld Package'
diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
-index 52bc3288f..998b64efc 100644
+index fc30d7574..e7161f722 100644
--- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
@@ -1,6 +1,6 @@
@@ -12615,7 +12664,7 @@ index 52bc3288f..998b64efc 100644
title: 'Verify firewalld Enabled'
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
-index 18e51cc42..4082f8b21 100644
+index 056c07d88..555e3d4bd 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
@@ -1,6 +1,6 @@
@@ -12627,7 +12676,7 @@ index 18e51cc42..4082f8b21 100644
title: 'Configure the Firewalld Ports'
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
-index 2c0820d66..c18bf90c1 100644
+index 6a498a690..cc3e45b57 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
@@ -1,6 +1,6 @@
@@ -12675,7 +12724,7 @@ index d7cd7bc83..14f1269ac 100644
title: 'Set Default firewalld Zone for Incoming Packets'
diff --git a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
-index 995b046df..fb83e3418 100644
+index 567c7ff94..da2ae6049 100644
--- a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
+++ b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
@@ -1,6 +1,6 @@
@@ -12687,7 +12736,7 @@ index 995b046df..fb83e3418 100644
title: 'Verify Any Configured IPSec Tunnel Connections'
diff --git a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
-index 9427aee63..90a5b50a8 100644
+index 4b9c9121e..40ae1f453 100644
--- a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
+++ b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -12742,7 +12791,7 @@ index 87306fedb..88e2884bc 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
-index f9728d7dc..09a217ed2 100644
+index 7cb30d194..341db0876 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
@@ -1,6 +1,6 @@
@@ -12801,7 +12850,7 @@ index 8792fc668..2c7c4b025 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
-index 2d8036595..b0d0e01bf 100644
+index d986698c6..5f1901077 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
@@ -1,6 +1,6 @@
@@ -12824,7 +12873,7 @@ index e222b1c88..85b92ce90 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
-index 834c8c2c1..56792a6a0 100644
+index 27add4482..2c90fd4dc 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
@@ -1,6 +1,6 @@
@@ -12848,7 +12897,7 @@ index eb1264282..004cfa19b 100644
title: Configure Auto Configuration on All IPv6 Interfaces
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
-index 7373f9a7d..d3e9a26dc 100644
+index ccc429d5b..0108ace11 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
@@ -1,6 +1,6 @@
@@ -12895,7 +12944,7 @@ index 4ed2c480c..f59b6d7c3 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
-index 68083fac1..e1bba091b 100644
+index 07374bdb8..74a1274e6 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
@@ -1,6 +1,6 @@
@@ -12954,7 +13003,7 @@ index 845b013ed..063776b85 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
-index 1fa3ff038..c6592d804 100644
+index 7769ce20e..f910d2edc 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
@@ -1,6 +1,6 @@
@@ -12977,7 +13026,7 @@ index e2951d845..0335df123 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
-index 6f29e358d..f861df29d 100644
+index ba833372a..9ebbd930f 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
@@ -1,6 +1,6 @@
@@ -13080,7 +13129,7 @@ index 6bb6de134..1f0664a02 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
-index 643403856..ce0e453a4 100644
+index 9f047ea90..db48d4a53 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
@@ -1,6 +1,6 @@
@@ -13103,7 +13152,7 @@ index b3d72bb4a..b89b8a35a 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
-index 2620e4288..ca5e52e2c 100644
+index 88bfe6d7d..d640cbed0 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
@@ -1,6 +1,6 @@
@@ -13127,7 +13176,7 @@ index 977a5770b..1138e69c9 100644
title: 'Drop Gratuitious ARP frames on All IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
-index a75bcc616..021f28a32 100644
+index 9a36d2389..91e6eaf3e 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
@@ -1,6 +1,6 @@
@@ -13150,7 +13199,7 @@ index 70e767cc4..fbe1a27a2 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
-index 11dc1ce81..1f97eb364 100644
+index b1df46e25..c5552ae0e 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
@@ -1,6 +1,6 @@
@@ -13173,7 +13222,7 @@ index c64da37a3..08535e5a1 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
-index 3a4507eff..b31b2ec1d 100644
+index 832ea91ed..5fcfbb707 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
@@ -1,6 +1,6 @@
@@ -13241,7 +13290,7 @@ index 2bfbd9e46..8ea37100a 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
-index 4184bfc83..7b497bb4e 100644
+index 9303e24cc..bf9e9ff8a 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
@@ -1,6 +1,6 @@
@@ -13264,7 +13313,7 @@ index aa7d1562b..08668d03c 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
-index 0de834a15..8accee775 100644
+index d43d147ce..afd1580a5 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
@@ -1,6 +1,6 @@
@@ -13287,7 +13336,7 @@ index 3a60ab17c..728ddb817 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
-index 84b4b78e7..e3ff71f60 100644
+index be9262e37..09561ff2f 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
@@ -1,6 +1,6 @@
@@ -13310,7 +13359,7 @@ index b6e53de36..0b652c7cf 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
-index 2de023866..4256e78dc 100644
+index e7a277235..ce89ee252 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
@@ -1,6 +1,6 @@
@@ -13356,7 +13405,7 @@ index 52d74441b..08c8c256d 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
-index 6aa5a30a5..2e2b1af62 100644
+index 8512b9642..f45cd52e1 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
@@ -1,6 +1,6 @@
@@ -13379,7 +13428,7 @@ index 9e3a85af9..d4f4d31cb 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
-index 5e9c18bcb..c318e704c 100644
+index 58fef11d1..5b7353228 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
@@ -1,6 +1,6 @@
@@ -13438,7 +13487,7 @@ index 0c8dae788..a26df0c5a 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
-index 0b4f36272..fd0845768 100644
+index 984c7ff81..186f4e1c4 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
@@ -1,6 +1,6 @@
@@ -13461,7 +13510,7 @@ index ea1db12fe..5d8b19f68 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
-index 3bdc1dfea..7718e89dc 100644
+index 969fe698d..637460f94 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
@@ -1,6 +1,6 @@
@@ -13484,7 +13533,7 @@ index b54e3d12b..125464d7a 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
-index d456a9de6..4b7ad9c09 100644
+index 136847aa5..2743902f4 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
@@ -1,6 +1,6 @@
@@ -13555,7 +13604,7 @@ index 89d344c4f..1a926adaa 100644
tbl_output=$(nft list tables | grep inet)
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
-index f995e2795..58aba3312 100644
+index 26b93bf78..77fedb05a 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -13567,7 +13616,7 @@ index f995e2795..58aba3312 100644
title: 'Disable ATM Support'
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
-index 420485c11..3d4606979 100644
+index 61febfa32..3d82da2ce 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -13602,7 +13651,7 @@ index 57cc29270..4b1b2805e 100644
rm -f /etc/modprobe.d/dccp-blacklist.conf
echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
-index 0522abc15..8743e2011 100644
+index 919326417..552cb666f 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -13614,7 +13663,7 @@ index 0522abc15..8743e2011 100644
title: 'Disable IEEE 1394 (FireWire) Support'
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
-index 0da8cd9fe..7cae68668 100644
+index c4739b912..e91497b0c 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -13626,7 +13675,7 @@ index 0da8cd9fe..7cae68668 100644
title: 'Disable SCTP Support'
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
-index 847d21236..ef4903ca1 100644
+index 1172e7dbd..609a6f7fa 100644
--- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -13686,7 +13735,7 @@ index 409baf905..c56beebe1 100644
title: 'Disable Kernel mac80211 Module'
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
-index cb5749653..f9eb61cc0 100644
+index dfec17a79..42c0c7f2d 100644
--- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
+++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
@@ -1,6 +1,6 @@
@@ -13698,7 +13747,7 @@ index cb5749653..f9eb61cc0 100644
title: 'Deactivate Wireless Network Interfaces'
diff --git a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
-index bf2339bbd..f5ddc132f 100644
+index 019542b6d..a11fad3ec 100644
--- a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
+++ b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
@@ -1,6 +1,6 @@
@@ -13741,7 +13790,7 @@ index fe5704ea6..8faf594b1 100644
title: 'Prevent non-Privileged Users from Modifying Network Interfaces using nmcli'
diff --git a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
-index 6970bbdba..316f72ea8 100644
+index 072b43394..ca71415d2 100644
--- a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
+++ b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -13752,8 +13801,20 @@ index 6970bbdba..316f72ea8 100644
title: 'Ensure System is Not Acting as a Network Sniffer'
+diff --git a/linux_os/guide/system/network/networkmanager/networkmanager_dns_mode/rule.yml b/linux_os/guide/system/network/networkmanager/networkmanager_dns_mode/rule.yml
+index 210746188..463fae584 100644
+--- a/linux_os/guide/system/network/networkmanager/networkmanager_dns_mode/rule.yml
++++ b/linux_os/guide/system/network/networkmanager/networkmanager_dns_mode/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+
+-prodtype: rhel9
++prodtype: rhel9,almalinux9
+
+ title: 'NetworkManager DNS Mode Must Be Must Configured'
+
diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
-index 678b06d33..3cc2960ec 100644
+index 0654db0ad..d2c02c358 100644
--- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
@@ -1,6 +1,6 @@
@@ -13785,7 +13846,7 @@ index 91b3495c9..7f3876c49 100644
| xargs -I '$6' find '$6' -xdev -type d \
\( -perm -0002 -a ! -perm -1000 \) 2>/dev/null \
diff --git a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
-index c9ed36852..dd2964a7b 100644
+index 13356b344..540eb0bf2 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
@@ -1,6 +1,6 @@
@@ -13797,7 +13858,7 @@ index c9ed36852..dd2964a7b 100644
title: 'Verify Permissions on /etc/audit/auditd.conf'
diff --git a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
-index ec3bba5b8..67a6224b2 100644
+index 0e592304a..c66ee5739 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
@@ -1,6 +1,6 @@
@@ -13835,7 +13896,7 @@ index 7d1ac5d38..7fc8727f7 100644
description: |-
The SUID (set user id) bit should be set only on files that were
diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
-index d2aa53a98..f6a39047a 100644
+index b36642186..7d3ffba7a 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
@@ -1,6 +1,6 @@
@@ -13847,7 +13908,7 @@ index d2aa53a98..f6a39047a 100644
title: 'Ensure All Files Are Owned by a Group'
diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
-index 13650fcea..bc89f2697 100644
+index 11ed3b37e..0296a8e7c 100644
--- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
+++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
@@ -1,6 +1,6 @@
@@ -13859,7 +13920,7 @@ index 13650fcea..bc89f2697 100644
title: 'Ensure All Files Are Owned by a User'
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
-index 8f41e6219..3ea6ebc74 100644
+index 5e84759ab..733d1cf86 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
@@ -1,6 +1,6 @@
@@ -13963,7 +14024,7 @@ index b9bbe4dbe..2652ea041 100644
for SYSCMDFILES in /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin
do
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
-index d50a7162e..2f6aae483 100644
+index f4e81b24c..d8aabba6a 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
@@ -1,6 +1,6 @@
@@ -14079,7 +14140,7 @@ index ab89b277a..f4a7c33a9 100644
for dirPath in $DIRS; do
find "$dirPath" -perm /022 -exec chmod go-w '{}' \;
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
-index 662778c70..0ee65e6c2 100644
+index 2d4f70bbd..2888cf054 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
@@ -1,6 +1,6 @@
@@ -14157,7 +14218,7 @@ index 5ce0decba..b7a4243e4 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
-index 664c7364e..bbe384ab1 100644
+index eab9bce8c..01c174f77 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -14241,7 +14302,7 @@ index f36e2b226..4bcb148fb 100644
title: 'Disable Mounting of udf'
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
-index 144d855a0..f34a4fa4f 100644
+index a517d2fa9..444eecc54 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -14276,7 +14337,7 @@ index 41352695f..8b69802ab 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
-index 27f23dd29..e3449671c 100644
+index f433c1f88..1fa8f0c28 100644
--- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -14288,7 +14349,7 @@ index 27f23dd29..e3449671c 100644
title: 'Disable the Automounter'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
-index c6901e86d..edc580c6e 100644
+index 6c33c8b27..00aaae80c 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
@@ -1,6 +1,6 @@
@@ -14312,7 +14373,7 @@ index e3d538abf..82685e46e 100644
title: 'Add noauto Option to /boot'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
-index 9ac722d0e..a16bac464 100644
+index dd10c989a..1828a2fb9 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
@@ -1,6 +1,6 @@
@@ -14336,7 +14397,7 @@ index 56a22ce45..0412db1ee 100644
title: 'Add noexec Option to /boot'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
-index 583dd2b60..685116ad1 100644
+index a9b24acb9..9e9c83cc3 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
@@ -1,6 +1,6 @@
@@ -14348,7 +14409,7 @@ index 583dd2b60..685116ad1 100644
title: 'Add nosuid Option to /boot'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
-index ea5701f9b..300331de2 100644
+index 7debed33d..3287d3e24 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
@@ -1,6 +1,6 @@
@@ -14372,7 +14433,7 @@ index dfc449d17..9b76163ce 100644
title: 'Add grpquota Option to /home'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
-index d454139b4..7a8beb2c1 100644
+index ba5959a42..abd4d15e5 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
@@ -1,6 +1,6 @@
@@ -14384,7 +14445,7 @@ index d454139b4..7a8beb2c1 100644
title: 'Add nodev Option to /home'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
-index bee3a60e8..392ea6217 100644
+index d77f85065..8ccda6753 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
@@ -1,6 +1,6 @@
@@ -14396,7 +14457,7 @@ index bee3a60e8..392ea6217 100644
title: 'Add noexec Option to /home'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
-index 5e42ac0a7..4dddea527 100644
+index 85ec3a89b..e25c5970d 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
@@ -1,6 +1,6 @@
@@ -14420,7 +14481,7 @@ index 86536b375..48d19ff8b 100644
title: 'Add usrquota Option to /home'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
-index a22d24b1a..8db0376d3 100644
+index 2a7213e90..a77dc87f4 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
@@ -1,6 +1,6 @@
@@ -14432,7 +14493,7 @@ index a22d24b1a..8db0376d3 100644
title: 'Add nodev Option to Non-Root Local Partitions'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
-index d06852da9..7dab4e0c2 100644
+index 1ce710335..8567cc288 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
@@ -1,6 +1,6 @@
@@ -14444,7 +14505,7 @@ index d06852da9..7dab4e0c2 100644
title: 'Add nodev Option to Removable Media Partitions'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
-index 75934b9d7..7b15278f3 100644
+index e6494f487..fd022bb07 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
@@ -1,6 +1,6 @@
@@ -14456,7 +14517,7 @@ index 75934b9d7..7b15278f3 100644
title: 'Add noexec Option to Removable Media Partitions'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
-index 2ae9f064c..e83e27ae5 100644
+index db9c65f36..c47ddef38 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
@@ -1,6 +1,6 @@
@@ -14504,7 +14565,7 @@ index 5ff970bd7..70cfb541f 100644
title: 'Add nosuid Option to /srv'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
-index 105a4549d..78363f750 100644
+index 06a7dc18f..b64bc29a6 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
@@ -1,6 +1,6 @@
@@ -14516,7 +14577,7 @@ index 105a4549d..78363f750 100644
title: 'Add nodev Option to /tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
-index d4105fd2b..6a873abd9 100644
+index 5d8d9710f..5ed997d96 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
@@ -1,6 +1,6 @@
@@ -14528,7 +14589,7 @@ index d4105fd2b..6a873abd9 100644
title: 'Add noexec Option to /tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
-index e8f8b86b6..b449266f8 100644
+index b7b9fec92..b84df79a8 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
@@ -1,6 +1,6 @@
@@ -14540,7 +14601,7 @@ index e8f8b86b6..b449266f8 100644
title: 'Add nosuid Option to /tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
-index 844f31d18..2c5607901 100644
+index c89966261..ec8c078be 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
@@ -1,6 +1,6 @@
@@ -14552,7 +14613,7 @@ index 844f31d18..2c5607901 100644
title: 'Add nodev Option to /var/log/audit'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
-index f5c55f7d4..2f969b513 100644
+index 98a7e9ad0..031d04cb6 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
@@ -1,6 +1,6 @@
@@ -14564,7 +14625,7 @@ index f5c55f7d4..2f969b513 100644
title: 'Add noexec Option to /var/log/audit'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
-index 38c807ee5..59eb94efd 100644
+index 833e99470..944407139 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
@@ -1,6 +1,6 @@
@@ -14576,7 +14637,7 @@ index 38c807ee5..59eb94efd 100644
title: 'Add nosuid Option to /var/log/audit'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
-index b59aeba7f..464f2e2bb 100644
+index aae251d62..8d939dbf9 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
@@ -1,6 +1,6 @@
@@ -14588,7 +14649,7 @@ index b59aeba7f..464f2e2bb 100644
title: 'Add nodev Option to /var/log'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
-index e3885b497..1a0629c46 100644
+index 132b09fd2..fb683a59c 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
@@ -1,6 +1,6 @@
@@ -14600,7 +14661,7 @@ index e3885b497..1a0629c46 100644
title: 'Add noexec Option to /var/log'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
-index c46396311..f000bd827 100644
+index 0744827b9..807cdde9a 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
@@ -1,6 +1,6 @@
@@ -14612,7 +14673,7 @@ index c46396311..f000bd827 100644
title: 'Add nosuid Option to /var/log'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
-index d2723fd05..fa99b9edc 100644
+index eb57b5c01..22866c2a8 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
@@ -1,6 +1,6 @@
@@ -14670,7 +14731,7 @@ index 0d5c5a8c2..04578b145 100644
title: 'Bind Mount /var/tmp To /tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
-index 0496b5523..c9f255adc 100644
+index b21666373..a18d60118 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
@@ -1,6 +1,6 @@
@@ -14682,7 +14743,7 @@ index 0496b5523..c9f255adc 100644
title: 'Add nodev Option to /var/tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
-index 355ed84dd..2d6d50493 100644
+index 3240796eb..1c1696c18 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
@@ -1,6 +1,6 @@
@@ -14694,7 +14755,7 @@ index 355ed84dd..2d6d50493 100644
title: 'Add noexec Option to /var/tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
-index 6a5862650..7cfc53ea6 100644
+index 49b39bc06..2fe009aa9 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
@@ -1,6 +1,6 @@
@@ -14749,7 +14810,7 @@ index 41cbd1197..481afa583 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
-index 4de1534fb..4f7474688 100644
+index 2eca5e203..0381388d2 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
@@ -1,6 +1,6 @@
@@ -14761,7 +14822,7 @@ index 4de1534fb..4f7474688 100644
title: 'Disable Core Dumps for All Users'
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
-index 6d62d139a..4c717b72f 100644
+index 0072545f3..47b6d71f5 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -14773,7 +14834,7 @@ index 6d62d139a..4c717b72f 100644
title: 'Disable acquiring, saving, and processing core dumps'
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
-index 461484337..34a311d57 100644
+index ab45d968b..8265f2dfa 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
@@ -1,6 +1,6 @@
@@ -14863,7 +14924,7 @@ index 3260539b3..29d22d491 100755
cp /proc/cpuinfo /tmp/cpuinfo
diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
-index 78c982211..b2c427397 100644
+index 6a0befd50..6d0e5039f 100644
--- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
@@ -1,6 +1,6 @@
@@ -14875,7 +14936,7 @@ index 78c982211..b2c427397 100644
title: 'Enable page allocator poisoning'
diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
-index ea3560cec..e802f057e 100644
+index 59c4c94ff..1efa6f993 100644
--- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
@@ -1,6 +1,6 @@
@@ -14898,7 +14959,7 @@ index 88c683445..fa9b2020d 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-index e36985406..d42de7a55 100644
+index a4d5e4a19..57f2b0461 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
@@ -1,6 +1,6 @@
@@ -14954,7 +15015,7 @@ index 36e025cc3..e97acde11 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
-index b7acaf128..ada8a741a 100644
+index 0000c38de..891b96204 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
@@ -1,6 +1,6 @@
@@ -14977,7 +15038,7 @@ index 505b3c12b..cdf18e6dd 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
-index 4e68361c2..cb1900aca 100644
+index fa70fcd5c..342130274 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -15036,7 +15097,7 @@ index 0541e59a7..50020c28c 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
-index a39ff72ee..855c75717 100644
+index ee2c1333d..aee317fd7 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
@@ -1,6 +1,6 @@
@@ -15083,7 +15144,7 @@ index 2e24d9211..7b706bb32 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
-index ca51c5534..e563cdfbc 100644
+index 549caac66..d758f08a8 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -15162,7 +15223,7 @@ index ceafd4839..7006e2066 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
-index e03106c01..d63d41401 100644
+index 1a9c419a0..4e3c1b97f 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
@@ -1,6 +1,6 @@
@@ -15185,7 +15246,7 @@ index 7519b7740..af6c30abd 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
-index 323fef1e6..7bd70d304 100644
+index 791f71451..a68415e8b 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
@@ -1,6 +1,6 @@
@@ -15208,7 +15269,7 @@ index fdd4fb83e..3274d5b36 100644
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
-index 2932ebe23..61abbf26b 100644
+index 9713bd0cb..0d46f3acd 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
@@ -1,6 +1,6 @@
@@ -15311,7 +15372,7 @@ index f11bd265b..928f39221 100644
title: 'Uninstall mcstrans Package'
diff --git a/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml
-index eb5f39b45..9cadeabd0 100644
+index 308655d12..b6b10c66f 100644
--- a/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml
+++ b/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -15323,7 +15384,7 @@ index eb5f39b45..9cadeabd0 100644
title: 'Install policycoreutils-python-utils package'
diff --git a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
-index 71e5c70a6..d73fc1ca8 100644
+index f5b0cf4ed..77c102918 100644
--- a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
+++ b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -18887,7 +18948,7 @@ index dc7b1290a..8b0cc9eff 100644
title: 'Disable the zoneminder_run_sudo SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
-index 7065c1eb9..b52751a11 100644
+index 36b3f79ab..0a91ace9a 100644
--- a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
@@ -1,6 +1,6 @@
@@ -18931,7 +18992,7 @@ index 0b33e5768..c9b647b8e 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
-index d84bae70e..b09c1f884 100644
+index f6a2e5dd8..ff0642330 100644
--- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
@@ -1,6 +1,6 @@
@@ -18975,7 +19036,7 @@ index d4c211c10..11a0f1318 100644
title: 'Map System Users To The Appropriate SELinux Role'
diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
-index a7b2c5bcc..37bb0c032 100644
+index 34dc1b0c8..2a9a4ca91 100644
--- a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
@@ -1,6 +1,6 @@
@@ -18987,7 +19048,7 @@ index a7b2c5bcc..37bb0c032 100644
title: 'Encrypt Partitions'
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
-index 65cde9418..a1eebc3cd 100644
+index a5f203a1a..026728c48 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
@@ -1,6 +1,6 @@
@@ -18999,7 +19060,7 @@ index 65cde9418..a1eebc3cd 100644
title: 'Ensure /var/tmp Located On Separate Partition'
diff --git a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
-index 814a0103c..476d0c026 100644
+index 2c5956184..e0d46b2d0 100644
--- a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
+++ b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
@@ -1,6 +1,6 @@
@@ -19033,7 +19094,7 @@ index c3baa1b80..be83f158f 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml
-index b5bf2b998..ae67a6374 100644
+index 420150667..5ec8800d1 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml
@@ -1,6 +1,6 @@
@@ -19055,7 +19116,7 @@ index 917fc7dc4..bc1d7c63c 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
-index 50a8651ab..f385e5e0b 100644
+index 5957ae82f..baa99ae39 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
@@ -1,6 +1,6 @@
@@ -19089,7 +19150,7 @@ index 0e5f22171..6893ab752 100644
title: 'Enable the GNOME3 Login Smartcard Authentication'
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
-index 3bdd2128d..4ad458ae9 100644
+index fe8fa9d68..6eacc82f0 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
@@ -1,6 +1,6 @@
@@ -19133,7 +19194,7 @@ index 6b19c8138..1f656f5a8 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
-index cbfcb9c18..e750aab6e 100644
+index 9efe162f9..3f89c9fc7 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
@@ -1,6 +1,6 @@
@@ -19197,7 +19258,7 @@ index ac168ef9f..69ecfa6a7 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
-index 429314038..44e8b7dce 100644
+index 4f9addce4..bd501e280 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
@@ -1,6 +1,6 @@
@@ -19219,7 +19280,7 @@ index 51e4063c3..3591b7266 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
-index b7662be6f..b301fefaa 100644
+index 74ee30202..dcdb2da1b 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
@@ -1,6 +1,6 @@
@@ -19395,7 +19456,7 @@ index 5b08acff4..d1af90b16 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
-index 58488e8aa..84c6287bd 100644
+index eeb849c86..0899f8732 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
@@ -1,6 +1,6 @@
@@ -19417,7 +19478,7 @@ index 9d034e519..2c45806b4 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
-index 99c897f17..96a479d15 100644
+index f8b2a08de..fb53c5855 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
@@ -1,6 +1,6 @@
@@ -19439,7 +19500,7 @@ index d04e6893f..5b9cba007 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
-index 8a86e3806..f412ea1c5 100644
+index 43b8a1c19..af91d6790 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
@@ -1,6 +1,6 @@
@@ -19483,7 +19544,7 @@ index 4dbe2b3c8..7313b6bcd 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
-index 48735e16a..760ddd915 100644
+index 7b305f37b..bae9b0f5e 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
@@ -1,6 +1,6 @@
@@ -19527,7 +19588,7 @@ index ed7d98843..a41cb7151 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
-index a1169934f..ca6fbec61 100644
+index 723dfb096..9c7e5c9d0 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
@@ -1,6 +1,6 @@
@@ -19549,7 +19610,7 @@ index aae97c962..18c7ec75f 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
-index 762e8c789..42306ba2c 100644
+index 7f0a52f33..861bc94ef 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
@@ -1,6 +1,6 @@
@@ -19571,7 +19632,7 @@ index 76181547b..eb340cb5b 100644
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
-index 1f04e0af0..5b7b4ee65 100644
+index 8889ac6c0..71c78c390 100644
--- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
@@ -1,6 +1,6 @@
@@ -19678,7 +19739,7 @@ index 16c3847ad..fe79866e1 100644
diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
-index 234eb42b8..95d0d85aa 100644
+index 53d18dbef..1cd3280bd 100644
--- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
@@ -1,6 +1,6 @@
@@ -19700,7 +19761,7 @@ index 234eb42b8..95d0d85aa 100644
Red Hat Enterprise Linux is supported by Red Hat, Inc. As the Red Hat Enterprise
Linux vendor, Red Hat, Inc. is responsible for providing security patches.
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
-index cafd1940a..ad85c5f08 100644
+index 0f9b14f04..a3858e238 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
@@ -19782,7 +19843,7 @@ index dd096ab41..b180ed3b3 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
-index d1aec7744..51b86c1eb 100644
+index c592a41fb..4b75605f3 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
@@ -19949,7 +20010,7 @@ index 12ca11e55..bcc51e9da 100644
title: 'Configure GnuTLS library to use DoD-approved TLS Encryption'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
-index 094beadb3..4dbc00505 100644
+index 5d761430b..fae1b0544 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
@@ -19993,7 +20054,7 @@ index 4eb5348f2..42201408e 100644
rm -f /etc/krb5.conf.d/crypto-policies
ln -s /etc/crypto-policies/back-ends/openssh.config /etc/krb5.conf.d/crypto-policies
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
-index 5c8655c92..24cdf79db 100644
+index 84d2e1dc0..abe51b161 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
@@ -20089,7 +20150,7 @@ index 4e77718c8..d73aa3a79 100644
{{% else %}}
OPENSSL_CRYPTO_POLICY_INCLUSION='.include /etc/crypto-policies/back-ends/opensslcnf.config'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
-index 8cf86b739..4d8219512 100644
+index 37d5ff6d1..535db4d33 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
@@ -20165,7 +20226,7 @@ index 1b2ea8d80..fcffa0118 100644
. common.sh
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
-index 767481d1e..709402bb7 100644
+index e937e9f12..04ab57264 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
@@ -20177,7 +20238,7 @@ index 767481d1e..709402bb7 100644
title: 'Configure OpenSSL library to use TLS Encryption'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
-index 2373c03c3..a332ccbd8 100644
+index d87e647cf..7c4da1236 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
@@ -20249,7 +20310,7 @@ index a6e7c89da..953ad981c 100644
SSH_CONF="/etc/sysconfig/sshd"
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
-index 00bbcf955..11cebbaa2 100644
+index d25cadb02..dd6c364a8 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
@@ -20261,7 +20322,7 @@ index 00bbcf955..11cebbaa2 100644
title: 'Configure SSH Client to Use FIPS 140-2 Validated Ciphers: openssh.config'
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
-index c4edc79bf..4552f5c15 100644
+index 9f9fb9f2c..9fdfddecb 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
@@ -20273,7 +20334,7 @@ index c4edc79bf..4552f5c15 100644
title: 'Configure SSH Server to Use FIPS 140-2 Validated Ciphers: opensshserver.config'
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
-index 8736e39af..f1b8e7bd8 100644
+index 547c31545..f0a8e222d 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
@@ -20285,7 +20346,7 @@ index 8736e39af..f1b8e7bd8 100644
title: 'Configure SSH Client to Use FIPS 140-2 Validated MACs: openssh.config'
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
-index f08f120f9..e81ea7532 100644
+index a76cee71d..93e69e071 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
@@ -20297,7 +20358,7 @@ index f08f120f9..e81ea7532 100644
title: 'Configure SSH Server to Use FIPS 140-2 Validated MACs: opensshserver.config'
diff --git a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml
-index 68dc260a8..c5d2357ad 100644
+index 75fa8730d..f4fd17fbf 100644
--- a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -20331,7 +20392,7 @@ index a1dbb727a..e35c1dd9b 100644
title: 'Install Intrusion Detection Software'
diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
-index c0e75cb0b..a152527d2 100644
+index c0613116d..76250200f 100644
--- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
@@ -1,6 +1,6 @@
@@ -20343,7 +20404,7 @@ index c0e75cb0b..a152527d2 100644
title: 'Ensure McAfee Endpoint Security for Linux (ENSL) is running'
diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
-index ef172b86b..4a8f0f0ce 100644
+index 85a3c5583..85bba571c 100644
--- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
@@ -6,7 +6,7 @@
@@ -20376,7 +20437,7 @@ index 5da0c99e6..57ac7592b 100644
fips-mode-setup --enable
FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
-index 62cfc0d6a..38793f1bc 100644
+index d6a17c21f..b157aa8fc 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
@@ -1,6 +1,6 @@
@@ -20425,7 +20486,7 @@ index 3b50e0706..fe102e2f5 100644
{{%- else %}}
{{# Legacy and more relaxed list of crypto policies that were historically considered
diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
-index c6e966202..ea9661cc3 100644
+index e8abdf67d..2fc9f7f2c 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
+++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
@@ -1,6 +1,6 @@
@@ -20449,7 +20510,7 @@ index 33841e4d3..3a232595f 100644
title: Ensure '/etc/system-fips' exists
diff --git a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
-index 2aafe35d7..701a49758 100644
+index 2c42b6263..2b7abf6f4 100644
--- a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
+++ b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
@@ -1,6 +1,6 @@
@@ -20503,7 +20564,7 @@ index ea2a1113b..fbc6b9b8a 100644
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
-index 4d786f01b..0c4189f58 100644
+index 79a0cdeff..d7109e091 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
@@ -1,6 +1,6 @@
@@ -20569,7 +20630,7 @@ index dfa5c1b6c..60ac94141 100644
{{{ bash_package_install("aide") }}}
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
-index 123e0ebf2..6d707f151 100644
+index 8135d0bb1..0e3a58a20 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
@@ -4,7 +4,7 @@
@@ -20582,7 +20643,7 @@ index 123e0ebf2..6d707f151 100644
title: 'Configure Periodic Execution of AIDE'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
-index 8ba2e2067..eae51324a 100644
+index ac1f1452b..a8db4c991 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
@@ -1,6 +1,6 @@
@@ -20604,7 +20665,7 @@ index 34a114520..b22a658da 100644
{{{ bash_package_install("aide") }}}
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml
-index b6b7b17b2..28010113b 100644
+index 8b880c9f2..eaadaef07 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml
@@ -1,6 +1,6 @@
@@ -20616,7 +20677,7 @@ index b6b7b17b2..28010113b 100644
title: 'Configure AIDE to Use FIPS 140-2 for Validating Hashes'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
-index acf599624..d8d135e23 100644
+index 6e2a50eb8..52e134537 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
@@ -1,6 +1,6 @@
@@ -20628,7 +20689,7 @@ index acf599624..d8d135e23 100644
title: 'Configure AIDE to Verify Access Control Lists (ACLs)'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
-index 161718276..97b2863a4 100644
+index ab1435f53..617f99200 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
@@ -1,6 +1,6 @@
@@ -20640,7 +20701,7 @@ index 161718276..97b2863a4 100644
title: 'Configure AIDE to Verify Extended Attributes'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml
-index 7cb7eb36d..ffa6a2c4c 100644
+index d8e5c1652..3c861f982 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml
@@ -1,6 +1,6 @@
@@ -20652,7 +20713,7 @@ index 7cb7eb36d..ffa6a2c4c 100644
title: Audit Tools Must Be Group-owned by Root
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml
-index 077a39e0e..e8aedaa82 100644
+index 04f3e40e9..bc8b1b255 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml
@@ -1,6 +1,6 @@
@@ -20664,7 +20725,7 @@ index 077a39e0e..e8aedaa82 100644
title: Audit Tools Must Be Owned by Root
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml
-index d31eb6e93..f883d6134 100644
+index 460ee52d7..d937053fb 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml
@@ -1,6 +1,6 @@
@@ -20676,7 +20737,7 @@ index d31eb6e93..f883d6134 100644
title: Audit Tools Must Have a Mode of 0755 or Less Permissive
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
-index 6e9b2554a..b99d34ef3 100644
+index eb09388de..9d1c17ae3 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -20718,7 +20779,7 @@ index fe8f7abc1..2e36bd503 100644
# Find which files have incorrect hash (not in /etc, because of the system related config files) and then get files names
files_with_incorrect_hash="$(rpm -Va --noconfig | grep -E '^..5' | awk '{print $NF}' )"
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
-index 1706d789a..ab7f15e2d 100644
+index 3472f117b..586a3a11b 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
@@ -1,6 +1,6 @@
@@ -20794,7 +20855,7 @@ index 5ba5ce1f0..1ec02d90f 100644
title: 'Verify and Correct File Permissions with RPM'
diff --git a/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml b/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml
-index 4652a0922..35e52e971 100644
+index 86335e872..15799b75d 100644
--- a/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml
+++ b/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -20871,7 +20932,7 @@ index 0e5aed5d0..c75edccd5 100644
# Make sure sudo is owned by root group
diff --git a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
-index 78ee25868..6954f3e00 100644
+index 5de52cbed..7d73daa2c 100644
--- a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
@@ -1,6 +1,6 @@
@@ -20883,7 +20944,7 @@ index 78ee25868..6954f3e00 100644
title: 'Require Re-Authentication When Using the sudo Command'
diff --git a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
-index b90f566ab..d4dec8c3c 100644
+index 4999f30d7..471844ca9 100644
--- a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
@@ -20908,7 +20969,7 @@ index 4d57b106b..b39e53aeb 100644
title: 'Ensure sudo only includes the default configuration directory'
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
-index bd9d93947..f39b84748 100644
+index ef6bef6a4..88ca83fe0 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
@@ -21045,7 +21106,7 @@ index 1210a1e8e..fef51b214 100644
title: 'Uninstall geolite2-country Package'
diff --git a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
-index 4a5481118..ad0ac07c1 100644
+index a7e8d3b52..4c2f002f1 100644
--- a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
@@ -1,6 +1,6 @@
@@ -21057,7 +21118,7 @@ index 4a5481118..ad0ac07c1 100644
title: 'Uninstall gssproxy Package'
diff --git a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
-index 8986513f2..ed60597a5 100644
+index 01e401020..0cc8215ca 100644
--- a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
@@ -1,6 +1,6 @@
@@ -21106,7 +21167,7 @@ index 68043ea54..3630b3518 100644
title: 'Install rear Package'
diff --git a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
-index 41a484f26..ff9887bac 100644
+index 53a5367fe..129c3fedb 100644
--- a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -21130,7 +21191,7 @@ index 02ba74f0c..4b9c4adb7 100644
title: 'Install scap-security-guide Package'
diff --git a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
-index f8b801181..93f932777 100644
+index a6e47f2ef..64b6f7c7d 100644
--- a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
@@ -1,6 +1,6 @@
@@ -21151,7 +21212,7 @@ index f8b801181..93f932777 100644
to interact with repositories and subscriptions
from the Red Hat entitlement platform - the subscription-manager and
diff --git a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
-index 48443defd..ef7abd74e 100644
+index 3828dc0be..6c4e1d485 100644
--- a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
@@ -1,6 +1,6 @@
@@ -21183,7 +21244,7 @@ index 34127fd17..e30b09600 100644
{{% if 'sle' in product %}}
{{{ bash_replace_or_append('/etc/zypp/zypp.conf', '^solver.upgradeRemoveDroppedPackages', 'true', '%s=%s') }}}
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
-index ee66181ab..ce062dc75 100644
+index d839d9e52..c45939901 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
@@ -1,6 +1,6 @@
@@ -21438,7 +21499,7 @@ index 2bf91c8ca..b5f520737 100644
{{{ bash_replace_or_append( pkg_manager_config_file , '^gpgcheck', '1') }}}
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
-index 91cd19e26..17852be3e 100644
+index 83eaf8f2e..3315f5d32 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
@@ -1,6 +1,6 @@
@@ -21450,7 +21511,7 @@ index 91cd19e26..17852be3e 100644
title: 'Ensure gpgcheck Enabled In Main {{{ pkg_manager }}} Configuration'
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
-index d02e8df1a..86fbb3be5 100644
+index 812b64d6e..68f1541bd 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
@@ -1,6 +1,6 @@
@@ -21482,7 +21543,7 @@ index 07e02fa47..ee1d023d9 100644
sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/zypp/repos.d/*
{{% else %}}
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
-index 64287817b..b387ae5ad 100644
+index dca8a5530..9ad20bdd6 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
@@ -1,6 +1,6 @@
@@ -21536,7 +21597,7 @@ index fd844d2a1..2932351f4 100644
# strategy = patch
# complexity = low
diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
-index 99aa0518a..332a361ec 100644
+index f0ef02332..2b99f80aa 100644
--- a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
+++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
@@ -1,6 +1,6 @@
@@ -21573,10 +21634,10 @@ index 5ae61e5d6..375ac3876 100644
diff --git a/products/almalinux9/CMakeLists.txt b/products/almalinux9/CMakeLists.txt
new file mode 100644
-index 000000000..b9614b81a
+index 000000000..64bc48764
--- /dev/null
+++ b/products/almalinux9/CMakeLists.txt
-@@ -0,0 +1,20 @@
+@@ -0,0 +1,24 @@
+# Sometimes our users will try to do: "cd almalinux9; cmake ." That needs to error in a nice way.
+if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}")
+ message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!")
@@ -21597,6 +21658,10 @@ index 000000000..b9614b81a
+# ssg_build_html_stig_tables(${PRODUCT} "stig")
+
+#ssg_build_html_stig_tables(${PRODUCT} "ospp")
++
++if(SSG_CENTOS_DERIVATIVES_ENABLED)
++ ssg_build_derivative_product(${PRODUCT} "centos" "cs9")
++endif()
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_enhanced-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_enhanced-ks.cfg
new file mode 100644
index 000000000..9d1d5433d
@@ -22207,11 +22272,11 @@ index 000000000..a32b40fe8
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ccn_advanced-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ccn_advanced-ks.cfg
new file mode 100644
-index 000000000..c0600a960
+index 000000000..cb28b823d
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-ccn_advanced-ks.cfg
@@ -0,0 +1,127 @@
-+# SCAP Security Guide CCN profile (Advanced) kickstart for AlmaLinux 9 Server
++# SCAP Security Guide CCN profile (Advanced) kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2023-07-18
+#
@@ -22340,11 +22405,11 @@ index 000000000..c0600a960
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ccn_basic-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ccn_basic-ks.cfg
new file mode 100644
-index 000000000..6030e1529
+index 000000000..7c1908d95
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-ccn_basic-ks.cfg
@@ -0,0 +1,127 @@
-+# SCAP Security Guide CCN profile (Basic) kickstart for AlmaLinux 9 Server
++# SCAP Security Guide CCN profile (Basic) kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2023-07-18
+#
@@ -22473,11 +22538,11 @@ index 000000000..6030e1529
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ccn_intermediate-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ccn_intermediate-ks.cfg
new file mode 100644
-index 000000000..ab7e6a6d8
+index 000000000..ef480185e
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-ccn_intermediate-ks.cfg
@@ -0,0 +1,127 @@
-+# SCAP Security Guide CCN profile (Intermediate) kickstart for AlmaLinux 9 Server
++# SCAP Security Guide CCN profile (Intermediate) kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2023-07-18
+#
@@ -22606,11 +22671,11 @@ index 000000000..ab7e6a6d8
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cis-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cis-ks.cfg
new file mode 100644
-index 000000000..36b23f1b4
+index 000000000..ba4ce715f
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-cis-ks.cfg
@@ -0,0 +1,131 @@
-+# SCAP Security Guide CIS profile (Level 2 - Server) kickstart for AlmaLinux 9 Server
++# SCAP Security Guide CIS profile (Level 2 - Server) kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2021-08-12
+#
@@ -22743,11 +22808,11 @@ index 000000000..36b23f1b4
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cis_server_l1-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cis_server_l1-ks.cfg
new file mode 100644
-index 000000000..9fa71fa28
+index 000000000..a0a8d04a8
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-cis_server_l1-ks.cfg
@@ -0,0 +1,131 @@
-+# SCAP Security Guide CIS profile (Level 1 - Server) kickstart for AlmaLinux 9 Server
++# SCAP Security Guide CIS profile (Level 1 - Server) kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2021-08-12
+#
@@ -22880,11 +22945,11 @@ index 000000000..9fa71fa28
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l1-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l1-ks.cfg
new file mode 100644
-index 000000000..31f8990bc
+index 000000000..13057dfa4
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l1-ks.cfg
@@ -0,0 +1,131 @@
-+# SCAP Security Guide CIS profile (Level 1 - Workstation) kickstart for AlmaLinux 9 Server
++# SCAP Security Guide CIS profile (Level 1 - Workstation) kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2021-08-12
+#
@@ -23017,11 +23082,11 @@ index 000000000..31f8990bc
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l2-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l2-ks.cfg
new file mode 100644
-index 000000000..b759130d7
+index 000000000..e0c2c5597
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l2-ks.cfg
@@ -0,0 +1,131 @@
-+# SCAP Security Guide CIS profile (Level 2 - Workstation) kickstart for AlmaLinux 9 Server
++# SCAP Security Guide CIS profile (Level 2 - Workstation) kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2021-08-12
+#
@@ -23309,11 +23374,11 @@ index 000000000..aae4b1f6a
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-e8-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-e8-ks.cfg
new file mode 100644
-index 000000000..9388ba6a3
+index 000000000..a412a21ae
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-e8-ks.cfg
@@ -0,0 +1,107 @@
-+# SCAP Security Guide Essential Eight profile kickstart for AlmaLinux 9 Server
++# SCAP Security Guide Essential Eight profile kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2021-07-13
+#
@@ -23422,11 +23487,11 @@ index 000000000..9388ba6a3
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-hipaa-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-hipaa-ks.cfg
new file mode 100644
-index 000000000..d72dd656f
+index 000000000..68114be4e
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-hipaa-ks.cfg
@@ -0,0 +1,107 @@
-+# SCAP Security Guide HIPAA profile kickstart for AlmaLinux 9 Server
++# SCAP Security Guide HIPAA profile kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2021-07-13
+#
@@ -23535,11 +23600,11 @@ index 000000000..d72dd656f
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ism_o-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ism_o-ks.cfg
new file mode 100644
-index 000000000..80056963b
+index 000000000..dedbd0e2c
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-ism_o-ks.cfg
@@ -0,0 +1,106 @@
-+# SCAP Security Guide ISM Official profile kickstart for AlmaLinux 9 Server
++# SCAP Security Guide ISM Official profile kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2021-08-16
+#
@@ -24447,10 +24512,10 @@ index 000000000..bdfb1cbd8
+
diff --git a/products/almalinux9/product.yml b/products/almalinux9/product.yml
new file mode 100644
-index 000000000..11ab5bae6
+index 000000000..62dfe730a
--- /dev/null
+++ b/products/almalinux9/product.yml
-@@ -0,0 +1,52 @@
+@@ -0,0 +1,54 @@
+product: almalinux9
+full_name: AlmaLinux 9
+type: platform
@@ -24483,6 +24548,7 @@ index 000000000..11ab5bae6
+
+faillock_path: "/var/log/faillock"
+
++# The fingerprints below are retrieved from https://almalinux.org/security/
+pkg_release: "61e69f29"
+pkg_version: "b86b3716"
+
@@ -24503,6 +24569,7 @@ index 000000000..11ab5bae6
+reference_uris:
+ cis: 'https://www.cisecurity.org/benchmark/almalinuxos_linux/'
+ ccn: 'https://www.ccn-cert.cni.es/pdf/guias/series-ccn-stic/guias-de-acceso-publico-ccn-stic/6768-ccn-stic-610a22-perfilado-de-seguridad-red-hat-enterprise-linux-9-0/file.html'
++
diff --git a/products/almalinux9/profiles/anssi_bp28_enhanced.profile b/products/almalinux9/profiles/anssi_bp28_enhanced.profile
new file mode 100644
index 000000000..62cbe1715
@@ -24683,7 +24750,7 @@ index 000000000..d9dea2fc9
+ - ccn_rhel9:all:intermediate
diff --git a/products/almalinux9/profiles/cis.profile b/products/almalinux9/profiles/cis.profile
new file mode 100644
-index 000000000..4dc49aaf1
+index 000000000..0f05c55e3
--- /dev/null
+++ b/products/almalinux9/profiles/cis.profile
@@ -0,0 +1,23 @@
@@ -24696,13 +24763,13 @@ index 000000000..4dc49aaf1
+ - vojtapolasek
+ - yuumasato
+
-+reference: https://www.cisecurity.org/benchmark/red_hat_linux/
++reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
+
+title: 'CIS AlmaLinux OS 9 Benchmark for Level 2 - Server'
+
+description: |-
+ This profile defines a baseline that aligns to the "Level 2 - Server"
-+ configuration from the Center for Internet Security®
++ configuration from the Center for Internet Security®
+ AlmaLinux OS 9 Benchmark™, v1.0.0, released 2022-12-12.
+
+ This profile includes Center for Internet Security®
@@ -24712,7 +24779,7 @@ index 000000000..4dc49aaf1
+ - cis_rhel9:all:l2_server
diff --git a/products/almalinux9/profiles/cis_server_l1.profile b/products/almalinux9/profiles/cis_server_l1.profile
new file mode 100644
-index 000000000..c3bec0982
+index 000000000..620ce309c
--- /dev/null
+++ b/products/almalinux9/profiles/cis_server_l1.profile
@@ -0,0 +1,23 @@
@@ -24725,13 +24792,13 @@ index 000000000..c3bec0982
+ - vojtapolasek
+ - yuumasato
+
-+reference: https://www.cisecurity.org/benchmark/red_hat_linux/
++reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
+
+title: 'CIS AlmaLinux OS 9 Benchmark for Level 1 - Server'
+
+description: |-
+ This profile defines a baseline that aligns to the "Level 1 - Server"
-+ configuration from the Center for Internet Security®
++ configuration from the Center for Internet Security®
+ AlmaLinux OS 9 Benchmark™, v1.0.0, released 2022-12-12.
+
+ This profile includes Center for Internet Security®
@@ -24741,7 +24808,7 @@ index 000000000..c3bec0982
+ - cis_rhel9:all:l1_server
diff --git a/products/almalinux9/profiles/cis_workstation_l1.profile b/products/almalinux9/profiles/cis_workstation_l1.profile
new file mode 100644
-index 000000000..8ac724cc8
+index 000000000..c7a10c92f
--- /dev/null
+++ b/products/almalinux9/profiles/cis_workstation_l1.profile
@@ -0,0 +1,23 @@
@@ -24754,13 +24821,13 @@ index 000000000..8ac724cc8
+ - vojtapolasek
+ - yuumasato
+
-+reference: https://www.cisecurity.org/benchmark/red_hat_linux/
++reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
+
+title: 'CIS AlmaLinux OS 9 Benchmark for Level 1 - Workstation'
+
+description: |-
+ This profile defines a baseline that aligns to the "Level 1 - Workstation"
-+ configuration from the Center for Internet Security®
++ configuration from the Center for Internet Security®
+ AlmaLinux OS 9 Benchmark™, v1.0.0, released 2022-12-12.
+
+ This profile includes Center for Internet Security®
@@ -24770,7 +24837,7 @@ index 000000000..8ac724cc8
+ - cis_rhel9:all:l1_workstation
diff --git a/products/almalinux9/profiles/cis_workstation_l2.profile b/products/almalinux9/profiles/cis_workstation_l2.profile
new file mode 100644
-index 000000000..1f2cb0f27
+index 000000000..0615c49d5
--- /dev/null
+++ b/products/almalinux9/profiles/cis_workstation_l2.profile
@@ -0,0 +1,24 @@
@@ -24783,13 +24850,13 @@ index 000000000..1f2cb0f27
+ - vojtapolasek
+ - yuumasato
+
-+reference: https://www.cisecurity.org/benchmark/red_hat_linux/
++reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
+
+title: 'CIS AlmaLinux OS 9 Benchmark for Level 2 - Workstation'
+
+description: |-
+ This profile defines a baseline that aligns to the "Level 2 - Workstation"
-+ configuration from the Center for Internet Security®
++ configuration from the Center for Internet Security®
+ AlmaLinux OS 9 Benchmark™, v1.0.0, released 2022-12-12.
+
+ This profile includes Center for Internet Security®
@@ -24800,7 +24867,7 @@ index 000000000..1f2cb0f27
+ - '!package_avahi_removed'
diff --git a/products/almalinux9/profiles/cui.profile b/products/almalinux9/profiles/cui.profile
new file mode 100644
-index 000000000..3f278237b
+index 000000000..8300a3c00
--- /dev/null
+++ b/products/almalinux9/profiles/cui.profile
@@ -0,0 +1,32 @@
@@ -24828,7 +24895,7 @@ index 000000000..3f278237b
+ supplement the basic security requirements, are taken from the security controls
+ in NIST Special Publication 800-53.
+
-+ This profile configures Red Hat Enterprise Linux 9 to the NIST Special
++ This profile configures AlmaLinux 9 to the NIST Special
+ Publication 800-53 controls identified for securing Controlled Unclassified
+ Information (CUI)."
+
@@ -24838,7 +24905,7 @@ index 000000000..3f278237b
+ - inactivity_timeout_value=10_minutes
diff --git a/products/almalinux9/profiles/e8.profile b/products/almalinux9/profiles/e8.profile
new file mode 100644
-index 000000000..79f116d1d
+index 000000000..ecd37ac86
--- /dev/null
+++ b/products/almalinux9/profiles/e8.profile
@@ -0,0 +1,153 @@
@@ -24854,7 +24921,7 @@ index 000000000..79f116d1d
+title: 'Australian Cyber Security Centre (ACSC) Essential Eight'
+
+description: |-
-+ This profile contains configuration checks for Red Hat Enterprise Linux 9
++ This profile contains configuration checks for AlmaLinux 9
+ that align to the Australian Cyber Security Centre (ACSC) Essential Eight.
+
+ A copy of the Essential Eight in Linux Environments guide can be found at the
@@ -24997,7 +25064,7 @@ index 000000000..79f116d1d
+ - package_rear_installed
diff --git a/products/almalinux9/profiles/hipaa.profile b/products/almalinux9/profiles/hipaa.profile
new file mode 100644
-index 000000000..976fc1e72
+index 000000000..6678a6a96
--- /dev/null
+++ b/products/almalinux9/profiles/hipaa.profile
@@ -0,0 +1,166 @@
@@ -25019,7 +25086,7 @@ index 000000000..976fc1e72
+ confidentiality, integrity, and security of electronic protected health
+ information.
+
-+ This profile configures Red Hat Enterprise Linux 9 to the HIPAA Security
++ This profile configures AlmaLinux 9 to the HIPAA Security
+ Rule identified for securing of electronic protected health information.
+ Use of this profile in no way guarantees or makes claims against legal compliance against the HIPAA Security Rule(s).
+
@@ -25169,7 +25236,7 @@ index 000000000..976fc1e72
+ - audit_rules_usergroup_modification_shadow
diff --git a/products/almalinux9/profiles/ism_o.profile b/products/almalinux9/profiles/ism_o.profile
new file mode 100644
-index 000000000..3cd0db691
+index 000000000..8c86a5552
--- /dev/null
+++ b/products/almalinux9/profiles/ism_o.profile
@@ -0,0 +1,138 @@
@@ -25188,12 +25255,12 @@ index 000000000..3cd0db691
+title: 'Australian Cyber Security Centre (ACSC) ISM Official'
+
+description: |-
-+ This profile contains configuration checks for Red Hat Enterprise Linux 9
++ This profile contains configuration checks for AlmaLinux 9
+ that align to the Australian Cyber Security Centre (ACSC) Information Security Manual (ISM)
+ with the applicability marking of OFFICIAL.
+
+ The ISM uses a risk-based approach to cyber security. This profile provides a guide to aligning
-+ Red Hat Enterprise Linux security controls with the ISM, which can be used to select controls
++ AlmaLinux security controls with the ISM, which can be used to select controls
+ specific to an organisation's security posture and risk profile.
+
+ A copy of the ISM can be found at the ACSC website:
@@ -25821,51 +25888,70 @@ index 000000000..707424189
+ - configure_kerberos_crypto_policy
diff --git a/products/almalinux9/profiles/stig.profile b/products/almalinux9/profiles/stig.profile
new file mode 100644
-index 000000000..a24132bae
+index 000000000..c461e7cd2
--- /dev/null
+++ b/products/almalinux9/profiles/stig.profile
-@@ -0,0 +1,19 @@
+@@ -0,0 +1,28 @@
+documentation_complete: true
+
+metadata:
-+ version: TBD
++ version: V1R1
+ SMEs:
+ - mab879
+ - ggbecker
+
+reference: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
+
-+title: '[DRAFT] DISA STIG for Red Hat Enterprise Linux 9'
++title: 'DISA STIG for Red Hat Enterprise Linux 9'
+
+description: |-
-+ This is a draft profile based on its RHEL8 version for experimental purposes.
-+ It is not based on the DISA STIG for RHEL9, because this one was not available at time of
-+ the release.
++ This profile contains configuration checks that align to the
++ DISA STIG for Red Hat Enterprise Linux 9 V1R1.
++
++ In addition to being applicable to Red Hat Enterprise Linux 9, DISA recognizes this
++ configuration baseline as applicable to the operating system tier of
++ Red Hat technologies that are based on Red Hat Enterprise Linux 9, such as:
++
++ - Red Hat Enterprise Linux Server
++ - Red Hat Enterprise Linux Workstation and Desktop
++ - Red Hat Enterprise Linux for HPC
++ - Red Hat Storage
++ - Red Hat Containers with a Red Hat Enterprise Linux 9 image
+
+selections:
-+ - srg_gpos:all
++ - stig_rhel9:all
diff --git a/products/almalinux9/profiles/stig_gui.profile b/products/almalinux9/profiles/stig_gui.profile
new file mode 100644
-index 000000000..ed7b1c7ff
+index 000000000..ca869ccde
--- /dev/null
+++ b/products/almalinux9/profiles/stig_gui.profile
-@@ -0,0 +1,38 @@
+@@ -0,0 +1,44 @@
+documentation_complete: true
+
+metadata:
-+ version: TBD
++ version: V1R1
+ SMEs:
+ - mab879
+ - ggbecker
+
+reference: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
+
-+title: '[DRAFT] DISA STIG with GUI for Red Hat Enterprise Linux 9'
++title: 'DISA STIG with GUI for Red Hat Enterprise Linux 9'
+
+description: |-
-+ This is a draft profile based on its RHEL8 version for experimental purposes.
-+ It is not based on the DISA STIG for RHEL9, because this one was not available at time of
-+ the release.
++ This profile contains configuration checks that align to the
++ DISA STIG for Red Hat Enterprise Linux 9 V1R1.
++
++
++ In addition to being applicable to Red Hat Enterprise Linux 9, DISA recognizes this
++ configuration baseline as applicable to the operating system tier of
++ Red Hat technologies that are based on Red Hat Enterprise Linux 9, such as:
++
++ - Red Hat Enterprise Linux Server
++ - Red Hat Enterprise Linux Workstation and Desktop
++ - Red Hat Enterprise Linux for HPC
++ - Red Hat Storage
++ - Red Hat Containers with a Red Hat Enterprise Linux 9 image
+
+ Warning: The installation and use of a Graphical User Interface (GUI)
+ increases your attack vector and decreases your overall security posture. If
@@ -25876,17 +25962,13 @@ index 000000000..ed7b1c7ff
+extends: stig
+
+selections:
-+ # RHEL-08-040320
++ # RHEL-09-215070
+ - '!xwindows_remove_packages'
+
-+ # RHEL-08-040321
++ # RHEL-09-211030
+ - '!xwindows_runlevel_target'
+
-+ # SRG-OS-000480-GPOS-00227
-+ - '!package_gdm_removed'
-+ - '!package_xorg-x11-server-common_removed'
-+
-+ # SRG-OS-000095-GPOS-00049
++ # RHEL-09-215025
+ - '!package_nfs-utils_removed'
diff --git a/products/almalinux9/transforms/constants.xslt b/products/almalinux9/transforms/constants.xslt
new file mode 100644
@@ -26029,7 +26111,7 @@ index affb9770c..7273e6d7d 100644
multi_platform_sle
multi_platform_ubuntu
diff --git a/shared/references/disa-stig-ol7-v2r11-xccdf-manual.xml b/shared/references/disa-stig-ol7-v2r11-xccdf-manual.xml
-index f1607eb65..8db20f544 100644
+index 7d240fe02..b311997bb 100644
--- a/shared/references/disa-stig-ol7-v2r11-xccdf-manual.xml
+++ b/shared/references/disa-stig-ol7-v2r11-xccdf-manual.xml
@@ -929,7 +929,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
@@ -26137,7 +26219,7 @@ index 8181b3b09..364c07f42 100644
export superusers
diff --git a/shared/references/disa-stig-rhel7-v3r12-xccdf-manual.xml b/shared/references/disa-stig-rhel7-v3r12-xccdf-manual.xml
-index 061ac2bac..aac521349 100644
+index 23f4d10ba..1deead50b 100644
--- a/shared/references/disa-stig-rhel7-v3r12-xccdf-manual.xml
+++ b/shared/references/disa-stig-rhel7-v3r12-xccdf-manual.xml
@@ -906,7 +906,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
@@ -26210,7 +26292,7 @@ index 061ac2bac..aac521349 100644
export superusers
diff --git a/shared/references/disa-stig-rhel7-v3r12-xccdf-scap.xml b/shared/references/disa-stig-rhel7-v3r12-xccdf-scap.xml
-index 6c1f3f917..726bbd515 100644
+index 6d3098742..fe60061cd 100644
--- a/shared/references/disa-stig-rhel7-v3r12-xccdf-scap.xml
+++ b/shared/references/disa-stig-rhel7-v3r12-xccdf-scap.xml
@@ -3228,7 +3228,7 @@ Confirm password:
@@ -26231,178 +26313,222 @@ index 6c1f3f917..726bbd515 100644
If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=<partition of /boot or /boot/efi> must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
-@@ -7538,6 +7538,7 @@ Remove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/
+@@ -7537,7 +7537,8 @@ Remove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/
+ Disable Prelinking
multi_platform_fedora
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
multi_platform_rhel-osp
The prelinking feature can interfere with the operation of
-@@ -7569,6 +7570,7 @@ Remove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/
+@@ -7568,7 +7569,8 @@ Remove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/
+
Package openssh-server Removed
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
multi_platform_fedora
multi_platform_sle
-@@ -8340,6 +8342,7 @@ Password complexity is one factor of several that determines how long it takes t
+@@ -8339,7 +8341,8 @@ Password complexity is one factor of several that determines how long it takes t
+
Limit Password Reuse
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
multi_platform_fedora
The passwords to remember should be set correctly.
-@@ -8356,6 +8359,7 @@ Password complexity is one factor of several that determines how long it takes t
+@@ -8355,7 +8358,8 @@ Password complexity is one factor of several that determines how long it takes t
+
RHEL-07-040160 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements.
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free up resources committed by the managed network element.
-@@ -8413,6 +8417,7 @@ Terminating network connections associated with communications sessions includes
+@@ -8412,7 +8416,8 @@ Terminating network connections associated with communications sessions includes
+
RHEL-07-030410 - The Red Hat Enterprise Linux operating system must audit all uses of the chmod, fchmod and fchmodat syscalls.
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
-@@ -8469,6 +8474,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -8468,7 +8473,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
RHEL-07-030370 - The Red Hat Enterprise Linux operating system must audit all uses of the chown, fchown, fchownat and lchown syscalls.
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
-@@ -8515,6 +8521,7 @@ When a user logs on, the auid is set to the uid of the account that is being aut
+@@ -8514,7 +8520,8 @@ When a user logs on, the auid is set to the uid of the account that is being aut
+
RHEL-07-030440 - The Red Hat Enterprise Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr and lremovexattr syscalls.
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
-@@ -9612,6 +9619,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9611,7 +9618,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
Disable Host-Based Authentication
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
SSH host-based authentication should be disabled.
-@@ -9627,6 +9635,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9626,7 +9634,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
Package prelink Removed
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
The RPM package prelink should be removed.
-@@ -9770,6 +9779,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9769,7 +9778,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
Mount Remote Filesystems with nosuid
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
-@@ -9800,6 +9810,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9799,7 +9809,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
Package net-snmp Removed
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
The RPM package net-snmp should be removed.
-@@ -9827,6 +9838,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9826,7 +9837,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
Package telnet-server Removed
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
The RPM package telnet-server should be removed.
-@@ -9855,6 +9867,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9854,7 +9866,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
Package vsftpd Removed
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
The RPM package vsftpd should be removed.
-@@ -9868,6 +9881,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9867,7 +9880,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
Package xorg-x11-server-common Removed
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
multi_platform_fedora
-@@ -9897,6 +9911,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9896,7 +9910,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
Ensure /home Located On Separate Partition
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
If user home directories will be stored locally, create a
separate partition for /home. If /home will be mounted from another
-@@ -9915,6 +9930,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9914,7 +9929,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
Ensure /var Located On Separate Partition
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
-@@ -9933,6 +9949,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9932,7 +9948,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
Ensure /var/log/audit Located On Separate Partition
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
-@@ -9952,6 +9969,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -9951,7 +9968,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+ Verify File Hashes with RPM
multi_platform_fedora
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
Verify the RPM digests of system binaries using the RPM database.
-@@ -10026,6 +10044,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -10025,7 +10043,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
Ensure Only Protocol 2 Connections Allowed
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
multi_platform_debian
multi_platform_ubuntu
-@@ -10062,6 +10081,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -10061,7 +10080,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+
Disable .rhosts Files
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
-@@ -10127,6 +10147,7 @@ This should be disabled.
+@@ -10126,7 +10146,8 @@ This should be disabled.
+
Do Not Allow Users to Set Environment Options
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
PermitUserEnvironment should be disabled
-@@ -10476,6 +10497,7 @@ By specifying a cipher list with the order of ciphers being in a "strongest to w
+@@ -10475,7 +10496,8 @@ By specifying a cipher list with the order of ciphers being in a "strongest to w
+
Package openssh-server is version 7.4 or higher
- multi_platform_rhel
+- multi_platform_rhel
++ multi_platform_rhel
+multi_platform_almalinux
multi_platform_fedora
multi_platform_sle
@@ -26562,7 +26688,7 @@ index a6e6e2c0b..6352e2e24 100644
/boot/grub2/grub.cfg
diff --git a/shared/references/disa-stig-rhel8-v1r11-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v1r11-xccdf-manual.xml
-index 747e322d8..2fd54a056 100644
+index 403903215..c192556f6 100644
--- a/shared/references/disa-stig-rhel8-v1r11-xccdf-manual.xml
+++ b/shared/references/disa-stig-rhel8-v1r11-xccdf-manual.xml
@@ -376,7 +376,7 @@ SHA_CRYPT_MIN_ROUNDS 5000