diff --git a/SOURCES/0001-Add-AlmaLinux-8-support.patch b/SOURCES/0001-Add-AlmaLinux-8-support.patch index 6f44d91..0902f7f 100644 --- a/SOURCES/0001-Add-AlmaLinux-8-support.patch +++ b/SOURCES/0001-Add-AlmaLinux-8-support.patch @@ -1,8 +1,8 @@ diff --git a/CMakeLists.txt b/CMakeLists.txt -index 19424601..e1d5ca01 100644 +index 3e122ae2..29803a99 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -64,6 +64,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui +@@ -67,6 +67,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui # Products to build content for. These generally correspond to directories in # the root of this project. Note that the example product is always disabled # unless explicitly asked for. @@ -10,7 +10,7 @@ index 19424601..e1d5ca01 100644 option(SSG_PRODUCT_CHROMIUM "If enabled, the Chromium SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_DEBIAN9 "If enabled, the Debian 9 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_DEBIAN10 "If enabled, the Debian 10 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) -@@ -259,6 +260,7 @@ endif() +@@ -272,6 +273,7 @@ message(STATUS "STIG Delta Taloring files: ${SSG_BUILD_DISA_DELTA_FILES}") message(STATUS " ") message(STATUS "Products:") @@ -18,7 +18,7 @@ index 19424601..e1d5ca01 100644 message(STATUS "Chromium: ${SSG_PRODUCT_CHROMIUM}") message(STATUS "Debian 9: ${SSG_PRODUCT_DEBIAN9}") message(STATUS "Debian 10: ${SSG_PRODUCT_DEBIAN10}") -@@ -325,6 +327,9 @@ ssg_build_bash_remediation_functions() +@@ -338,6 +340,9 @@ endif() ssg_build_man_page() @@ -29,22 +29,44 @@ index 19424601..e1d5ca01 100644 add_subdirectory("products/chromium" "chromium") endif() diff --git a/build_product b/build_product -index 8a186fba..9e03f675 100755 +index 1ba2e099..13413929 100755 --- a/build_product +++ b/build_product @@ -282,6 +282,7 @@ set_explict_build_targets() { # Get this using # grep 'option(SSG_PRODUCT' CMakeLists.txt | sed -e 's/option(SSG_PRODUCT_\(\w\+\).*/\1/' all_cmake_products=( -+ ALMALINUX8 ++ ALMALINUX8 CHROMIUM DEBIAN9 DEBIAN10 +diff --git a/cmake/SSGCommon.cmake b/cmake/SSGCommon.cmake +index 9c2550cf..ec748556 100644 +--- a/cmake/SSGCommon.cmake ++++ b/cmake/SSGCommon.cmake +@@ -900,7 +900,7 @@ macro(ssg_build_product PRODUCT) + add_dependencies(html-stats ${PRODUCT}-html-stats) + add_dependencies(html-profile-stats ${PRODUCT}-html-profile-stats) + +- if (SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "rhel(7|8)") ++ if (SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "almalinux8") + ssg_build_disa_delta(${PRODUCT} "stig") + add_dependencies(${PRODUCT} generate-ssg-delta-${PRODUCT}-stig) + endif() diff --git a/controls/anssi.yml b/controls/anssi.yml -index 7737e67e..d9527752 100644 +index 5c3d5f34..960aecff 100644 --- a/controls/anssi.yml +++ b/controls/anssi.yml -@@ -292,7 +292,7 @@ controls: +@@ -198,7 +198,7 @@ controls: + levels: + - intermediary + title: Partitioning type +- notes: >- ++ notes: >- + The rule for the /proc file system is not implemented + status: partial + rules: +@@ -293,7 +293,7 @@ controls: - ensure_gpgcheck_never_disabled - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages @@ -53,20 +75,29 @@ index 7737e67e..d9527752 100644 - ensure_oracle_gpgkey_installed - id: R16 +@@ -584,7 +584,7 @@ controls: + - sysctl_kernel_perf_event_max_sample_rate + - sysctl_kernel_perf_cpu_time_max_percent + +- ++ + - id: R24 + levels: + - enhanced diff --git a/controls/cis_rhel8.yml b/controls/cis_rhel8.yml -index c0d3f5f4..35bf6bd9 100644 +index 005c94c0..94241308 100644 --- a/controls/cis_rhel8.yml +++ b/controls/cis_rhel8.yml @@ -283,7 +283,7 @@ controls: - l1_workstation - automated: no + status: manual related_rules: - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - id: 1.2.4 title: Ensure gpgcheck is globally activated (Automated) -@@ -1743,7 +1743,7 @@ controls: +@@ -1752,7 +1752,7 @@ controls: # NEEDS RULE # The current sshd_enable_warning_banner rule uses /etc/issue instead # of the /etc/issue.net that the benchmark expects. @@ -124,33 +155,33 @@ index 0db51bd1..b7cf62ec 100644 title: 'Restrict Information Published by Avahi' diff --git a/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml b/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml -index d76a96c7..9375ec19 100644 +index 2d30e4c2..7cb54017 100644 --- a/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml +++ b/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Disable Avahi Server Software' diff --git a/linux_os/guide/services/base/package_abrt_removed/rule.yml b/linux_os/guide/services/base/package_abrt_removed/rule.yml -index e05c15f7..0f37bf27 100644 +index 1c823d79..49db8255 100644 --- a/linux_os/guide/services/base/package_abrt_removed/rule.yml +++ b/linux_os/guide/services/base/package_abrt_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9 +-prodtype: fedora,ol7,ol8,rhel7,rhel8 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8 title: 'Uninstall Automatic Bug Reporting Tool (abrt)' -@@ -27,7 +27,7 @@ identifiers: - references: +@@ -28,7 +28,7 @@ references: disa: CCI-000381 srg: SRG-OS-000095-GPOS-00049 + stigid@ol8: OL08-00-040001 - stigid@rhel8: RHEL-08-040001 + stigid@almalinux8: RHEL-08-040001 @@ -169,14 +200,14 @@ index b5a0e717..0b6a33ff 100644 title: 'Install the psacct package' diff --git a/linux_os/guide/services/base/service_abrtd_disabled/rule.yml b/linux_os/guide/services/base/service_abrtd_disabled/rule.yml -index d256bd67..cb2d218f 100644 +index eb9cbc32..c1c37672 100644 --- a/linux_os/guide/services/base/service_abrtd_disabled/rule.yml +++ b/linux_os/guide/services/base/service_abrtd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9 +-prodtype: ol7,ol8,rhel7,rhel8 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8 title: 'Disable Automatic Bug Reporting Tool (abrtd)' @@ -205,14 +236,14 @@ index 095ff4a2..3cb513e8 100644 title: 'Disable Certmonger Service (certmonger)' diff --git a/linux_os/guide/services/base/service_cockpit_disabled/rule.yml b/linux_os/guide/services/base/service_cockpit_disabled/rule.yml -index 9f84398d..acd7e3c1 100644 +index 95232c12..0ac38103 100644 --- a/linux_os/guide/services/base/service_cockpit_disabled/rule.yml +++ b/linux_os/guide/services/base/service_cockpit_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9 title: 'Disable Cockpit Management Server' @@ -238,7 +269,7 @@ index 1f6a233e..9f3a4d6b 100644 kdump --disable diff --git a/linux_os/guide/services/base/service_kdump_disabled/rule.yml b/linux_os/guide/services/base/service_kdump_disabled/rule.yml -index ce021c74..91fe4ec4 100644 +index 81d24c22..16792f7b 100644 --- a/linux_os/guide/services/base/service_kdump_disabled/rule.yml +++ b/linux_os/guide/services/base/service_kdump_disabled/rule.yml @@ -1,6 +1,6 @@ @@ -249,9 +280,9 @@ index ce021c74..91fe4ec4 100644 title: 'Disable KDump Kernel Crash Analyzer (kdump)' -@@ -40,7 +40,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -41,7 +41,7 @@ references: stigid@ol7: OL07-00-021300 + stigid@ol8: OL08-00-010670 stigid@rhel7: RHEL-07-021300 - stigid@rhel8: RHEL-08-010670 + stigid@almalinux8: RHEL-08-010670 @@ -428,245 +459,305 @@ index 93206153..0ac567a3 100644 title: 'Disable anacron Service' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml -index 23f77426..2821e287 100644 +index 477e0e45..e103fe85 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Group Who Owns cron.d' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml -index 94e31f5e..2937a41c 100644 +index 029e9657..20ad74e1 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Group Who Owns cron.daily' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml -index f5b9c87f..f60b09b3 100644 +index 9d0902f9..30d46124 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Group Who Owns cron.hourly' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml -index 61f87879..f1fe2e98 100644 +index a20878d7..e697560e 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Group Who Owns cron.monthly' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml -index 35d4324c..827a33e8 100644 +index 710a88f7..d913e3cd 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Group Who Owns cron.weekly' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml -index c3986461..dcab852d 100644 +index e14e78ad..2de486fd 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Group Who Owns Crontab' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml -index 2106fc0e..8f823e14 100644 +index 8e0659f0..645dfaad 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Owner on cron.d' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml -index 09f8b220..4ada81e5 100644 +index e0380966..8d8cb832 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Owner on cron.daily' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml -index ce3210e1..531f5e0b 100644 +index e4b9e57f..fd8fe7eb 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Owner on cron.hourly' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml -index d66eb78e..5f0b15b5 100644 +index ceaa0424..4f8abe13 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Owner on cron.monthly' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml -index b29ae87f..fdcff62c 100644 +index 20185169..f28ea4b0 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Owner on cron.weekly' diff --git a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml -index a28d4fa7..7c901490 100644 +index 7f54d498..6e77f9d7 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Owner on crontab' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml -index 7310cfba..f63a83e4 100644 +index a45701d1..7bced050 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Permissions on cron.d' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml -index 69eac888..05e342a2 100644 +index 77c847f1..2a9f3d11 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Permissions on cron.daily' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml -index 256f1707..0a85690e 100644 +index bb419f05..2db51c7f 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Permissions on cron.hourly' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml -index 7713a468..6df6fcd5 100644 +index 20f35979..3a9a0eb9 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Permissions on cron.monthly' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml -index c111a154..fc12a722 100644 +index 164e724f..2661d33a 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Permissions on cron.weekly' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml -index 1cf1d414..6cb9298f 100644 +index 7be734c2..c5329e50 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Permissions on crontab' +diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml +index 681f009c..2ab097ff 100644 +--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml ++++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: fedora,rhel7,rhel8,rhel9 ++prodtype: fedora,rhel7,rhel8,almalinux8,rhel9 + + title: 'Ensure that /etc/at.deny does not exist' + +diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml +index e03812bc..df09d43b 100644 +--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml ++++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: fedora,rhel7,rhel8,rhel9,sle15 ++prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,sle15 + + title: 'Ensure that /etc/cron.deny does not exist' + +diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml +index 1fc8763a..30f03d6d 100644 +--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml ++++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 + + title: 'Verify Group Who Owns /etc/at.allow file' + diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml -index 59a432ee..d6d22fc0 100644 +index 77066c6c..49467074 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Verify Group Who Owns /etc/cron.allow file' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml -index f68f9293..c86deea0 100644 +index 3d4f9996..79523128 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Verify User Who Owns /etc/cron.allow file' +diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml +index 8da1a95a..c854e9f8 100644 +--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml ++++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 + + title: 'Verify Permissions on /etc/at.allow file' + +diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml +index 33ebca60..8b3a62ee 100644 +--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml ++++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004 + + title: 'Verify Permissions on /etc/cron.allow file' + diff --git a/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml b/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml index f710f01e..2a19ca89 100644 --- a/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml @@ -680,14 +771,14 @@ index f710f01e..2a19ca89 100644 title: 'Disable At Service (atd)' diff --git a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml -index 96998c18..05f33306 100644 +index dffcf36a..1b4e7a92 100644 --- a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml +++ b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Enable cron Service' @@ -752,14 +843,14 @@ index 6c9c0b02..bda84dff 100644 title: 'Disable DHCP Client in ifcfg' diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml b/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml -index d66078ac..8ced3d6f 100644 +index e5a25eef..4b5f8de1 100644 --- a/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml +++ b/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2004 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Uninstall DHCP Server Package' @@ -775,37 +866,15 @@ index 79a554aa..e0f3407a 100644 title: 'Disable DHCP Service' -diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/tests/rhel8_disabled.pass.sh b/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/tests/rhel8_disabled.pass.sh -index 106fa973..8b336374 100644 ---- a/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/tests/rhel8_disabled.pass.sh -+++ b/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/tests/rhel8_disabled.pass.sh -@@ -1,5 +1,5 @@ - #!/bin/bash --# platform = Red Hat Enterprise Linux 8 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8 - # packages = dhcp-server - - systemctl stop dhcpd -diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/tests/rhel8_enabled.fail.sh b/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/tests/rhel8_enabled.fail.sh -index 83a1887e..6e803cf5 100644 ---- a/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/tests/rhel8_enabled.fail.sh -+++ b/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/tests/rhel8_enabled.fail.sh -@@ -1,5 +1,5 @@ - #!/bin/bash --# platform = Red Hat Enterprise Linux 8 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8 - # packages = dhcp-server - - # Simple configuration for dhcp so we can start the service diff --git a/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml b/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml -index 0c0afbed..68e94178 100644 +index d973c70d..ef687b87 100644 --- a/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml +++ b/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,ubuntu2004 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Uninstall bind Package' @@ -858,7 +927,7 @@ index 05aa2344..8c441644 100644 title: 'Disable Zone Transfers from the Nameserver' diff --git a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml -index 1c526f6b..05d61a7b 100644 +index e3fd65ec..93777b3d 100644 --- a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml +++ b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml @@ -1,6 +1,6 @@ @@ -869,17 +938,17 @@ index 1c526f6b..05d61a7b 100644 title: 'Install fapolicyd Package' -@@ -22,7 +22,7 @@ references: - disa: CCI-001764 +@@ -23,7 +23,7 @@ references: nist: CM-6(a),SI-4(22) srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154 + stigid@ol8: OL08-00-040135 - stigid@rhel8: RHEL-08-040135 + stigid@almalinux8: RHEL-08-040135 ocil_clause: 'the package is not installed' diff --git a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml -index 4a1cd166..2f00a8c2 100644 +index 35e7b5cd..411951b5 100644 --- a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml +++ b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml @@ -1,6 +1,6 @@ @@ -890,17 +959,17 @@ index 4a1cd166..2f00a8c2 100644 title: 'Enable the File Access Policy Service' -@@ -24,7 +24,7 @@ references: - nist: CM-6(a),SI-4(22) +@@ -25,7 +25,7 @@ references: ospp: FMT_SMF_EXT.1 srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154 + stigid@ol8: OL08-00-040136 - stigid@rhel8: RHEL-08-040136 + stigid@almalinux8: RHEL-08-040136 ocil_clause: 'the service is not enabled' diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml -index 4602d5c7..2805c73a 100644 +index 0b69920d..32d9ba12 100644 --- a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml +++ b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml @@ -1,6 +1,6 @@ @@ -911,15 +980,15 @@ index 4602d5c7..2805c73a 100644 title: 'Uninstall vsftpd Package' -@@ -33,7 +33,7 @@ references: - srg: SRG-OS-000074-GPOS-00042,SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227 +@@ -36,7 +36,7 @@ references: stigid@ol7: OL07-00-040690 + stigid@ol8: OL08-00-040360 stigid@rhel7: RHEL-07-040690 - stigid@rhel8: RHEL-08-040360 + stigid@almalinux8: RHEL-08-040360 stigid@sle12: SLES-12-030011 stigid@sle15: SLES-15-010030 - + diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml index bdd7f045..d613b728 100644 --- a/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml @@ -1005,14 +1074,14 @@ index 6aa51e73..289415f1 100644 title: 'Install vsftpd Package' diff --git a/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml b/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml -index 0f543c9b..1e2a4465 100644 +index 13297588..33c7f7fd 100644 --- a/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml +++ b/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Uninstall httpd Package' @@ -1761,14 +1830,14 @@ index d88e1120..5744fe45 100644 title: 'Enable the SSL flag in /etc/dovecot.conf' diff --git a/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml b/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml -index 8b31a76b..30c73587 100644 +index f15f25e4..fadc6b84 100644 --- a/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml +++ b/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Uninstall dovecot Package' @@ -1785,13 +1854,13 @@ index d460c186..46ebf86a 100644 title: 'Disable Dovecot Service' diff --git a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml -index d6bf12ad..892bd7bd 100644 +index c943a315..7c7ed0d2 100644 --- a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml +++ b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml -@@ -22,7 +22,7 @@ references: - ism: 0418,1055,1402 +@@ -23,7 +23,7 @@ references: ospp: FTP_ITC_EXT.1 srg: SRG-OS-000120-GPOS-00061 + stigid@ol8: OL08-00-010161 - stigid@rhel8: RHEL-08-010161 + stigid@almalinux8: RHEL-08-010161 @@ -1810,14 +1879,14 @@ index 52efaf10..b6a8f0fb 100644 title: 'Remove the Kerberos Server Package' diff --git a/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml b/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml -index a85ce9dd..c8551652 100644 +index a4bd1fc3..727dc22a 100644 --- a/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml +++ b/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhcos4,rhel7,rhel8 -+prodtype: rhcos4,rhel7,rhel8,almalinux8 +-prodtype: rhcos4,rhel7,rhel8,rhel9 ++prodtype: rhcos4,rhel7,rhel8,almalinux8,rhel9 title: 'Uninstall 389-ds-base Package' @@ -1834,15 +1903,15 @@ index 9a86c7ab..5a8e1fda 100644 title: 'Enable the LDAP Client For Use in Authconfig' diff --git a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh -index fbaef339..0e7f24c3 100644 +index 3fb71a04..acb34bba 100644 --- a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh +++ b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Virtualization 4,multi_platform_rhel +# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + # Use LDAP for authentication diff --git a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/rule.yml b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/rule.yml index 4f64afff..348ddaa5 100644 --- a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/rule.yml @@ -1868,31 +1937,43 @@ index e05e43a9..9ea470b8 100644 title: 'Configure Certificate Directives for LDAP Use of TLS' diff --git a/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml b/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml -index e5f56cb0..f368cc2b 100644 +index 0bccc020..9fff25e3 100644 --- a/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml +++ b/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Ensure LDAP client is not installed' diff --git a/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml b/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml -index c39d7eaa..44f46747 100644 +index 95601fbd..17f118fd 100644 --- a/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml +++ b/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Uninstall openldap-servers Package' +diff --git a/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml b/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml +index 542f70ae..5071e907 100644 +--- a/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml ++++ b/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: rhel8,rhel9 ++prodtype: rhel8,almalinux8,rhel9 + + title: 'Disable LDAP Server (slapd)' + diff --git a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml -index e423e23e..5f1be867 100644 +index fe7861b6..c1d6dd84 100644 --- a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml +++ b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml @@ -1,6 +1,6 @@ @@ -1903,23 +1984,23 @@ index e423e23e..5f1be867 100644 title: 'Uninstall Sendmail Package' -@@ -32,7 +32,7 @@ references: - nist: CM-7(a),CM-7(b),CM-6(a) +@@ -33,7 +33,7 @@ references: nist-csf: PR.IP-1,PR.PT-3 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000095-GPOS-00049 + stigid@ol8: OL08-00-040002 - stigid@rhel8: RHEL-08-040002 + stigid@almalinux8: RHEL-08-040002 {{{ complete_ocil_entry_package(package="sendmail") }}} diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/rule.yml -index f36e8751..192706bc 100644 +index dc68aace..e056f370 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/rule.yml +++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/rule.yml -@@ -31,7 +31,7 @@ references: - nist: CM-6(a) +@@ -32,7 +32,7 @@ references: nist@sle12: AU-5(a),AU-5.1(ii) srg: SRG-OS-000046-GPOS-00022 + stigid@ol8: OL08-00-030030 - stigid@rhel8: RHEL-08-030030 + stigid@almalinux8: RHEL-08-030030 stigid@sle12: SLES-12-020050 @@ -1936,24 +2017,24 @@ index e1c9d00d..df00159e 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh -index 2ef07dd1..13153d5d 100644 +index bd6f4236..16f610e5 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh +++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_postfix_inet_interfaces") }}} + diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml -index 096020ef..9c4f38a6 100644 +index 6441e452..e694725d 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml +++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Disable Postfix Network Listening' @@ -1969,31 +2050,21 @@ index e169429a..d9f0688b 100644 title: 'Configure SMTP Greeting Banner' -diff --git a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/bash/shared.sh b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/bash/shared.sh -index 20230621..be441dc9 100644 ---- a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/bash/shared.sh -+++ b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = multi_platform_ol,multi_platform_wrlinux,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8 -+# platform = multi_platform_ol,multi_platform_wrlinux,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8 - - if ! grep -q ^smtpd_client_restrictions /etc/postfix/main.cf; then - echo "smtpd_client_restrictions = permit_mynetworks,reject" >> /etc/postfix/main.cf diff --git a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml -index 9b4c7656..fbb2dd34 100644 +index 5ccf6ffc..d7a9bacd 100644 --- a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml +++ b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,wrlinux1019 title: 'Prevent Unrestricted Mail Relaying' -@@ -25,7 +25,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -27,7 +27,7 @@ references: stigid@ol7: OL07-00-040680 + stigid@ol8: OL08-00-040290 stigid@rhel7: RHEL-07-040680 - stigid@rhel8: RHEL-08-040290 + stigid@almalinux8: RHEL-08-040290 @@ -2001,14 +2072,14 @@ index 9b4c7656..fbb2dd34 100644 ocil_clause: 'it is not' diff --git a/linux_os/guide/services/mail/service_postfix_enabled/rule.yml b/linux_os/guide/services/mail/service_postfix_enabled/rule.yml -index 0906d520..b2edb453 100644 +index 1399f5d5..f85ba23a 100644 --- a/linux_os/guide/services/mail/service_postfix_enabled/rule.yml +++ b/linux_os/guide/services/mail/service_postfix_enabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Enable Postfix Service' @@ -2025,14 +2096,14 @@ index 2524bf79..e398c312 100644 title: 'Disable Network File System Lock Service (nfslock)' diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml -index a44f0c1c..b0ed3ec0 100644 +index 760147e1..04593972 100644 --- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Disable rpcbind Service' @@ -2132,10 +2203,10 @@ index f99879c8..6224464d 100644 title: 'Disable Network File System (nfs)' -diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/disabled.pass.sh b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/disabled.pass.sh +diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_disabled.pass.sh b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_disabled.pass.sh index 30af5520..722a8f2e 100644 ---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/disabled.pass.sh -+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/disabled.pass.sh +--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_disabled.pass.sh ++++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_disabled.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash -# platform = multi_platform_rhel,multi_platform_fedora @@ -2143,10 +2214,10 @@ index 30af5520..722a8f2e 100644 # packages = nfs-utils systemctl stop nfs-server -diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/enabled.fail.sh b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/enabled.fail.sh +diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_enabled.fail.sh b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_enabled.fail.sh index 8e4eee8b..db823921 100644 ---- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/enabled.fail.sh -+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/enabled.fail.sh +--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_enabled.fail.sh ++++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/tests/service_enabled.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash -# platform = multi_platform_rhel,multi_platform_fedora @@ -2179,28 +2250,28 @@ index 65bcba60..97f66925 100644 title: 'Mount Remote Filesystems with Kerberos Security' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml -index d63203f4..c7e60f8c 100644 +index 202e0864..3fcea47e 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,rhv4 -+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 title: 'Mount Remote Filesystems with nodev' -@@ -27,7 +27,7 @@ references: - nist: CM-6(a),MP-2 +@@ -28,7 +28,7 @@ references: nist-csf: PR.IP-1,PR.PT-2,PR.PT-3 srg: SRG-OS-000480-GPOS-00227 + stigid@ol8: OL08-00-010640 - stigid@rhel8: RHEL-08-010640 + stigid@almalinux8: RHEL-08-010640 ocil_clause: 'the setting does not show' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml -index 1cf30f82..03862b9c 100644 +index 940b1eb8..ec1c49a8 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml @@ -1,6 +1,6 @@ @@ -2211,9 +2282,9 @@ index 1cf30f82..03862b9c 100644 title: 'Mount Remote Filesystems with noexec' -@@ -33,7 +33,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -34,7 +34,7 @@ references: stigid@ol7: OL07-00-021021 + stigid@ol8: OL08-00-010630 stigid@rhel7: RHEL-07-021021 - stigid@rhel8: RHEL-08-010630 + stigid@almalinux8: RHEL-08-010630 @@ -2221,7 +2292,7 @@ index 1cf30f82..03862b9c 100644 stigid@sle15: SLES-15-040170 diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml -index e49d8c01..f8b49e72 100644 +index 2d1fd79f..bd8ec080 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml @@ -1,6 +1,6 @@ @@ -2232,9 +2303,9 @@ index e49d8c01..f8b49e72 100644 title: 'Mount Remote Filesystems with nosuid' -@@ -31,7 +31,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -32,7 +32,7 @@ references: stigid@ol7: OL07-00-021020 + stigid@ol8: OL08-00-010650 stigid@rhel7: RHEL-07-021020 - stigid@rhel8: RHEL-08-010650 + stigid@almalinux8: RHEL-08-010650 @@ -2266,14 +2337,14 @@ index 0978d54c..00145705 100644 title: 'Restrict NFS Clients to Privileged Ports' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml -index 2bffffda..912a4d99 100644 +index 9176e00b..85034a83 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Use Kerberos Security on All Exports' @@ -2290,27 +2361,27 @@ index c5983cbe..0f39d0ff 100644 title: 'Use Root-Squashing on All Exports' diff --git a/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml b/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml -index 887320e1..3e194ea1 100644 +index 4a6e5254..cc9ac42e 100644 --- a/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Uninstall nfs-utils Package' diff --git a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh -index f6c14e4f..c2a7dfc4 100644 +index f3d9ac33..1ba1ab9c 100644 --- a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol - # Include source function library - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_replace_or_append("/etc/chrony.conf", '^port', '0', '%s %s') }}} diff --git a/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml index a97cf1a9..f285ebb4 100644 --- a/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml @@ -2323,7 +2394,7 @@ index a97cf1a9..f285ebb4 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml -index 630d8fdc..c649ceb9 100644 +index e94276f8..28f55b98 100644 --- a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml @@ -1,6 +1,6 @@ @@ -2334,25 +2405,25 @@ index 630d8fdc..c649ceb9 100644 title: 'Disable chrony daemon from acting as server' -@@ -26,7 +26,7 @@ references: - disa: CCI-000381 +@@ -28,7 +28,7 @@ references: ospp: FMT_SMF_EXT.1 srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049 + stigid@ol8: OL08-00-030741 - stigid@rhel8: RHEL-08-030741 + stigid@almalinux8: RHEL-08-030741 ocil_clause: 'it does not exist or port is set to non-zero value' diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh -index 13f20d64..97cfbaae 100644 +index 5bfd2b1f..e03fc658 100644 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol - # Include source function library - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_replace_or_append("/etc/chrony.conf", '^cmdport', '0', '%s %s') }}} diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml index a97cf1a9..f285ebb4 100644 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml @@ -2365,7 +2436,7 @@ index a97cf1a9..f285ebb4 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml -index 6b834911..96d5c240 100644 +index a5e998d0..48dcd4c6 100644 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml @@ -1,6 +1,6 @@ @@ -2376,23 +2447,33 @@ index 6b834911..96d5c240 100644 title: 'Disable network management of chrony daemon' -@@ -26,7 +26,7 @@ references: - disa: CCI-000381 +@@ -28,7 +28,7 @@ references: ospp: FMT_SMF_EXT.1 srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049 + stigid@ol8: OL08-00-030742 - stigid@rhel8: RHEL-08-030742 + stigid@almalinux8: RHEL-08-030742 ocil_clause: 'it does not exist or port is set to non-zero value' +diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml +index da0a6223..36ad0175 100644 +--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml ++++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/ansible/shared.yml +@@ -1,4 +1,4 @@ +-# platform = multi_platform_sle,multi_platform_rhel ++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux + # reboot = false + # strategy = restrict + # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh -index b23deffb..a9e4d9ba 100644 +index 770312c9..8a8ca27d 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ol -+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ol - . /usr/share/scap-security-guide/remediation_functions +-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle + {{{ bash_instantiate_variables("var_time_service_set_maxpoll") }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml @@ -2407,20 +2488,20 @@ index a97cf1a9..f285ebb4 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml -index 854e8e80..24d067d6 100644 +index e8e4ec45..59a09814 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Configure Time Service Maxpoll Interval' -@@ -93,7 +93,7 @@ references: - srg: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144,SRG-OS-000359-GPOS-00146 +@@ -99,7 +99,7 @@ references: stigid@ol7: OL07-00-040500 + stigid@ol8: OL08-00-030740 stigid@rhel7: RHEL-07-040500 - stigid@rhel8: RHEL-08-030740 + stigid@almalinux8: RHEL-08-030740 @@ -2428,13 +2509,13 @@ index 854e8e80..24d067d6 100644 stigid@sle15: SLES-15-010400 stigid@ubuntu2004: UBTU-20-010435 diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh -index 9add69d3..944e1865 100644 +index 428a5407..696798a0 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol - . /usr/share/scap-security-guide/remediation_functions +-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle ++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle + {{{ bash_instantiate_variables("var_multiple_time_servers") }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml @@ -2449,25 +2530,25 @@ index a97cf1a9..f285ebb4 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml -index 7dc18858..7a2de3bf 100644 +index adab67dc..85fef84a 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhcos4,ol7,ol8,rhel7,rhel8,rhv4 -+prodtype: fedora,rhcos4,ol7,ol8,rhel7,rhel8,almalinux8,rhv4 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15 title: 'Specify Additional Remote NTP Servers' diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh -index 0a3f6364..d0e0610b 100644 +index f0a41078..8e1f92d4 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol +# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_multiple_time_servers") }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml @@ -2482,14 +2563,14 @@ index a97cf1a9..f285ebb4 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml -index 27df8595..dd740663 100644 +index c0635acd..3941b2a1 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhcos4,ol7,ol8,rhel7,rhel8,rhv4 -+prodtype: fedora,rhcos4,ol7,ol8,rhel7,rhel8,almalinux8,rhv4 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4 title: 'Specify a Remote NTP Server' @@ -2504,137 +2585,227 @@ index e60dd11e..12f4bd92 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml -index bce31f0e..d85d64ec 100644 +index 1e0f65ac..3a5ec70e 100644 --- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhel7,rhel8,rhel9,sle15,ubuntu2004 -+prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004 +-prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Ensure that chronyd is running under chrony user account' +diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml +index 6dc24f1b..159b99d1 100644 +--- a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml ++++ b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml +@@ -22,7 +22,7 @@ identifiers: + references: + disa: CCI-001891 + srg: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144,SRG-OS-000359-GPOS-00146 +- stigid@rhel8: RHEL-08-030740 ++ stigid@almalinux8: RHEL-08-030740 + + ocil_clause: 'a remote time server is not configured or configured with pool directive' + +diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh +index d1ba0755..d63e9963 100644 +--- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh ++++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = chrony +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux + # remediation = none + + echo "" > /etc/chrony.conf +diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh +index 12a50ebc..062721b3 100644 +--- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh ++++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = chrony +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux + # remediation = none + + rm -f /etc/chrony.conf +diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh +index bffa8b62..081e47a7 100644 +--- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh ++++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = chrony +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux + # remediation = none + + echo "some line" > /etc/chrony.conf +diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh +index 5527f389..a121cf97 100644 +--- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh ++++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = chrony +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux + # remediation = none + + sed -i "^pool.*" /etc/chrony.conf +diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh +index 616fe884..8ca788f4 100644 +--- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh ++++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = chrony +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux + # remediation = none + + sed -i "^server.*" /etc/chrony.conf +diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh +index 21a70dc4..58061797 100644 +--- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh ++++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = chrony +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux + + sed -i "^pool.*" /etc/chrony.conf + echo "server 0.pool.ntp.org" > /etc/chrony.conf diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh -index 44712c37..4bd3cd36 100644 +index 4a1fd261..3483a7db 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh -@@ -1,6 +1,6 @@ +@@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,Red Hat Enterprise Linux 8 -+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8 - - +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux + echo "server 0.pool.ntp.org" > /etc/chrony.conf diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh -index 50a57359..49717a28 100644 +index 6612538e..f0654680 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh -@@ -1,6 +1,6 @@ +@@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,Red Hat Enterprise Linux 8 -+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8 - - +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux + echo "pool 0.pool.ntp.org" > /etc/chrony.conf diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh -index 2eda5b94..ed3a7926 100644 +index 8a9866d2..02d6a61f 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh -@@ -1,6 +1,6 @@ +@@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,Red Hat Enterprise Linux 8 -+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8 - +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux echo "" > /etc/chrony.conf diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh -index 4221c059..b27978a4 100644 +index c6ac20c1..638372b8 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh -@@ -1,6 +1,6 @@ +@@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,Red Hat Enterprise Linux 8 -+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8 - +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux rm -f /etc/chrony.conf diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh -index 7ca6378d..69a0286e 100644 +index 02693609..3667b6ff 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,Red Hat Enterprise Linux 8 -+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8 - +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux echo "some line" > /etc/chrony.conf + echo "another line" >> /etc/chrony.conf diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh -index d31254c6..7bb31ac7 100644 +index 6c2557aa..f9f96f9c 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,Red Hat Enterprise Linux 8 -+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8 - +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux echo "server 0.pool.ntp.org" > /etc/chrony.conf + echo "server 1.pool.ntp.org" >> /etc/chrony.conf diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh -index fbe2933f..eea0c083 100644 +index a5d6aecf..e6f5e057 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh -@@ -1,6 +1,6 @@ +@@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,Red Hat Enterprise Linux 8 -+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8 - +-# platform = multi_platform_fedora,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux echo "server " > /etc/chrony.conf +diff --git a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml +index b9add520..ac7b4cec 100644 +--- a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml ++++ b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml +@@ -1,4 +1,4 @@ +-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle ++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle + # reboot = false + # strategy = enable + # complexity = low diff --git a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh -index c95dccf9..b07b8798 100644 +index f8a77aee..33166cac 100644 --- a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh +++ b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol - - if {{{ bash_package_installed("chrony") }}} ; then - if ! /usr/sbin/pidof ntpd ; then +-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle ++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle + # reboot = false + # strategy = enable + # complexity = low diff --git a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml -index 00739816..dc5def62 100644 +index 66c66754..2b31b599 100644 --- a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml +++ b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,ubuntu2004 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,ubuntu2004 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004 title: 'Enable the NTP Daemon' diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml -index b582a3d6..5ee8c663 100644 +index d413ff15..2c1dfe5f 100644 --- a/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml +++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Uninstall xinetd Package' diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml -index 5583ef26..a114f271 100644 +index 5b08676a..b11c8af4 100644 --- a/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml @@ -1,7 +1,7 @@ @@ -2647,26 +2818,26 @@ index 5583ef26..a114f271 100644 title: 'Disable xinetd Service' diff --git a/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml -index 87f57cda..a1b432ca 100644 +index 83fe71b9..89043489 100644 --- a/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml +++ b/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Remove NIS Client' diff --git a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml -index d36144ea..df89ad6a 100644 +index 292a6eb7..be96a91c 100644 --- a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml +++ b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'Uninstall ypserv Package' @@ -2682,6 +2853,18 @@ index 29f66c6f..8a2e364f 100644 title: 'Disable ypbind Service' +diff --git a/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml b/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml +index 1867eec5..fec683fa 100644 +--- a/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml ++++ b/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: rhel8,rhel9 ++prodtype: rhel8,almalinux8,rhel9 + + title: 'Disable ypserv Service' + diff --git a/linux_os/guide/services/obsolete/r_services/no_host_based_files/bash/shared.sh b/linux_os/guide/services/obsolete/r_services/no_host_based_files/bash/shared.sh index 26b3c514..f65fd861 100644 --- a/linux_os/guide/services/obsolete/r_services/no_host_based_files/bash/shared.sh @@ -2693,20 +2876,20 @@ index 26b3c514..f65fd861 100644 # Identify local mounts MOUNT_LIST=$(df --local | awk '{ print $6 }') diff --git a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml -index 6917a73b..56ebbc98 100644 +index b2cd780b..9666ab40 100644 --- a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,wrlinux1019,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,wrlinux1019,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'Remove Host-Based Authentication Files' -@@ -31,7 +31,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -33,7 +33,7 @@ references: stigid@ol7: OL07-00-040550 + stigid@ol8: OL08-00-010460 stigid@rhel7: RHEL-07-040550 - stigid@rhel8: RHEL-08-010460 + stigid@almalinux8: RHEL-08-010460 @@ -2714,7 +2897,7 @@ index 6917a73b..56ebbc98 100644 stigid@sle15: SLES-15-040030 diff --git a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml -index 7354a691..9f44e331 100644 +index 660eebd6..564781aa 100644 --- a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml +++ b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -2724,15 +2907,15 @@ index 7354a691..9f44e331 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh -index d4cc7ef2..64a86cc0 100644 +index a465105d..6d9d15e4 100644 --- a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh +++ b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - find /home -maxdepth 2 -type f -name .rhosts -exec rm -f '{}' \; - if [ -f /etc/hosts.equiv ]; then + find /root -xdev -type f -name ".rhosts" -exec rm -f {} \; + find /home -maxdepth 2 -xdev -type f -name ".rhosts" -exec rm -f {} \; diff --git a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/bash/shared.sh b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/bash/shared.sh index 6e902385..3a6461d6 100644 --- a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/bash/shared.sh @@ -2744,20 +2927,20 @@ index 6e902385..3a6461d6 100644 # Identify local mounts MOUNT_LIST=$(df --local | awk '{ print $6 }') diff --git a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml -index 545c0608..afb87693 100644 +index 79b85c1b..a614e1f5 100644 --- a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,wrlinux1019,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,wrlinux1019,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'Remove User Host-Based Authentication Files' -@@ -31,7 +31,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -33,7 +33,7 @@ references: stigid@ol7: OL07-00-040540 + stigid@ol8: OL08-00-010470 stigid@rhel7: RHEL-07-040540 - stigid@rhel8: RHEL-08-010470 + stigid@almalinux8: RHEL-08-010470 @@ -2765,20 +2948,20 @@ index 545c0608..afb87693 100644 stigid@sle15: SLES-15-040020 diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml -index d7d088d3..fa4b6c86 100644 +index 8a1f7ba9..9cb71d63 100644 --- a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,ubuntu2004,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 title: 'Uninstall rsh-server Package' -@@ -36,7 +36,7 @@ references: - srg: SRG-OS-000095-GPOS-00049 +@@ -38,7 +38,7 @@ references: stigid@ol7: OL07-00-020000 + stigid@ol8: OL08-00-040010 stigid@rhel7: RHEL-07-020000 - stigid@rhel8: RHEL-08-040010 + stigid@almalinux8: RHEL-08-040010 @@ -2786,40 +2969,39 @@ index d7d088d3..fa4b6c86 100644 {{{ complete_ocil_entry_package(package="rsh-server") }}} diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml -index c1e7afcf..a0c8ffe0 100644 +index 05e41516..467932cc 100644 --- a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Uninstall rsh Package' diff --git a/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml b/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml -index 136571ce..c70437bf 100644 +index 8b94664d..69b3cc37 100644 --- a/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml -@@ -1,7 +1,7 @@ +@@ -1,6 +1,6 @@ documentation_complete: true - # potentially outdated requirement, rsh-server may not be a RHEL9 package --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15 title: 'Disable rexec Service' diff --git a/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml b/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml -index d6fa7eaf..e618c678 100644 +index abaa36a1..27c0b794 100644 --- a/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml @@ -1,7 +1,7 @@ documentation_complete: true # potentially obsolete, rsh-server is not available in RHEL9 --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Disable rlogin Service' @@ -2836,65 +3018,43 @@ index 70d6cb15..7241a8d0 100644 title: 'Disable rsh Service' diff --git a/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml b/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml -index addfd018..13ca156c 100644 +index d3d48820..4870dbaa 100644 --- a/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Ensure rsyncd service is diabled' -diff --git a/linux_os/guide/services/obsolete/service_rsyncd_disabled/tests/disabled.pass.sh b/linux_os/guide/services/obsolete/service_rsyncd_disabled/tests/disabled.pass.sh -index 583d717f..9f256e72 100644 ---- a/linux_os/guide/services/obsolete/service_rsyncd_disabled/tests/disabled.pass.sh -+++ b/linux_os/guide/services/obsolete/service_rsyncd_disabled/tests/disabled.pass.sh -@@ -1,5 +1,5 @@ - #!/bin/bash --# platform = Red Hat Enterprise Linux 8,Oracle Linux 8,multi_platform_fedora,multi_platform_rhv -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 8,multi_platform_fedora,multi_platform_rhv - # packages = rsync-daemon - - systemctl stop rsyncd -diff --git a/linux_os/guide/services/obsolete/service_rsyncd_disabled/tests/enabled.fail.sh b/linux_os/guide/services/obsolete/service_rsyncd_disabled/tests/enabled.fail.sh -index ce669993..bc728f24 100644 ---- a/linux_os/guide/services/obsolete/service_rsyncd_disabled/tests/enabled.fail.sh -+++ b/linux_os/guide/services/obsolete/service_rsyncd_disabled/tests/enabled.fail.sh -@@ -1,5 +1,5 @@ - #!/bin/bash --# platform = Red Hat Enterprise Linux 8,Oracle Linux 8,multi_platform_fedora,multi_platform_rhv -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 8,multi_platform_fedora,multi_platform_rhv - # packages = rsync-daemon - - systemctl start rsyncd diff --git a/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml -index e0667d88..bcc22345 100644 +index 4faf52ea..84f94d7c 100644 --- a/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Uninstall talk-server Package' diff --git a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml -index 592d56ce..51343ca2 100644 +index ae60c8e1..fb6760bb 100644 --- a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml +++ b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Uninstall talk Package' diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml -index d6e3d01f..61916185 100644 +index ea679e6a..c6b24427 100644 --- a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml @@ -1,6 +1,6 @@ @@ -2905,9 +3065,9 @@ index d6e3d01f..61916185 100644 title: 'Uninstall telnet-server Package' -@@ -46,7 +46,7 @@ references: - srg: SRG-OS-000095-GPOS-00049 +@@ -49,7 +49,7 @@ references: stigid@ol7: OL07-00-021710 + stigid@ol8: OL08-00-040000 stigid@rhel7: RHEL-07-021710 - stigid@rhel8: RHEL-08-040000 + stigid@almalinux8: RHEL-08-040000 @@ -2915,31 +3075,31 @@ index d6e3d01f..61916185 100644 stigid@sle15: SLES-15-010180 diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml -index 18f5f11a..52f99449 100644 +index 7134b8b2..ec8c1f52 100644 --- a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml +++ b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Remove telnet Clients' diff --git a/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml b/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml -index 36dd48df..bb497e0f 100644 +index 3c879a79..264fce08 100644 --- a/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Disable telnet Service' diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml -index 0511b110..b2fc12a4 100644 +index 10f44352..c97cdffe 100644 --- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml @@ -1,6 +1,6 @@ @@ -2950,9 +3110,9 @@ index 0511b110..b2fc12a4 100644 title: 'Uninstall tftp-server Package' -@@ -35,7 +35,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -36,7 +36,7 @@ references: stigid@ol7: OL07-00-040700 + stigid@ol8: OL08-00-040190 stigid@rhel7: RHEL-07-040700 - stigid@rhel8: RHEL-08-040190 + stigid@almalinux8: RHEL-08-040190 @@ -2994,31 +3154,30 @@ index 359670e3..0192b27e 100644 # complexity = low # strategy = configure diff --git a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/bash/shared.sh b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/bash/shared.sh -index cf090191..e84f7d1d 100644 +index d192f984..37f93ceb 100644 --- a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/bash/shared.sh +++ b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/bash/shared.sh -@@ -1,5 +1,5 @@ - #!/bin/bash +@@ -1,4 +1,4 @@ -# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,WRLinux 1019 +# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,WRLinux 1019 - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables ("var_tftpd_secure_directory") }}} diff --git a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml -index 75304d43..db6bc6c0 100644 +index 775dcfbe..d2cd2ad3 100644 --- a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml +++ b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019 title: 'Ensure tftp Daemon Uses Secure Mode' -@@ -38,7 +38,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -40,7 +40,7 @@ references: stigid@ol7: OL07-00-040720 + stigid@ol8: OL08-00-040350 stigid@rhel7: RHEL-07-040720 - stigid@rhel8: RHEL-08-040350 + stigid@almalinux8: RHEL-08-040350 @@ -3062,14 +3221,14 @@ index dd72c6f7..00241a47 100644 title: 'Disable the CUPS Service' diff --git a/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml b/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml -index 4e661231..fb67f277 100644 +index 8700dc83..155aa7f8 100644 --- a/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml +++ b/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Uninstall squid Package' @@ -3098,7 +3257,7 @@ index 7c01c09b..89f28d22 100644 title: 'Remove the FreeRadius Server Package' diff --git a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml -index 274a4ff6..83b062a6 100644 +index 1bb70346..e1d4dd4c 100644 --- a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml +++ b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml @@ -1,6 +1,6 @@ @@ -3109,10 +3268,10 @@ index 274a4ff6..83b062a6 100644 title: 'Enable the Hardware RNG Entropy Gatherer Service' -@@ -23,7 +23,7 @@ references: - disa: CCI-000366 +@@ -24,7 +24,7 @@ references: ospp: FCS_RBG_EXT.1 srg: SRG-OS-000480-GPOS-00227 + stigid@ol8: OL08-00-010471 - stigid@rhel8: RHEL-08-010471 + stigid@almalinux8: RHEL-08-010471 @@ -3131,15 +3290,14 @@ index b63deaa8..285c1b64 100644 title: 'Uninstall quagga Package' diff --git a/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml b/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml -index 8f76acc7..51dea573 100644 +index 54e52790..c7a14e6f 100644 --- a/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml +++ b/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml -@@ -1,7 +1,7 @@ +@@ -1,6 +1,6 @@ documentation_complete: true - # package is unlikely to appear on a RHEL9 system, don't extend to RHEL10 --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15 title: 'Disable Quagga Service' @@ -3212,14 +3370,14 @@ index 0cf80fb6..d9978cea 100644 title: 'Disable Root Access to SMB Shares' diff --git a/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml b/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml -index cd4634ac..15b48438 100644 +index 0a90377e..99e264dc 100644 --- a/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml +++ b/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004 +-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Uninstall Samba Package' @@ -3236,26 +3394,26 @@ index 41375ebd..12bf35bf 100644 title: 'Disable Samba' diff --git a/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml b/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml -index 6d30c0ea..49b44a61 100644 +index bd32b570..299567ea 100644 --- a/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml +++ b/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Uninstall net-snmp Package' diff --git a/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml b/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml -index 66a71f85..80ff0aab 100644 +index 1b1f9e57..1356372e 100644 --- a/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml +++ b/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,rhel7,rhel8,rhel9,sle15 -+prodtype: debian10,debian9,rhel7,rhel8,almalinux8,rhel9,sle15 +-prodtype: debian10,debian11,debian9,rhel7,rhel8,rhel9,sle15 ++prodtype: debian10,debian11,debian9,rhel7,rhel8,almalinux8,rhel9,sle15 title: 'Disable snmpd Service' @@ -3270,47 +3428,46 @@ index 084c8934..c38f2b92 100644 if grep -s "rwuser" /etc/snmp/snmpd.conf | grep -qv "^#"; then sed -i "/^\s*#/b;/rwuser/ s/^/#/" /etc/snmp/snmpd.conf diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml -index 6e3dd2c4..455f9912 100644 +index 3ff132df..ae50caed 100644 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhel7,rhel8 -+prodtype: fedora,rhel7,rhel8,almalinux8 +-prodtype: fedora,rhel7,rhel8,rhel9 ++prodtype: fedora,rhel7,rhel8,almalinux8,rhel9 title: 'Ensure SNMP Read Write is disabled' diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml -index 4e4f24f3..76e256fe 100644 +index 632c7111..f4f8427b 100644 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = debian 10,debian 9,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,WRLinux 1019 -+# platform = debian 10,debian 9,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,WRLinux 1019 +-# platform = debian 11,debian 10,debian 9,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,WRLinux 1019 ++# platform = debian 11,debian 10,debian 9,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,WRLinux 1019 # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh -index 4271bdc3..abbe006b 100644 +index 50871561..7d4722af 100644 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh -@@ -1,5 +1,5 @@ - #!/bin/bash --# platform = debian 10,debian 9,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,WRLinux 1019 -+# platform = debian 10,debian 9,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,WRLinux 1019 +@@ -1,4 +1,4 @@ +-# platform = debian 11,debian 10,debian 9,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,WRLinux 1019 ++# platform = debian 11,debian 10,debian 9,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,WRLinux 1019 - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_snmpd_ro_string", "var_snmpd_rw_string") }}} diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/rule.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/rule.yml -index 19775b8c..dc6e7d8e 100644 +index 4bfec9ff..87cc1ccf 100644 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/rule.yml +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhel7,rhel8,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhel7,rhel8,almalinux8,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhel7,rhel8,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhel7,rhel8,almalinux8,wrlinux1019 title: 'Ensure Default SNMP Password Is Not Used' @@ -3327,48 +3484,48 @@ index 789f2264..ef5b6e8d 100644 title: 'Configure SNMP Service to Use Only SNMPv3 or Newer' diff --git a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml -index 7cf916d7..efb01b6d 100644 +index 2e3bccf6..7f8c24e2 100644 --- a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml +++ b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Group Who Owns SSH Server config file' diff --git a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml -index 5b833370..fb924e19 100644 +index a2a1b879..67fe7751 100644 --- a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml +++ b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Owner on SSH Server config file' diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml -index 60783301..3a61e051 100644 +index bcaf46bd..7a0a13db 100644 --- a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml +++ b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Verify Permissions on SSH Server config file' diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml -index 4ea47383..b9afa0aa 100644 +index 98d75350..20db20a0 100644 --- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml +++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml -@@ -39,7 +39,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -46,7 +46,7 @@ references: stigid@ol7: OL07-00-040420 + stigid@ol8: OL08-00-010490 stigid@rhel7: RHEL-07-040420 - stigid@rhel8: RHEL-08-010490 + stigid@almalinux8: RHEL-08-010490 @@ -3376,12 +3533,12 @@ index 4ea47383..b9afa0aa 100644 stigid@sle15: SLES-15-040250 diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml -index a5ceac0e..3a777473 100644 +index c0cad148..1d696656 100644 --- a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml +++ b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml -@@ -34,7 +34,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -37,7 +37,7 @@ references: stigid@ol7: OL07-00-040410 + stigid@ol8: OL08-00-010480 stigid@rhel7: RHEL-07-040410 - stigid@rhel8: RHEL-08-010480 + stigid@almalinux8: RHEL-08-010480 @@ -3413,12 +3570,12 @@ index d90a6482..791df38c 100644 title: 'Install OpenSSH client software' diff --git a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml -index b551f08f..ae59870d 100644 +index 6ce8ee1f..f748ee64 100644 --- a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml +++ b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml -@@ -30,7 +30,7 @@ references: - srg: SRG-OS-000423-GPOS-00187,SRG-OS-000424-GPOS-00188,SRG-OS-000425-GPOS-00189,SRG-OS-000426-GPOS-00190 +@@ -31,7 +31,7 @@ references: stigid@ol7: OL07-00-040300 + stigid@ol8: OL08-00-040159 stigid@rhel7: RHEL-07-040300 - stigid@rhel8: RHEL-08-040159 + stigid@almalinux8: RHEL-08-040159 @@ -3426,7 +3583,7 @@ index b551f08f..ae59870d 100644 ocil_clause: 'the package is not installed' diff --git a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml -index ac4bb8e4..55a512b3 100644 +index 88215418..0b4e2d70 100644 --- a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml +++ b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml @@ -1,6 +1,6 @@ @@ -3437,9 +3594,9 @@ index ac4bb8e4..55a512b3 100644 title: 'Enable the OpenSSH Service' -@@ -40,7 +40,7 @@ references: - srg: SRG-OS-000423-GPOS-00187,SRG-OS-000423-GPOS-00188,SRG-OS-000423-GPOS-00189,SRG-OS-000423-GPOS-00190 +@@ -41,7 +41,7 @@ references: stigid@ol7: OL07-00-040310 + stigid@ol8: OL08-00-040160 stigid@rhel7: RHEL-07-040310 - stigid@rhel8: RHEL-08-040160 + stigid@almalinux8: RHEL-08-040160 @@ -3447,14 +3604,14 @@ index ac4bb8e4..55a512b3 100644 stigid@sle15: SLES-15-010530 stigid@ubuntu2004: UBTU-20-010042 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml -index f43f92c2..bba72681 100644 +index 41e7a9a8..106fb84b 100644 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml +++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol8,rhel8,rhcos4 -+prodtype: ol8,rhel8,almalinux8,rhcos4 +-prodtype: ol8,rhcos4,rhel8,rhel9 ++prodtype: ol8,rhcos4,rhel8,almalinux8,rhel9 title: 'Configure session renegotiation for SSH client' @@ -3469,11 +3626,10 @@ index 1c878701..be1bff4c 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/bash/shared.sh b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/bash/shared.sh -index f29280fb..f2d7c156 100644 +index 3df859f3..e2ab1886 100644 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/bash/shared.sh +++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/bash/shared.sh -@@ -1,5 +1,5 @@ - #!/bin/bash +@@ -1,4 +1,4 @@ -# platform = Red Hat Enterprise Linux 8,Oracle Linux 8 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 8 @@ -3502,11 +3658,10 @@ index 29c64602..1be957f9 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/bash/shared.sh b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/bash/shared.sh -index 4a166356..24a426a5 100644 +index 13306db4..7a5ca21f 100644 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/bash/shared.sh +++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/bash/shared.sh -@@ -1,5 +1,5 @@ - #!/bin/bash +@@ -1,4 +1,4 @@ -# platform = Red Hat Enterprise Linux 8,Oracle Linux 8 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 8 @@ -3568,15 +3723,15 @@ index 39102e5d..2dcfeeb0 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh -index 590e96d1..b310e547 100644 +index ba598762..d972650e 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^Protocol', '2', '%s %s') }}} diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml index f8d422c6..aafcd046 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml @@ -3588,22 +3743,22 @@ index f8d422c6..aafcd046 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh -index 408c97d4..108868fc 100644 +index 397e9994..bdaced02 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle + + {{{ bash_instantiate_variables("var_sshd_disable_compression") }}} - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml -index 672bcabd..bf25eb57 100644 +index b708373c..d38ad9c2 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml -@@ -39,7 +39,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -40,7 +40,7 @@ references: stigid@ol7: OL07-00-040470 + stigid@ol8: OL08-00-010510 stigid@rhel7: RHEL-07-040470 - stigid@rhel8: RHEL-08-010510 + stigid@almalinux8: RHEL-08-010510 @@ -3611,12 +3766,12 @@ index 672bcabd..bf25eb57 100644 stigid@sle15: SLES-15-040280 vmmsrg: SRG-OS-000480-VMM-002000 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml -index 8100b685..a4ec7a24 100644 +index fa2f4b4d..281c24c4 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml -@@ -47,7 +47,7 @@ references: - srg: SRG-OS-000106-GPOS-00053,SRG-OS-000480-GPOS-00229,SRG-OS-000480-GPOS-00227 +@@ -53,7 +53,7 @@ references: stigid@ol7: OL07-00-010300 + stigid@ol8: OL08-00-020330 stigid@rhel7: RHEL-07-010300 - stigid@rhel8: RHEL-08-020330 + stigid@almalinux8: RHEL-08-020330 @@ -3624,31 +3779,31 @@ index 8100b685..a4ec7a24 100644 stigid@sle15: SLES-15-040440 stigid@ubuntu2004: UBTU-20-010047 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml -index 2134da28..e980b9e1 100644 +index 50eb3cab..c880fbf7 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml -@@ -36,7 +36,7 @@ references: - srg: SRG-OS-000364-GPOS-00151,SRG-OS-000480-GPOS-00227 +@@ -43,7 +43,7 @@ references: stigid@ol7: OL07-00-040430 + stigid@ol8: OL08-00-010522 stigid@rhel7: RHEL-07-040430 - stigid@rhel8: RHEL-08-010522 + stigid@almalinux8: RHEL-08-010522 vmmsrg: SRG-OS-000480-VMM-002000 - ocil_clause: 'it is commented out or is not disabled' + {{{ complete_ocil_entry_sshd_option(default="yes", option="GSSAPIAuthentication", value="no") }}} diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml -index 5f585d6c..40d0424e 100644 +index ac869505..9483f4a0 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml -@@ -37,7 +37,7 @@ references: - srg: SRG-OS-000364-GPOS-00151,SRG-OS-000480-GPOS-00227 +@@ -44,7 +44,7 @@ references: stigid@ol7: OL07-00-040440 + stigid@ol8: OL08-00-010521 stigid@rhel7: RHEL-07-040440 - stigid@rhel8: RHEL-08-010521 + stigid@almalinux8: RHEL-08-010521 vmmsrg: SRG-OS-000480-VMM-002000 - ocil_clause: 'it is commented out or is not disabled' + {{{ complete_ocil_entry_sshd_option(default="yes", option="KerberosAuthentication", value="no") }}} diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml index 228a1166..6ba91af4 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml @@ -3660,22 +3815,22 @@ index 228a1166..6ba91af4 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh -index 319ec5cb..93a302d8 100644 +index a6b70585..a11860b5 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^RhostsRSAAuthentication', 'no', '%s %s') }}} diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml -index 9993d5f8..692ac40c 100644 +index b13e175c..96925bf7 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml -@@ -47,7 +47,7 @@ references: - srg: SRG-OS-000109-GPOS-00056,SRG-OS-000480-GPOS-00227 +@@ -49,7 +49,7 @@ references: stigid@ol7: OL07-00-040370 + stigid@ol8: OL08-00-010550 stigid@rhel7: RHEL-07-040370 - stigid@rhel8: RHEL-08-010550 + stigid@almalinux8: RHEL-08-010550 @@ -3683,12 +3838,12 @@ index 9993d5f8..692ac40c 100644 stigid@sle15: SLES-15-020040 vmmsrg: SRG-OS-000480-VMM-002000 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml -index 027fc4e7..1756277e 100644 +index 0987d4cc..4e8c5b2f 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml -@@ -39,7 +39,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -40,7 +40,7 @@ references: stigid@ol7: OL07-00-040380 + stigid@ol8: OL08-00-010520 stigid@rhel7: RHEL-07-040380 - stigid@rhel8: RHEL-08-010520 + stigid@almalinux8: RHEL-08-010520 @@ -3696,12 +3851,12 @@ index 027fc4e7..1756277e 100644 stigid@sle15: SLES-15-040230 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml -index 3feaa9d6..95457e1d 100644 +index f92a9042..0cddb5d0 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml -@@ -41,7 +41,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -45,7 +45,7 @@ references: stigid@ol7: OL07-00-040710 + stigid@ol8: OL08-00-040340 stigid@rhel7: RHEL-07-040710 - stigid@rhel8: RHEL-08-040340 + stigid@almalinux8: RHEL-08-040340 @@ -3709,12 +3864,12 @@ index 3feaa9d6..95457e1d 100644 stigid@ubuntu2004: UBTU-20-010048 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml -index 791ff49a..383141d3 100644 +index 44482458..299a93fc 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml -@@ -41,7 +41,7 @@ references: - srg: SRG-OS-000480-GPOS-00229 +@@ -47,7 +47,7 @@ references: stigid@ol7: OL07-00-010460 + stigid@ol8: OL08-00-010830 stigid@rhel7: RHEL-07-010460 - stigid@rhel8: RHEL-08-010830 + stigid@almalinux8: RHEL-08-010830 @@ -3722,12 +3877,12 @@ index 791ff49a..383141d3 100644 stigid@sle15: SLES-15-040440 stigid@ubuntu2004: UBTU-20-010047 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml -index dc8ef0d9..dc19af07 100644 +index f1232556..3b61d5f1 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml -@@ -37,7 +37,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -43,7 +43,7 @@ references: stigid@ol7: OL07-00-040450 + stigid@ol8: OL08-00-010500 stigid@rhel7: RHEL-07-040450 - stigid@rhel8: RHEL-08-010500 + stigid@almalinux8: RHEL-08-010500 @@ -3735,12 +3890,12 @@ index dc8ef0d9..dc19af07 100644 stigid@sle15: SLES-15-040260 vmmsrg: SRG-OS-000480-VMM-002000 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml -index c50c8d69..6a0332cf 100644 +index 5db8d82a..c1c82609 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml -@@ -43,7 +43,7 @@ references: - srg: SRG-OS-000023-GPOS-00006,SRG-OS-000024-GPOS-00007,SRG-OS-000228-GPOS-00088 +@@ -46,7 +46,7 @@ references: stigid@ol7: OL07-00-040170 + stigid@ol8: OL08-00-010040 stigid@rhel7: RHEL-07-040170 - stigid@rhel8: RHEL-08-010040 + stigid@almalinux8: RHEL-08-010040 @@ -3748,12 +3903,12 @@ index c50c8d69..6a0332cf 100644 stigid@sle15: SLES-15-010040 vmmsrg: SRG-OS-000023-VMM-000060,SRG-OS-000024-VMM-000070 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml -index 80e9d455..5231e81b 100644 +index be9c7847..c58de35f 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml -@@ -33,7 +33,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -38,7 +38,7 @@ references: stigid@ol7: OL07-00-040360 + stigid@ol8: OL08-00-020350 stigid@rhel7: RHEL-07-040360 - stigid@rhel8: RHEL-08-020350 + stigid@almalinux8: RHEL-08-020350 @@ -3761,13 +3916,13 @@ index 80e9d455..5231e81b 100644 stigid@sle15: SLES-15-020120 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml -index 5a2d154d..0b065076 100644 +index 450f244d..7152ffe2 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml -@@ -24,7 +24,7 @@ references: - disa: CCI-000068 +@@ -25,7 +25,7 @@ references: ospp: FCS_SSHS_EXT.1 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000033-GPOS-00014 + stigid@ol8: OL08-00-040161 - stigid@rhel8: RHEL-08-040161 + stigid@almalinux8: RHEL-08-040161 @@ -3794,12 +3949,12 @@ index 5b54ab89..4213bc15 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml -index 5a442550..6c5e8548 100644 +index 0b5b7e1a..86f739bf 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml -@@ -53,7 +53,7 @@ references: - srg: SRG-OS-000126-GPOS-00066,SRG-OS-000163-GPOS-00072,SRG-OS-000279-GPOS-00109,SRG-OS-000395-GPOS-00175 +@@ -55,7 +55,7 @@ references: stigid@ol7: OL07-00-040320 + stigid@ol8: OL08-00-010201 stigid@rhel7: RHEL-07-040320 - stigid@rhel8: RHEL-08-010201 + stigid@almalinux8: RHEL-08-010201 @@ -3817,22 +3972,22 @@ index b280e21e..8e1c1810 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh -index 19b14c14..6f9fb212 100644 +index fcd61646..8143f533 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu +# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_sshd_set_keepalive") }}} + diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml -index 3ce782bc..a02c1194 100644 +index 9c41c227..e59290a5 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive_0/rule.yml -@@ -50,7 +50,7 @@ references: - srg: SRG-OS-000163-GPOS-00072,SRG-OS-000279-GPOS-00109 +@@ -53,7 +53,7 @@ references: stigid@ol7: OL07-00-040340 + stigid@ol8: OL08-00-010200 stigid@rhel7: RHEL-07-040340 - stigid@rhel8: RHEL-08-010200 + stigid@almalinux8: RHEL-08-010200 @@ -3850,15 +4005,15 @@ index 16e31302..71125a8d 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh -index 2451c164..67e21b52 100644 +index be4fce16..f17dfb14 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle +# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("sshd_max_auth_tries_value") }}} + diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/correct_value.pass.sh index 4cc6d659..5e911b46 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/correct_value.pass.sh @@ -3871,40 +4026,57 @@ index 4cc6d659..5e911b46 100644 #!/bin/bash SSHD_CONFIG="/etc/ssh/sshd_config" diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh -index bc0c4784..3b775739 100644 +index fcdb800c..77c3e82d 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh -@@ -1,5 +1,5 @@ - # profiles = xccdf_org.ssgproject.content_profile_cis --# platform = Red Hat Enterprise Linux 8 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8 +@@ -1,4 +1,4 @@ +-# platform = multi_platform_rhel, multi_platform_fedora ++# platform = multi_platform_rhel,multi_platform_almalinux, multi_platform_fedora #!/bin/bash SSHD_CONFIG="/etc/ssh/sshd_config" diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml -index 46a31548..0250b71d 100644 +index 0254221f..4d6c18f9 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,sle12,ubuntu2004,wrlinux1019,wrlinux8 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,ubuntu2004,wrlinux1019,wrlinux8 +-prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15,ubuntu2004,wrlinux1019,wrlinux8 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2004,wrlinux1019,wrlinux8 title: 'Use Only FIPS 140-2 Validated Ciphers' diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml -index 821b0ae0..b437a257 100644 +index ebaf8525..99e2977f 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,sle12,ubuntu2004,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,ubuntu2004,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Use Only FIPS 140-2 Validated MACs' +diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh +index 0e08a36d..da95aab4 100644 +--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh ++++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh +@@ -1,3 +1,3 @@ +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux + + {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^MACs', "hmac-sha2-512,hmac-sha2-256,hmac-sha1,hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com", '%s %s') }}} +diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh +index 1ac74ed4..aad9b777 100644 +--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh ++++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh +@@ -1,3 +1,3 @@ +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux + + {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^MACs', "wrong_value_expected_to_fail.com", '%s %s') }}} diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh index 798c4043..322c83cd 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh @@ -3944,22 +4116,22 @@ index 8d33596e..beafbd6d 100644 sed -i 's/^\s*MACs\s/# &/i' /etc/ssh/sshd_config diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml -index bd9c5fbe..32f49012 100644 +index b6fd81fa..d1f21b26 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml @@ -2,7 +2,7 @@ documentation_complete: true # TODO: The plan is not to need this for RHEL>=8.4 # TODO: Compliant setting is SSH_USE_STRONG_RNG set to 32 or more --prodtype: ol8,rhel8 -+prodtype: ol8,rhel8,almalinux8 +-prodtype: ol8,rhel8,rhel9 ++prodtype: ol8,rhel8,almalinux8,rhel9 title: 'SSH server uses strong entropy to seed' -@@ -27,7 +27,7 @@ references: - disa: CCI-000366 +@@ -29,7 +29,7 @@ references: ospp: FCS_RBG_EXT.1.2 srg: SRG-OS-000480-GPOS-00227 + stigid@ol8: OL08-00-010292 - stigid@rhel8: RHEL-08-010292 + stigid@almalinux8: RHEL-08-010292 @@ -4002,20 +4174,20 @@ index a10d24a7..d0b4e3a9 100644 echo 'SSH_USE_STRONG_RNG="32"' > /etc/sysconfig/sshd diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml -index 93b612c6..b0e4f6a7 100644 +index 0f693cdf..3a359728 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,sle12,ubuntu2004 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,sle12,ubuntu2004 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,ubuntu2004 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,ubuntu2004 title: 'Prevent remote hosts from connecting to the proxy display' -@@ -31,7 +31,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -39,7 +39,7 @@ references: stigid@ol7: OL07-00-040711 + stigid@ol8: OL08-00-040341 stigid@rhel7: RHEL-07-040711 - stigid@rhel8: RHEL-08-040341 + stigid@almalinux8: RHEL-08-040341 @@ -4081,15 +4253,15 @@ index 202fc7f4..711cc57c 100644 # strategy = unknown # complexity = low diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh -index 614f597e..1c617584 100644 +index 631f9551..c77ea76d 100644 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol +# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_sssd_ldap_tls_ca_dir") }}} + diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml index 430f0e65..c78b10d6 100644 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml @@ -4113,15 +4285,14 @@ index 891b3e2f..6cb0bce2 100644 # strategy = unknown # complexity = low diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh -index 62c2febc..ce073f12 100644 +index 6aada6d0..61fde625 100644 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh -@@ -1,4 +1,4 @@ +@@ -1,3 +1,3 @@ -# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol +# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_sssd_ldap_config(parameter="ldap_tls_reqcert", value="demand") }}} diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/rule.yml index 4b9636fb..46b8d977 100644 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/rule.yml @@ -4145,15 +4316,15 @@ index b38bc41f..33c5c903 100644 # strategy = unknown # complexity = low diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh -index 805f7ad3..6046494d 100644 +index f6224484..054ba74b 100644 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol +# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_sssd_ldap_config(parameter="ldap_id_use_start_tls", value="true") }}} + diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/rule.yml index 1f48dc7e..4872f285 100644 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/rule.yml @@ -4166,37 +4337,78 @@ index 1f48dc7e..4872f285 100644 title: 'Configure SSSD LDAP Backend to Use TLS For All Transactions' +diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml +index 823c0f55..9f6ad853 100644 +--- a/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml ++++ b/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml +@@ -1,4 +1,4 @@ +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux + # reboot = false + # strategy = configure + # complexity = low +diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh b/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh +index 3d852610..2868107d 100644 +--- a/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh ++++ b/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh +@@ -1,4 +1,4 @@ +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora + # reboot = false + # strategy = configure + # complexity = low +diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml +index 1d79939f..de72f015 100644 +--- a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml ++++ b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: fedora,ol8,rhel8,rhel9 ++prodtype: fedora,ol8,rhel8,almalinux8,rhel9 + + title: 'Certificate certificate status checking in SSSD' + +@@ -25,7 +25,7 @@ references: + nist: IA-2(11) + srg: SRG-OS-000375-GPOS-00160,SRG-OS-000377-GPOS-00162 + stigid@ol8: OL08-00-010400 +- stigid@rhel8: RHEL-08-010400 ++ stigid@almalinux8: RHEL-08-010400 + + + ocil_clause: 'certificate_verification in sssd is not configured' diff --git a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml -index 67c02f4f..28d15851 100644 +index f45bcd21..4a62e022 100644 --- a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml +++ b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhel8 -+prodtype: fedora,rhel8,almalinux8 +-prodtype: fedora,ol8,rhel8,rhel9 ++prodtype: fedora,ol8,rhel8,almalinux8,rhel9 title: 'Enable Certmap in SSSD' -@@ -29,7 +29,7 @@ references: - disa: CCI-000187 +@@ -31,7 +31,7 @@ references: nist: IA-5 (2) (c) srg: SRG-OS-000068-GPOS-00036 + stigid@ol8: OL08-00-020090 - stigid@rhel8: RHEL-08-020090 + stigid@almalinux8: RHEL-08-020090 warnings: - general: |- diff --git a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh -index 680ad113..fe5ace89 100644 +index 86f55171..b3f325e7 100644 --- a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol +# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + SSSD_CONF="/etc/sssd/sssd.conf" + SSSD_CONF_DIR="/etc/sssd/conf.d/*.conf" diff --git a/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml b/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml index 984ee37a..dcc31030 100644 --- a/linux_os/guide/services/sssd/sssd_enable_pam_services/rule.yml @@ -4210,41 +4422,31 @@ index 984ee37a..dcc31030 100644 title: 'Configure PAM in SSSD Services' diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml -index 010b4b87..03e87e16 100644 +index ae5e6a67..e2793477 100644 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol - # reboot = false - # strategy = configure - # complexity = low -diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh -index ddd141f0..ee070eb3 100644 ---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh -+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol +-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle ++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml -index a3a8c636..4a55e1dc 100644 +index 0ff0bf03..7bebac5d 100644 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,rhcos4 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,rhcos4 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Enable Smartcards in SSSD' -@@ -38,7 +38,7 @@ references: - disa: CCI-001954,CCI-000765 +@@ -40,7 +40,7 @@ references: ism: 0421,0422,0431,0974,1173,1401,1504,1505,1546,1557,1558,1559,1560,1561 srg: SRG-OS-000375-GPOS-00160,SRG-OS-000105-GPOS-00052 + stigid@ol8: OL08-00-020250 - stigid@rhel8: RHEL-08-020250 + stigid@almalinux8: RHEL-08-020250 vmmsrg: SRG-OS-000107-VMM-000530 @@ -4261,15 +4463,15 @@ index 7cfba003..fb36bb09 100644 # strategy = unknown # complexity = low diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh b/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh -index 8bc689da..e697f252 100644 +index fc84083f..39f99c91 100644 --- a/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle + + {{{ bash_instantiate_variables("var_sssd_memcache_timeout") }}} - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml b/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml index ae98eb6e..ef2e1802 100644 --- a/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml @@ -4303,28 +4505,28 @@ index 8a20f0c5..42987796 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml -index 56996e52..fb9c327b 100644 +index 2be813d2..1775e218 100644 --- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml +++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Configure SSSD to Expire Offline Credentials' -@@ -37,7 +37,7 @@ references: - nist: CM-6(a),IA-5(13) +@@ -39,7 +39,7 @@ references: nist-csf: PR.AC-1,PR.AC-6,PR.AC-7 srg: SRG-OS-000383-GPOS-00166 + stigid@ol8: OL08-00-020290 - stigid@rhel8: RHEL-08-020290 + stigid@almalinux8: RHEL-08-020290 stigid@sle12: SLES-12-010680 stigid@sle15: SLES-15-010500 stigid@ubuntu2004: UBTU-20-010441 diff --git a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh -index 12ad20b8..1a2df72e 100644 +index a99fb4dc..44d4423c 100644 --- a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh @@ -1,4 +1,4 @@ @@ -4334,14 +4536,14 @@ index 12ad20b8..1a2df72e 100644 found=false for f in /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf; do diff --git a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml -index b5e841d8..35dc3d00 100644 +index 87d8b19f..f10f4648 100644 --- a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml +++ b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhcos4,ol8,rhel8 -+prodtype: fedora,rhcos4,ol8,rhel8,almalinux8 +-prodtype: fedora,ol8,rhcos4,rhel8 ++prodtype: fedora,ol8,rhcos4,rhel8,almalinux8 title: 'Configure SSSD to run as user sssd' @@ -4356,15 +4558,15 @@ index 5bbe0ece..58a41ada 100644 # strategy = unknown # complexity = low diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh -index e957d1c6..baadbdef 100644 +index d8a22280..3d98176e 100644 --- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel +# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_sssd_ssh_known_hosts_timeout") }}} + diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/rule.yml b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/rule.yml index 9390dfd4..18970027 100644 --- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/rule.yml @@ -4387,7 +4589,7 @@ index a1e83870..e097b6be 100644 +# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos {{{ kubernetes_usbguard_set(["xccdf_org.ssgproject.content_rule_package_usbguard_installed"]) }}} diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml -index 59ca09ef..c9c0a141 100644 +index b7f08b1a..191edb28 100644 --- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml +++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml @@ -1,6 +1,6 @@ @@ -4398,10 +4600,10 @@ index 59ca09ef..c9c0a141 100644 title: 'Log USBGuard daemon audit events using Linux Audit' -@@ -25,7 +25,7 @@ references: - disa: CCI-000169 +@@ -27,7 +27,7 @@ references: ospp: FMT_SMF_EXT.1 srg: SRG-OS-000062-GPOS-00031 + stigid@ol8: OL08-00-030603 - stigid@rhel8: RHEL-08-030603 + stigid@almalinux8: RHEL-08-030603 @@ -4419,7 +4621,7 @@ index d9ea0648..03256e44 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml -index 19ef8aac..e5b47db3 100644 +index 0d5f3be9..38322ba6 100644 --- a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml +++ b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml @@ -1,6 +1,6 @@ @@ -4430,10 +4632,10 @@ index 19ef8aac..e5b47db3 100644 title: 'Install usbguard Package' -@@ -48,7 +48,7 @@ references: - disa: CCI-001958 - ism: "1418" +@@ -50,7 +50,7 @@ references: + nist: CM-8(3),IA-3 srg: SRG-OS-000378-GPOS-00163 + stigid@ol8: OL08-00-040139 - stigid@rhel8: RHEL-08-040139 + stigid@almalinux8: RHEL-08-040139 @@ -4451,7 +4653,7 @@ index 9f1c7879..de556cd5 100644 kind: MachineConfig metadata: diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml -index 4f008129..1a9fdfed 100644 +index aa3799de..c4a4ba6e 100644 --- a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml +++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml @@ -1,6 +1,6 @@ @@ -4462,10 +4664,10 @@ index 4f008129..1a9fdfed 100644 title: 'Enable the USBGuard Service' -@@ -27,7 +27,7 @@ references: - nist: CM-8(3)(a),IA-3 +@@ -28,7 +28,7 @@ references: ospp: FMT_SMF_EXT.1 srg: SRG-OS-000378-GPOS-00163 + stigid@ol8: OL08-00-040141 - stigid@rhel8: RHEL-08-040141 + stigid@almalinux8: RHEL-08-040141 @@ -4495,7 +4697,7 @@ index 03825010..b072e299 100644 allow with-interface match-all { 03:*:* 09:00:* } {{%- endmacro -%}} diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml -index d16d0092..af44407c 100644 +index 4d3114e0..ae0ce85d 100644 --- a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml +++ b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml @@ -1,6 +1,6 @@ @@ -4519,69 +4721,60 @@ index d0e11ad2..31033934 100644 title: 'Authorize USB hubs in USBGuard daemon' diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml -index 3ff0d386..ee971e2e 100644 +index c51c4be6..ff043532 100644 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel -+# platform = multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh b/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh -index d3fe0650..794f1be9 100644 +index e164fe0d..e59b5555 100644 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel -+# platform = multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml -index ca42efc0..c092e7cb 100644 +index 28360202..c95b3cff 100644 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8 -+prodtype: rhel8,almalinux8 +-prodtype: ol8,rhel8,rhel9 ++prodtype: ol8,rhel8,almalinux8,rhel9 title: 'Generate USBGuard Policy' -@@ -26,7 +26,7 @@ references: - nist: CM-8(3)(a),IA-3 +@@ -28,7 +28,7 @@ references: ospp: FMT_SMF_EXT.1 srg: SRG-OS-000378-GPOS-00163 + stigid@ol8: OL08-00-040140 - stigid@rhel8: RHEL-08-040140 + stigid@almalinux8: RHEL-08-040140 ocil_clause: '/etc/usbguard/rules.conf does not exist or is empty' diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml -index 6e739d21..d8bd59f2 100644 +index 3e80fcba..8ec4c4be 100644 --- a/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml +++ b/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Remove the X Windows Package Group' -@@ -9,7 +9,7 @@ description: |- - installed. If X Windows is not installed then the system cannot boot into graphical user mode. - This prevents the system from being accidentally or maliciously booted into a graphical.target - mode. To do so, run the following command: -- {{%- if product == "rhel8" or product == "rhv4" -%}} -+ {{%- if product == "rhel8" or product == "rhv4" or product == "almalinux8" -%}} - 
$ sudo {{{ pkg_manager }}} groupremove base-x
- {{%- else %}} - 
$ sudo {{{ pkg_manager }}} groupremove "X Window System"
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml -index 5b3afb32..49d06563 100644 +index 67d6836e..98357e4c 100644 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -4591,47 +4784,26 @@ index 5b3afb32..49d06563 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml -index 935766db..7987f10f 100644 +index 6ceb07bd..ca2425af 100644 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Disable graphical user interface' -@@ -47,7 +47,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -42,7 +42,7 @@ references: stigid@ol7: OL07-00-040730 + stigid@ol8: OL08-00-040320 stigid@rhel7: RHEL-07-040730 - stigid@rhel8: RHEL-08-040320 + stigid@almalinux8: RHEL-08-040320 ocil_clause: 'xorg related packages are not removed and run level is not correctly configured' -diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/tests/rhel8_packages_installed_correct_target.fail.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/tests/rhel8_packages_installed_correct_target.fail.sh -index 14f1a97b..fe071168 100644 ---- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/tests/rhel8_packages_installed_correct_target.fail.sh -+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/tests/rhel8_packages_installed_correct_target.fail.sh -@@ -1,4 +1,4 @@ - #!/bin/bash --# platform = Red Hat Enterprise Linux 8 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8 - # packages = xorg-x11-server-Xorg,xorg-x11-server-common,xorg-x11-server-utils,xorg-x11-server-Xwayland - -diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/tests/rhel8_packages_installed_wrong_target.fail.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/tests/rhel8_packages_installed_wrong_target.fail.sh -index c678ef71..5b835c55 100644 ---- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/tests/rhel8_packages_installed_wrong_target.fail.sh -+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/tests/rhel8_packages_installed_wrong_target.fail.sh -@@ -1,5 +1,5 @@ - #!/bin/bash --# platform = Red Hat Enterprise Linux 8 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8 - # packages = xorg-x11-server-Xorg,xorg-x11-server-common,xorg-x11-server-utils,xorg-x11-server-Xwayland - - systemctl set-default graphical.target diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/ansible/shared.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/ansible/shared.yml index 7c3ef557..fbf7bcec 100644 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/ansible/shared.yml @@ -4643,7 +4815,7 @@ index 7c3ef557..fbf7bcec 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml -index de0e359a..1afa0d74 100644 +index df56a30b..bd084a90 100644 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml @@ -1,6 +1,6 @@ @@ -4654,6 +4826,15 @@ index de0e359a..1afa0d74 100644 title: 'Disable X Windows Startup By Setting Default Target' +@@ -39,7 +39,7 @@ references: + nist: CM-7(a),CM-7(b),CM-6(a) + nist-csf: PR.AC-3,PR.PT-4 + srg: SRG-OS-000480-GPOS-00227 +- stigid@rhel8: RHEL-08-040321 ++ stigid@almalinux8: RHEL-08-040321 + + ocil_clause: 'the X windows display server is running and/or has not been disabled' + diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh index f7837a25..232f3740 100644 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh @@ -4705,17 +4886,17 @@ index 4f6d64fd..3c980eea 100644 # strategy = unknown # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh -index f6d5f160..3f901f27 100644 +index 3aaa9140..b9490912 100644 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - . /usr/share/scap-security-guide/remediation_functions +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle + {{{ bash_instantiate_variables("login_banner_text") }}} diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml -index 185b8246..e08e5d5f 100644 +index d5ecd700..6fcb28ec 100644 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml @@ -1,6 +1,6 @@ @@ -4726,9 +4907,9 @@ index 185b8246..e08e5d5f 100644 title: 'Modify the System Login Banner' -@@ -106,7 +106,7 @@ references: - srg: SRG-OS-000023-GPOS-00006,SRG-OS-000024-GPOS-00007 +@@ -114,7 +114,7 @@ references: stigid@ol7: OL07-00-010050 + stigid@ol8: OL08-00-010060 stigid@rhel7: RHEL-07-010050 - stigid@rhel8: RHEL-08-010060 + stigid@almalinux8: RHEL-08-010060 @@ -4746,96 +4927,96 @@ index 2c645889..ab68929b 100644 # strategy = unknown # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh -index 4a3844a7..bf49e397 100644 +index c8267a96..03f6e6ae 100644 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("login_banner_text") }}} diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml -index bb74c68d..ad43307f 100644 +index d8d116b5..f19df990 100644 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'Modify the System Message of the Day Banner' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml -index 01c1244d..0543798a 100644 +index 856b4477..12dd6c8c 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Verify Group Ownership of System Login Banner' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml -index 983c0b60..f8a6cee2 100644 +index 67ded673..3a8e93c1 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Verify Group Ownership of Message of the Day Banner' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml -index d73943a2..4095965a 100644 +index 2ff9b03e..3966251a 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Verify ownership of System Login Banner' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml -index 9a05169c..e703f8e1 100644 +index 279fad53..9dc1dce7 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Verify ownership of Message of the Day Banner' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml -index cc7ab4b5..0e82ddd2 100644 +index 7e833828..b9de8d32 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Verify permissions on System Login Banner' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml -index ee01ebf3..92b16e2a 100644 +index 71c9d5b0..55d7079a 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Verify permissions on Message of the Day Banner' @@ -4850,7 +5031,7 @@ index 5814a30b..aa4aa4c5 100644 # strategy = unknown # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml -index b6ba3edc..a4d11762 100644 +index c9bf3fb1..6a77807d 100644 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml @@ -1,6 +1,6 @@ @@ -4861,9 +5042,9 @@ index b6ba3edc..a4d11762 100644 title: 'Enable GNOME3 Login Warning Banner' -@@ -54,7 +54,7 @@ references: - srg: SRG-OS-000023-GPOS-00006,SRG-OS-000024-GPOS-00007,SRG-OS-000228-GPOS-00088 +@@ -57,7 +57,7 @@ references: stigid@ol7: OL07-00-010030 + stigid@ol8: OL08-00-010049 stigid@rhel7: RHEL-07-010030 - stigid@rhel8: RHEL-08-010049 + stigid@almalinux8: RHEL-08-010049 @@ -4880,18 +5061,8 @@ index 86aff54f..b295782b 100644 # reboot = false # strategy = unknown # complexity = low -diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/bash/shared.sh -index d15a814e..f914cdf0 100644 ---- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/bash/shared.sh -+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_sle -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol,multi_platform_sle - . /usr/share/scap-security-guide/remediation_functions - {{{ bash_instantiate_variables("login_banner_text") }}} - diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml -index 2a58d096..10e69440 100644 +index 9ba8310e..53f61be4 100644 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml @@ -1,6 +1,6 @@ @@ -4902,9 +5073,9 @@ index 2a58d096..10e69440 100644 title: 'Set the GNOME3 Login Warning Banner Text' -@@ -52,7 +52,7 @@ references: - srg: SRG-OS-000023-GPOS-00006,SRG-OS-000024-GPOS-00007,SRG-OS-000228-GPOS-00088 +@@ -55,7 +55,7 @@ references: stigid@ol7: OL07-00-010040 + stigid@ol8: OL08-00-010050 stigid@rhel7: RHEL-07-010040 - stigid@rhel8: RHEL-08-010050 + stigid@almalinux8: RHEL-08-010050 @@ -4923,88 +5094,86 @@ index 4f31757c..0ed60e11 100644 # packages = dconf,gdm diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml -index 7184cb2f..7da232a4 100644 +index ad3f0771..be0b1bef 100644 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml -@@ -4,7 +4,7 @@ - {{% set pam_lastlog_filename = "postlogin" %}} - {{% endif %}} - --# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux -+# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux +@@ -1,4 +1,4 @@ +-# platform = multi_platform_rhel,multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh -index f39293d6..41cd9809 100644 +index 138c7e0f..c0ee609d 100644 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh -@@ -3,7 +3,7 @@ - {{% else %}} - {{% set pam_lastlog_path = "/etc/pam.d/postlogin" %}} - {{% endif %}} --# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux -+# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux - . /usr/share/scap-security-guide/remediation_functions +@@ -1,4 +1,4 @@ +-# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ubuntu ++# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ubuntu - ensure_pam_module_options '{{{ pam_lastlog_path }}}' 'session' 'required' 'pam_lastlog.so' 'showfailed' "" "" + if [ -f /usr/bin/authselect ]; then + if authselect check; then diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml -index e8403af7..32ea4dff 100644 +index a8963c8c..aec18abe 100644 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml -@@ -47,7 +47,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -48,7 +48,7 @@ references: stigid@ol7: OL07-00-040530 + stigid@ol8: OL08-00-020340 stigid@rhel7: RHEL-07-040530 - stigid@rhel8: RHEL-08-020340 + stigid@almalinux8: RHEL-08-020340 stigid@sle12: SLES-12-010390 stigid@sle15: SLES-15-020080 stigid@ubuntu2004: UBTU-20-010453 -diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/correct_value.pass.sh -index 73500d38..90c6989b 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/correct_value.pass.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/correct_value.pass.sh -@@ -1,5 +1,5 @@ +diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh +index 745560a8..1a01cc0c 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = multi_platform_rhel,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora - rm -f /etc/pam.d/postlogin - echo "session required pam_lastlog.so showfailed" >> /etc/pam.d/postlogin -diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/default_config.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/default_config.fail.sh -index 0a732124..87afb9f2 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/default_config.fail.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/default_config.fail.sh -@@ -1,5 +1,5 @@ + authselect create-profile hardening -b sssd + CUSTOM_PROFILE="custom/hardening" +diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh +index c8e492a9..49d4d99a 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = multi_platform_rhel,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora - rm -f /etc/pam.d/postlogin - -diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/wrong_value.fail.sh -index 319fdefa..49a5a712 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/wrong_value.fail.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/wrong_value.fail.sh -@@ -1,5 +1,5 @@ + authselect create-profile hardening -b sssd + CUSTOM_PROFILE="custom/hardening" +diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh +index 84b10027..4425caae 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = multi_platform_rhel,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none - rm -f /etc/pam.d/postlogin - # pamd ansible module has a bug that if there is only one line in the file it raises an Out of Index exception -diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/wrong_value_silent.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/wrong_value_silent.fail.sh -index 8a1791e9..7b618636 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/wrong_value_silent.fail.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/wrong_value_silent.fail.sh -@@ -1,5 +1,5 @@ + SYSTEM_AUTH_FILE="/etc/pam.d/system-auth" +diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh +index 31973526..a4818191 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = multi_platform_rhel,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora - rm -f /etc/pam.d/postlogin - # pamd ansible module has a bug that if there is only one line in the file it raises an Out of Index exception + authselect create-profile hardening -b sssd + CUSTOM_PROFILE="custom/hardening" diff --git a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml index bd7ad0c9..b11a08e0 100644 --- a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml @@ -5038,7 +5207,7 @@ index c21c1cb8..e663f820 100644 title: Set Up a Private Namespace in PAM Configuration diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml -index 8b004c12..a2f505b5 100644 +index f3475f56..3795e5ea 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -5048,17 +5217,17 @@ index 8b004c12..a2f505b5 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh -index 2d2b50f1..46bc9fde 100644 +index f9d341f0..882ee40d 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}} diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml -index 62b6f55e..0fb9273f 100644 +index 69a36c49..fd8355a5 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml @@ -1,6 +1,6 @@ @@ -5069,50 +5238,77 @@ index 62b6f55e..0fb9273f 100644 title: 'Limit Password Reuse: password-auth' -@@ -41,7 +41,7 @@ references: - srg: SRG-OS-000077-GPOS-00045 +@@ -43,7 +43,7 @@ references: stigid@ol7: OL07-00-010270 + stigid@ol8: OL08-00-020220 stigid@rhel7: RHEL-07-010270 -- stigid@rhel8: RHEL-08-020220 -+ stigid@almalinux8: RHEL-08-020220 +- stigid@rhel8: RHEL-08-020221 ++ stigid@almalinux8: RHEL-08-020221 vmmsrg: SRG-OS-000077-VMM-000440 ocil_clause: |- -diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/rhel8_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/rhel8_argument_missing.fail.sh -index 773e68ea..b462705c 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/rhel8_argument_missing.fail.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/rhel8_argument_missing.fail.sh -@@ -1,5 +1,5 @@ +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_argument_missing.fail.sh +index 70ffeb21..3daa780d 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_argument_missing.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_argument_missing.fail.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux - # variables = var_password_pam_remember_control_flag=required - # packages = pam + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite -diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/rhel8_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/rhel8_correct_value.pass.sh -index 89f88502..a9d6d878 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/rhel8_correct_value.pass.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/rhel8_correct_value.pass.sh -@@ -1,5 +1,5 @@ + authselect create-profile hardening -b sssd +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value.pass.sh +index 601400d7..aa768167 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value.pass.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux - # variables = var_password_pam_remember_control_flag=required - # packages = pam + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite -diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/rhel8_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/rhel8_wrong_value.fail.sh -index 148a4519..93a4e361 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/rhel8_wrong_value.fail.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/rhel8_wrong_value.fail.sh -@@ -1,5 +1,5 @@ + remember_cnt=5 +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh +index 84b10027..4425caae 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux - # variables = var_password_pam_remember_control_flag=required - # packages = pam + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none + SYSTEM_AUTH_FILE="/etc/pam.d/system-auth" +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh +index a1f7ed3c..6a03cccd 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite + + remember_cnt=5 +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value.fail.sh +index 91953352..36ae78c6 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite + + remember_cnt=3 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml -index 57394231..610fd9e6 100644 +index 63ac7db7..52177dff 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -5122,17 +5318,17 @@ index 57394231..610fd9e6 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh -index 2ccc2024..15561950 100644 +index 2fa41c88..17e1175c 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}} diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml -index 8cc56eb8..c7a1d0da 100644 +index e30d9f6a..27c416a2 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml @@ -1,6 +1,6 @@ @@ -5143,50 +5339,77 @@ index 8cc56eb8..c7a1d0da 100644 title: 'Limit Password Reuse: system-auth' -@@ -41,7 +41,7 @@ references: - srg: SRG-OS-000077-GPOS-00045 +@@ -43,7 +43,7 @@ references: stigid@ol7: OL07-00-010270 + stigid@ol8: OL08-00-020220 stigid@rhel7: RHEL-07-010270 - stigid@rhel8: RHEL-08-020220 + stigid@almalinux8: RHEL-08-020220 vmmsrg: SRG-OS-000077-VMM-000440 ocil_clause: |- -diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/rhel8_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/rhel8_argument_missing.fail.sh -index e8f36c8d..0d23f6c6 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/rhel8_argument_missing.fail.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/rhel8_argument_missing.fail.sh -@@ -1,5 +1,5 @@ +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_argument_missing.fail.sh +index 3acc798e..23ebf802 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_argument_missing.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_argument_missing.fail.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux - # variables = var_password_pam_remember_control_flag=required - # packages = pam + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite -diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/rhel8_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/rhel8_correct_value.pass.sh -index 6aee4cd7..1c489449 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/rhel8_correct_value.pass.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/rhel8_correct_value.pass.sh -@@ -1,5 +1,5 @@ + authselect create-profile hardening -b sssd +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value.pass.sh +index d0e5ea66..26c5a3e1 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value.pass.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux - # variables = var_password_pam_remember_control_flag=required - # packages = pam + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite -diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/rhel8_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/rhel8_wrong_value.fail.sh -index 2bf4eebf..bb6d67c1 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/rhel8_wrong_value.fail.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/rhel8_wrong_value.fail.sh -@@ -1,5 +1,5 @@ + remember_cnt=5 +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh +index 84b10027..4425caae 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux - # variables = var_password_pam_remember_control_flag=required - # packages = pam + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none + SYSTEM_AUTH_FILE="/etc/pam.d/system-auth" +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh +index 4891c441..314a2fad 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite + + remember_cnt=5 +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value.fail.sh +index 1523a9aa..53261854 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite + + remember_cnt=3 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/ansible/shared.yml -index dcaff8a5..abdaed66 100644 +index 2bdc7fab..d3a5f0d9 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -5196,17 +5419,17 @@ index dcaff8a5..abdaed66 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/bash/shared.sh -index e0dabe67..543d2e2c 100644 +index f3d2d4c9..db12348e 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - . /usr/share/scap-security-guide/remediation_functions +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle + {{{ bash_instantiate_variables("var_password_pam_unix_remember") }}} diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml -index a2b66fc4..5fd4bcd2 100644 +index 8228339c..e1a4b4f4 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml @@ -1,6 +1,6 @@ @@ -5217,123 +5440,276 @@ index a2b66fc4..5fd4bcd2 100644 title: 'Limit Password Reuse' -diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/argument_missing.fail.sh -index c8993ef2..ade70b89 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/argument_missing.fail.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/argument_missing.fail.sh -@@ -1,5 +1,5 @@ +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_argument_missing.fail.sh +index 9d150e25..f93697d4 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_argument_missing.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_argument_missing.fail.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux -+# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_wrlinux + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_unix_remember=5 - for auth_file in system-auth password-auth - do -diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/rhel8_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/rhel8_correct_value.pass.sh -index 3f37257c..518883a6 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/rhel8_correct_value.pass.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/rhel8_correct_value.pass.sh -@@ -1,5 +1,5 @@ + authselect create-profile hardening -b sssd +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value.pass.sh +index 520ce05a..38816afe 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value.pass.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8 + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_unix_remember=5 remember_cnt=5 - for auth_file in system-auth password-auth -diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/rhel8_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/rhel8_wrong_value.fail.sh -index 86ec2380..d349b1a3 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/rhel8_wrong_value.fail.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/rhel8_wrong_value.fail.sh -@@ -1,5 +1,5 @@ +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh +index 84b10027..4425caae 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh +@@ -1,6 +1,6 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8 + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none + + SYSTEM_AUTH_FILE="/etc/pam.d/system-auth" +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value.fail.sh +index 48138ce3..bcb790e6 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_unix_remember=5 remember_cnt=3 - for auth_file in system-auth password-auth diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml -index 0622ae76..8359d1fa 100644 +index d7344bd3..f5acfc8f 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/bash/shared.sh -index 3157d341..9af8913c 100644 +index 1ec0b35f..36e16a61 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - . /usr/share/scap-security-guide/remediation_functions +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle + {{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_deny") }}} diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml -index 141f4c5b..1baa8f5e 100644 +index 7116c61a..1cc2da48 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019 - title: 'Set Deny For Failed Password Attempts' + title: 'Lock Accounts After Failed Password Attempts' -@@ -49,7 +49,7 @@ references: - srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005 +@@ -47,7 +47,7 @@ references: stigid@ol7: OL07-00-010320 + stigid@ol8: OL08-00-020010 stigid@rhel7: RHEL-07-010320 - stigid@rhel8: RHEL-08-020010 + stigid@almalinux8: RHEL-08-020010 vmmsrg: SRG-OS-000021-VMM-000050 - ocil_clause: 'that is not the case' + ocil_clause: 'limiting the number of failed logon attempts for users is not configured' +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh +index 1698c1c7..eefea7dc 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh +@@ -1,5 +1,5 @@ + #!/bin/bash +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none + + SYSTEM_AUTH_FILE="/etc/pam.d/system-auth" +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh +index 3ace8942..892d2841 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # remediation = none + # variables = var_accounts_passwords_pam_faillock_deny=3 + +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh +index 1f3098d5..e7908d00 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # variables = var_accounts_passwords_pam_faillock_deny=3 + + authselect select sssd --force +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh +index fd3ef218..be2476a9 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # variables = var_accounts_passwords_pam_faillock_deny=3 + + authselect select sssd --force +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh +index 7cc53fce..fe906797 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # remediation = none + # variables = var_accounts_passwords_pam_faillock_deny=3 + +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh +index fa81b645..f05ad984 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # variables = var_accounts_passwords_pam_faillock_deny=3 + + authselect select sssd --force diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml -index d81d8d87..28148b44 100644 +index 8ebe5179..a6e53a36 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh -index d43c33d2..57b4374d 100644 +index 1dc8548b..1002d32c 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle - AUTH_FILES[0]="/etc/pam.d/system-auth" - AUTH_FILES[1]="/etc/pam.d/password-auth" + if [ -f /usr/sbin/authconfig ]; then + authconfig --enablefaillock --update diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml -index 25dfb328..90ec1676 100644 +index 6004aa8b..b7794d81 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019 title: 'Configure the root Account for Failed Password Attempts' -@@ -46,7 +46,7 @@ references: - srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005 +@@ -41,7 +41,7 @@ references: stigid@ol7: OL07-00-010330 + stigid@ol8: OL08-00-020022 stigid@rhel7: RHEL-07-010330 - stigid@rhel8: RHEL-08-020022 + stigid@almalinux8: RHEL-08-020022 - ocil_clause: 'that is not the case' + ocil_clause: 'limiting the number of failed logon attempts for the root user is not configured' +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh +index 1698c1c7..eefea7dc 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh +@@ -1,5 +1,5 @@ + #!/bin/bash +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none + + SYSTEM_AUTH_FILE="/etc/pam.d/system-auth" +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh +index cc8c766a..b5274885 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # remediation = none + + authselect select sssd --force +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh +index ce8ab690..4ef28d9b 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + + authselect select sssd --force + authselect enable-feature with-faillock +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh +index d055d651..bab42079 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # remediation = none + + authselect select sssd --force +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml +index f7720460..97f584f6 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml +@@ -1,4 +1,4 @@ +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9 + # reboot = false + # strategy = restrict + # complexity = low +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh +index 937c54e1..54190884 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh +@@ -1,4 +1,4 @@ +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9 + + if authselect check; then + authselect enable-feature with-faillock diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml -index 5aec848f..cadf5993 100644 +index 78ca3bef..35c07ad4 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml @@ -1,6 +1,6 @@ @@ -5344,103 +5720,293 @@ index 5aec848f..cadf5993 100644 title: 'Enforce pam_faillock for Local Accounts Only' +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh +index 856bd56e..71194a32 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + + authselect select sssd --force + authselect disable-feature with-faillock +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh +index 075791de..1ccb03db 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + + authselect select sssd --force + authselect enable-feature with-faillock +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh +index 978cccce..8cc6c0b5 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # remediation = none + + authselect select sssd --force +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh +index 053f9110..04f36271 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # remediation = none + + # This test scenario manually modify the pam_faillock.so entries in auth section from diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml -index 96adcef6..b158fee5 100644 +index 5e10863a..504681e8 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh -index 87310288..8b7a7bdd 100644 +index 2d074ac8..1f288aba 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle + + {{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_fail_interval") }}} - # include our remediation functions library - . /usr/share/scap-security-guide/remediation_functions diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml -index 1df46bd4..601cec5d 100644 +index 28c02b16..3f5be3c3 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 title: 'Set Interval For Counting Failed Password Attempts' -@@ -54,7 +54,7 @@ references: - srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005 +@@ -68,7 +68,7 @@ references: stigid@ol7: OL07-00-010320 + stigid@ol8: OL08-00-020012 stigid@rhel7: RHEL-07-010320 - stigid@rhel8: RHEL-08-020012 + stigid@almalinux8: RHEL-08-020012 vmmsrg: SRG-OS-000021-VMM-000050 ocil_clause: 'fail_interval is less than the required value' +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh +index 1698c1c7..eefea7dc 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh +@@ -1,5 +1,5 @@ + #!/bin/bash +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none + + SYSTEM_AUTH_FILE="/etc/pam.d/system-auth" +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh +index 03aa084e..69025637 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # remediation = none + # variables = var_accounts_passwords_pam_faillock_fail_interval=900 + +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh +index 33d3847d..6c6ff204 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # variables = var_accounts_passwords_pam_faillock_fail_interval=900 + + authselect select sssd --force +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh +index 9ff681e5..c46804ea 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # variables = var_accounts_passwords_pam_faillock_fail_interval=900 + + authselect select sssd --force +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh +index 29f65d50..fe3dbe7a 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # remediation = none + # variables = var_accounts_passwords_pam_faillock_fail_interval=900 + +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh +index bcd46e74..6cd56ad2 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # variables = var_accounts_passwords_pam_faillock_fail_interval=900 + + authselect select sssd --force diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/ansible/shared.yml -index db44ce4f..329103e5 100644 +index 938ad04e..ce74f754 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/bash/shared.sh -index 7e36721d..4561783d 100644 +index 6b55cea5..56b4e403 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - . /usr/share/scap-security-guide/remediation_functions +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle + {{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_unlock_time") }}} diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml -index ea8c8fea..9ca6071b 100644 +index 1c8b500f..3d82041e 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 title: 'Set Lockout Time for Failed Password Attempts' -@@ -52,7 +52,7 @@ references: - srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005 +@@ -47,7 +47,7 @@ references: stigid@ol7: OL07-00-010320 + stigid@ol8: OL08-00-020014 stigid@rhel7: RHEL-07-010320 -- stigid@rhel8: RHEL-08-020014 -+ stigid@almalinux8: RHEL-08-020014 +- stigid@rhel8: RHEL-08-020016 ++ stigid@almalinux8: RHEL-08-020016 vmmsrg: SRG-OS-000329-VMM-001180 ocil_clause: 'unlock_time is less than the expected value' +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh +index 1698c1c7..eefea7dc 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh +@@ -1,5 +1,5 @@ + #!/bin/bash +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none + + SYSTEM_AUTH_FILE="/etc/pam.d/system-auth" +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh +index d68ebfad..9e3f6a72 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # remediation = none + # variables = var_accounts_passwords_pam_faillock_unlock_time=600 + +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh +index 2dc848cb..f2dce610 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # variables = var_accounts_passwords_pam_faillock_unlock_time=600 + + authselect select sssd --force +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh +index 38d95831..c4205265 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # variables = var_accounts_passwords_pam_faillock_unlock_time=600 + + authselect select sssd --force +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh +index a4e91c71..fddde09a 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # remediation = none + # variables = var_accounts_passwords_pam_faillock_unlock_time=600 + +diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh +index 5c59de7c..35ad23e6 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 ++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8 + # variables = var_accounts_passwords_pam_faillock_unlock_time=600 + + authselect select sssd --force diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml -index 8dad49f0..3ff43ace 100644 +index 8fa303fd..fabf9fae 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Ensure PAM Enforces Password Requirements - Minimum Digit Characters' -@@ -48,7 +48,7 @@ references: - srg: SRG-OS-000071-GPOS-00039 +@@ -52,7 +52,7 @@ references: stigid@ol7: OL07-00-010140 + stigid@ol8: OL08-00-020130 stigid@rhel7: RHEL-07-010140 - stigid@rhel8: RHEL-08-020130 + stigid@almalinux8: RHEL-08-020130 @@ -5448,28 +6014,28 @@ index 8dad49f0..3ff43ace 100644 vmmsrg: SRG-OS-000071-VMM-000380 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml -index d0d4b8c5..eca44d53 100644 +index f70dbc38..7385655e 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhel8,ubuntu2004 -+prodtype: fedora,rhel8,almalinux8,ubuntu2004 +-prodtype: fedora,ol8,rhel8,rhel9,ubuntu2004 ++prodtype: fedora,ol8,rhel8,almalinux8,rhel9,ubuntu2004 title: 'Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words' -@@ -28,7 +28,7 @@ references: - disa: CCI-000366 +@@ -30,7 +30,7 @@ references: nist: IA-5(c),IA-5(1)(a),CM-6(a),IA-5(4) srg: SRG-OS-000480-GPOS-00225 + stigid@ol8: OL08-00-020300 - stigid@rhel8: RHEL-08-020300 + stigid@almalinux8: RHEL-08-020300 stigid@ubuntu2004: UBTU-20-010056 ocil_clause: 'dictcheck is not found or not equal to the required value' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml -index d601c53e..8fbefbb6 100644 +index 6ec7dddb..b3a80208 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml @@ -1,6 +1,6 @@ @@ -5480,9 +6046,9 @@ index d601c53e..8fbefbb6 100644 title: 'Ensure PAM Enforces Password Requirements - Minimum Different Characters' -@@ -47,7 +47,7 @@ references: - srg: SRG-OS-000072-GPOS-00040 +@@ -48,7 +48,7 @@ references: stigid@ol7: OL07-00-010160 + stigid@ol8: OL08-00-020170 stigid@rhel7: RHEL-07-010160 - stigid@rhel8: RHEL-08-020170 + stigid@almalinux8: RHEL-08-020170 @@ -5514,20 +6080,20 @@ index 33dcaf08..7fe6101a 100644 title: 'Ensure PAM Enforces Password Requirements - Enforce for root User' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml -index 0f00a166..cb287eb0 100644 +index ecc5aa5b..c7ab88cf 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters' -@@ -48,7 +48,7 @@ references: - srg: SRG-OS-000070-GPOS-00038 +@@ -52,7 +52,7 @@ references: stigid@ol7: OL07-00-010130 + stigid@ol8: OL08-00-020120 stigid@rhel7: RHEL-07-010130 - stigid@rhel8: RHEL-08-020120 + stigid@almalinux8: RHEL-08-020120 @@ -5535,7 +6101,7 @@ index 0f00a166..cb287eb0 100644 vmmsrg: SRG-OS-000070-VMM-000370 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml -index 1d53a714..e537640a 100644 +index 9a829ac5..4d10c97f 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml @@ -1,6 +1,6 @@ @@ -5546,9 +6112,9 @@ index 1d53a714..e537640a 100644 title: 'Ensure PAM Enforces Password Requirements - Maximum Consecutive Repeating Characters from Same Character Class' -@@ -39,7 +39,7 @@ references: - srg: SRG-OS-000072-GPOS-00040 +@@ -40,7 +40,7 @@ references: stigid@ol7: OL07-00-010190 + stigid@ol8: OL08-00-020140 stigid@rhel7: RHEL-07-010190 - stigid@rhel8: RHEL-08-020140 + stigid@almalinux8: RHEL-08-020140 @@ -5556,7 +6122,7 @@ index 1d53a714..e537640a 100644 ocil_clause: 'that is not the case' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml -index 9855b104..05b877ac 100644 +index d66cd6c1..341d60e4 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml @@ -1,6 +1,6 @@ @@ -5567,9 +6133,9 @@ index 9855b104..05b877ac 100644 title: 'Set Password Maximum Consecutive Repeating Characters' -@@ -41,7 +41,7 @@ references: - srg: SRG-OS-000072-GPOS-00040 +@@ -42,7 +42,7 @@ references: stigid@ol7: OL07-00-010180 + stigid@ol8: OL08-00-020150 stigid@rhel7: RHEL-07-010180 - stigid@rhel8: RHEL-08-020150 + stigid@almalinux8: RHEL-08-020150 @@ -5577,7 +6143,7 @@ index 9855b104..05b877ac 100644 ocil_clause: 'maxrepeat is not found or not greater than or equal to the required value' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml -index 35b4e357..9a719b34 100644 +index 80271080..4362ce4d 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml @@ -1,6 +1,6 @@ @@ -5588,9 +6154,9 @@ index 35b4e357..9a719b34 100644 title: 'Ensure PAM Enforces Password Requirements - Minimum Different Categories' -@@ -57,7 +57,7 @@ references: - srg: SRG-OS-000072-GPOS-00040 +@@ -58,7 +58,7 @@ references: stigid@ol7: OL07-00-010170 + stigid@ol8: OL08-00-020160 stigid@rhel7: RHEL-07-010170 - stigid@rhel8: RHEL-08-020160 + stigid@almalinux8: RHEL-08-020160 @@ -5598,20 +6164,20 @@ index 35b4e357..9a719b34 100644 ocil_clause: 'minclass is not found or not set equal to or greater than the required value' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml -index db404151..6644947c 100644 +index 1dacca4f..32074440 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Ensure PAM Enforces Password Requirements - Minimum Length' -@@ -47,7 +47,7 @@ references: - srg: SRG-OS-000078-GPOS-00046 +@@ -51,7 +51,7 @@ references: stigid@ol7: OL07-00-010280 + stigid@ol8: OL08-00-020230 stigid@rhel7: RHEL-07-010280 - stigid@rhel8: RHEL-08-020230 + stigid@almalinux8: RHEL-08-020230 @@ -5619,28 +6185,206 @@ index db404151..6644947c 100644 vmmsrg: SRG-OS-000072-VMM-000390,SRG-OS-000078-VMM-000450 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml -index 34614935..241f3bc3 100644 +index 5ea25228..f696b791 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Ensure PAM Enforces Password Requirements - Minimum Special Characters' -@@ -49,7 +49,7 @@ references: - srg: SRG-OS-000266-GPOS-00101 +@@ -52,7 +52,7 @@ references: stigid@ol7: OL07-00-010150 + stigid@ol8: OL08-00-020280 stigid@rhel7: RHEL-07-010150 - stigid@rhel8: RHEL-08-020280 + stigid@almalinux8: RHEL-08-020280 stigid@ubuntu2004: UBTU-20-010055 vmmsrg: SRG-OS-000266-VMM-000940 +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml +index b44c91cb..ddab1b11 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml +@@ -1,4 +1,4 @@ +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux + # reboot = false + # strategy = configure + # complexity = low +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh +index d2fca2a7..54ba9638 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh +@@ -1,4 +1,4 @@ +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux + + PAM_FILE="password-auth" + +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml +index 34dd6e2f..4f884cdc 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: fedora,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,rhv4 + + title: 'Ensure PAM password complexity module is enabled in password-auth' + +@@ -24,7 +24,7 @@ identifiers: + references: + disa: CCI-000366 + srg: SRG-OS-000480-GPOS-00227 +- stigid@rhel8: RHEL-08-020100 ++ stigid@almalinux8: RHEL-08-020100 + + ocil_clause: 'pam_pwquality.so is not enabled in password-auth' + +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh +index 3d696c36..e61d1861 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + + authselect create-profile hardening -b sssd + CUSTOM_PROFILE="custom/hardening" +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh +index 04358992..761dd879 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + + authselect create-profile hardening -b sssd + CUSTOM_PROFILE="custom/hardening" +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh +index 472616a5..40fada43 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + + authselect create-profile hardening -b sssd + CUSTOM_PROFILE="custom/hardening" +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh +index 59f9d6f7..f5217b7e 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none + + SYSTEM_AUTH_FILE="/etc/pam.d/password-auth" +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml +index 13cd2045..22a155a2 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml +@@ -1,4 +1,4 @@ +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux + # reboot = false + # strategy = configure + # complexity = low +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh +index 9a7972a3..7bb7e02c 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh +@@ -1,4 +1,4 @@ +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux + + PAM_FILE="system-auth" + +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml +index a5189c61..05a02b7c 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: fedora,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,rhv4 + + title: 'Ensure PAM password complexity module is enabled in system-auth' + +@@ -24,7 +24,7 @@ identifiers: + references: + disa: CCI-000366 + srg: SRG-OS-000480-GPOS-00227 +- stigid@rhel8: RHEL-08-020101 ++ stigid@almalinux8: RHEL-08-020101 + + ocil_clause: 'pam_pwquality.so is not enabled in system-auth' + +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh +index 849f16d0..72680589 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + + authselect create-profile hardening -b sssd + CUSTOM_PROFILE="custom/hardening" +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh +index 6a98c244..5cdd9203 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + + authselect create-profile hardening -b sssd + CUSTOM_PROFILE="custom/hardening" +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh +index 6786f6c1..d2cbf886 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + + authselect create-profile hardening -b sssd + CUSTOM_PROFILE="custom/hardening" +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh +index b3d9e588..890c1cab 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none + + SYSTEM_AUTH_FILE="/etc/pam.d/system-auth" diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml -index d4017ce6..d0e015ab 100644 +index 2ba2501d..d44ffffb 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -5650,7 +6394,7 @@ index d4017ce6..d0e015ab 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml -index 36ef711c..ae7be267 100644 +index 6b2219a3..00695601 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml @@ -1,6 +1,6 @@ @@ -5661,63 +6405,74 @@ index 36ef711c..ae7be267 100644 title: 'Ensure PAM Enforces Password Requirements - Authentication Retry Prompts Permitted Per-Session' -@@ -43,7 +43,7 @@ references: - srg: SRG-OS-000480-GPOS-00225,SRG-OS-000069-GPOS-00037 +@@ -51,7 +51,7 @@ references: stigid@ol7: OL07-00-010119 + stigid@ol8: OL08-00-020100 stigid@rhel7: RHEL-07-010119 -- stigid@rhel8: RHEL-08-020100 -+ stigid@almalinux8: RHEL-08-020100 +- stigid@rhel8: RHEL-08-020104 ++ stigid@almalinux8: RHEL-08-020104 stigid@ubuntu2004: UBTU-20-010057 ocil_clause: 'it is not the required value' -diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/rhel8_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/rhel8_argument_missing.fail.sh -index fb3acb2b..20f3d945 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/rhel8_argument_missing.fail.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/rhel8_argument_missing.fail.sh +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh +index cf3b3a70..c82c812f 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8 +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9 ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9 + # variables = var_password_pam_retry=3 - for auth_file in system-auth password-auth - do -diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/rhel8_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/rhel8_correct_value.pass.sh -index d6f07df7..5c4b5569 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/rhel8_correct_value.pass.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/rhel8_correct_value.pass.sh + CONF_FILE="/etc/security/pwquality.conf" +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh +index c0d4fe6c..0fd1cf73 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8 +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9 ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9 + # variables = var_password_pam_retry=3 - retry_cnt=3 - for auth_file in system-auth password-auth -diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/rhel8_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/rhel8_wrong_value.fail.sh -index f4988fa1..d94dfaaf 100644 ---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/rhel8_wrong_value.fail.sh -+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/rhel8_wrong_value.fail.sh + CONF_FILE="/etc/security/pwquality.conf" +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_missing.fail.sh +index 3f6c22c5..67fdf9fd 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_missing.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_missing.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8 +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9 ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9 - retry_cnt=7 - for auth_file in system-auth password-auth + CONF_FILE="/etc/security/pwquality.conf" + +diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh +index 008be5ba..63708206 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh +@@ -1,5 +1,5 @@ + #!/bin/bash +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9 ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9 + # variables = var_password_pam_retry=3 + + CONF_FILE="/etc/security/pwquality.conf" diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml -index 2a3bb9e1..18b8b205 100644 +index e1c2e35e..05c7be63 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters' -@@ -45,7 +45,7 @@ references: - srg: SRG-OS-000069-GPOS-00037 +@@ -49,7 +49,7 @@ references: stigid@ol7: OL07-00-010120 + stigid@ol8: OL08-00-020110 stigid@rhel7: RHEL-07-010120 - stigid@rhel8: RHEL-08-020110 + stigid@almalinux8: RHEL-08-020110 @@ -5725,12 +6480,12 @@ index 2a3bb9e1..18b8b205 100644 vmmsrg: SRG-OS-000069-VMM-000360 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml -index f0b884d9..59e66c07 100644 +index b3e32aa3..547d137b 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle # reboot = false # strategy = restrict # complexity = low @@ -5745,14 +6500,14 @@ index f929a6e9..9145de3b 100644 LIBUSER_CONF="/etc/libuser.conf" CRYPT_STYLE_REGEX='[[:space:]]*\[defaults](.*(\n)+)+?[[:space:]]*crypt_style[[:space:]]*' diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml -index f3b9c7ba..b5173e62 100644 +index 29e6497f..25769aee 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019 title: 'Set Password Hashing Algorithm in /etc/libuser.conf' @@ -5767,17 +6522,17 @@ index 8dedf993..51c76b11 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh -index 377570ae..c6ed161b 100644 +index 9e3a37d5..706c78de 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - . /usr/share/scap-security-guide/remediation_functions +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle + {{{ bash_instantiate_variables("var_password_hashing_algorithm") }}} diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml -index 7183cf0e..e4cd63f5 100644 +index 3d9cd4fd..3b855832 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml @@ -1,6 +1,6 @@ @@ -5788,17 +6543,48 @@ index 7183cf0e..e4cd63f5 100644 title: 'Set Password Hashing Algorithm in /etc/login.defs' -@@ -42,7 +42,7 @@ references: - srg: SRG-OS-000073-GPOS-00041 +@@ -45,7 +45,7 @@ references: stigid@ol7: OL07-00-010210 + stigid@ol8: OL08-00-010110 stigid@rhel7: RHEL-07-010210 - stigid@rhel8: RHEL-08-010110 + stigid@almalinux8: RHEL-08-010110 stigid@sle12: SLES-12-010210 stigid@sle15: SLES-15-010260 stigid@ubuntu2004: UBTU-20-010404 +diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh +index 1c151a1e..5366f717 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh ++++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh +@@ -1,4 +1,4 @@ +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv + + if ! grep -q "^password.*sufficient.*pam_unix.so.*sha512" "/etc/pam.d/password-auth"; then + sed -i --follow-symlinks "/^password.*sufficient.*pam_unix.so/ s/$/ sha512/" "/etc/pam.d/password-auth" +diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml +index 93752691..0e7e49f4 100644 +--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml ++++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: fedora,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,rhel7,rhel8,almalinux8,rhel9,rhv4 + + title: "Set PAM's Password Hashing Algorithm - password-auth" + +@@ -58,7 +58,7 @@ references: + pcidss: Req-8.2.1 + srg: SRG-OS-000073-GPOS-00041 + stigid@rhel7: RHEL-07-010200 +- stigid@rhel8: RHEL-08-010160 ++ stigid@almalinux8: RHEL-08-010160 + vmmsrg: SRG-OS-000480-VMM-002000 + + ocil_clause: 'it does not' diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/bash/shared.sh -index 02af406f..67248912 100644 +index e7503fee..7ef88148 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/bash/shared.sh @@ -1,4 +1,4 @@ @@ -5806,9 +6592,9 @@ index 02af406f..67248912 100644 +# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv AUTH_FILES[0]="/etc/pam.d/system-auth" - AUTH_FILES[1]="/etc/pam.d/password-auth" + {{%- if product == "rhel7" %}} diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml -index 24ab30d7..cae46763 100644 +index 59fb48e9..a819d163 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml @@ -1,6 +1,6 @@ @@ -5819,12 +6605,12 @@ index 24ab30d7..cae46763 100644 title: "Set PAM's Password Hashing Algorithm" -@@ -69,7 +69,7 @@ references: - srg: SRG-OS-000073-GPOS-00041 +@@ -70,7 +70,7 @@ references: stigid@ol7: OL07-00-010200 + stigid@ol8: OL08-00-010160 stigid@rhel7: RHEL-07-010200 -- stigid@rhel8: RHEL-08-010160 -+ stigid@almalinux8: RHEL-08-010160 +- stigid@rhel8: RHEL-08-010159 ++ stigid@almalinux8: RHEL-08-010159 stigid@sle12: SLES-12-010230 stigid@sle15: SLES-15-020170 vmmsrg: SRG-OS-000480-VMM-002000 @@ -5839,15 +6625,15 @@ index f6888e51..cae502b8 100644 # strategy = disable # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/bash/shared.sh -index 7d4faedf..8e068a06 100644 +index 23edb3c9..daae2463 100644 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol +-# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu ++# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_replace_or_append('/etc/systemd/system.conf', '^CtrlAltDelBurstAction=', 'none', '%s=%s') }}} diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml index 3045574e..7ce6bb46 100644 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml @@ -5860,7 +6646,7 @@ index 3045574e..7ce6bb46 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml -index 139d230b..1c712f97 100644 +index c7a63006..2ecbf610 100644 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml @@ -1,6 +1,6 @@ @@ -5871,17 +6657,17 @@ index 139d230b..1c712f97 100644 title: 'Disable Ctrl-Alt-Del Burst Action' -@@ -70,7 +70,7 @@ references: - nist-csf: PR.AC-4,PR.DS-5 +@@ -71,7 +71,7 @@ references: nist@sle15: CM-6(b),CM-6.1(iv) srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227 + stigid@ol8: OL08-00-040172 - stigid@rhel8: RHEL-08-040172 + stigid@almalinux8: RHEL-08-040172 stigid@sle15: SLES-15-040062 stigid@ubuntu2004: UBTU-20-010460 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/ansible/shared.yml -index 8ea1de86..a4edf584 100644 +index 30f06a87..d1b625dd 100644 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -5891,18 +6677,15 @@ index 8ea1de86..a4edf584 100644 # strategy = disable # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/bash/shared.sh -index 94767ad5..662dc0dd 100644 +index b20c5e3b..44ba612a 100644 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/bash/shared.sh -@@ -1,6 +1,6 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux - {{%- if init_system == "systemd" -%}} --{{% if product in ["rhel7", "rhel8"] %}} -+{{% if product in ["rhel7", "rhel8", "almalinux8"] %}} - # The process to disable ctrl+alt+del has changed in RHEL7. - # Reference: https://access.redhat.com/solutions/1123873 - {{% endif %}} +@@ -1,4 +1,4 @@ +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle,multi_platform_ubuntu + {{% if init_system == "systemd" -%}} + systemctl disable --now ctrl-alt-del.target + systemctl mask --now ctrl-alt-del.target diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml index 517c83c6..041e9a29 100644 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml @@ -5915,7 +6698,7 @@ index 517c83c6..041e9a29 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml -index 7c82f4a3..83c162a9 100644 +index e482731c..cfd3dd36 100644 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml @@ -1,6 +1,6 @@ @@ -5926,9 +6709,9 @@ index 7c82f4a3..83c162a9 100644 title: 'Disable Ctrl-Alt-Del Reboot Activation' -@@ -75,7 +75,7 @@ references: - srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227 +@@ -76,7 +76,7 @@ references: stigid@ol7: OL07-00-020230 + stigid@ol8: OL08-00-040170 stigid@rhel7: RHEL-07-020230 - stigid@rhel8: RHEL-08-040170 + stigid@almalinux8: RHEL-08-040170 @@ -5936,24 +6719,24 @@ index 7c82f4a3..83c162a9 100644 stigid@sle15: SLES-15-040060 stigid@ubuntu2004: UBTU-20-010460 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh -index b56b59b2..0e0b89ca 100644 +index 8b440146..f53923e8 100644 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora +-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu ++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu systemctl disable --now ctrl-alt-del.target systemctl mask --now ctrl-alt-del.target diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh -index 74342f02..9582fbea 100644 +index 2279cb46..f4777104 100644 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh @@ -1,4 +1,4 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora +-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu ++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu systemctl unmask ctrl-alt-del.target diff --git a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/ansible/shared.yml @@ -5962,16 +6745,6 @@ index 9e69fdf4..9eabacb9 100644 +++ b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/ansible/shared.yml @@ -1,4 +1,4 @@ -# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - # reboot = true - # strategy = restrict - # complexity = low -diff --git a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/bash/shared.sh -index 08876d7a..ad55d965 100644 ---- a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/bash/shared.sh -+++ b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv # reboot = true # strategy = restrict @@ -5989,20 +6762,20 @@ index bc371853..ace64b71 100644 title: 'Verify that Interactive Boot is Disabled' diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml -index 9e9556cb..610dcf76 100644 +index 5d28cffd..cb1d56d8 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml @@ -9,7 +9,7 @@ create: yes dest: /usr/lib/systemd/system/emergency.service regexp: "^#?ExecStart=" -- {{% if product in ["fedora", "rhel8", "ol8"] -%}} -+ {{% if product in ["fedora", "rhel8", "ol8", "almalinux8"] -%}} +- {{% if product in ["fedora", "rhel8", "rhel9", "ol8"] -%}} ++ {{% if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8"] -%}} line: "ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency" {{%- else -%}} line: 'ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"' diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh -index d8640d84..462a8279 100644 +index 3e9c8eb0..9cc6f175 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh @@ -1,8 +1,8 @@ @@ -6011,21 +6784,21 @@ index d8640d84..462a8279 100644 service_file="/usr/lib/systemd/system/emergency.service" --{{% if product in ["fedora", "rhel8", "ol8"] -%}} -+{{% if product in ["fedora", "rhel8", "ol8", "almalinux8"] -%}} +-{{% if product in ["fedora", "rhel8", "rhel9", "ol8"] -%}} ++{{% if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8"] -%}} sulogin="/usr/lib/systemd/systemd-sulogin-shell emergency" {{%- else -%}} sulogin='/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"' diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml -index 51de85f6..9f2b3780 100644 +index ef3e796b..7a912d9a 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml @@ -12,7 +12,7 @@ /usr/lib/systemd/system/emergency.service -- {{%- if product in ["fedora", "rhel8", "ol8"] -%}} -+ {{%- if product in ["fedora", "rhel8", "ol8", "almalinux8"] -%}} +- {{%- if product in ["fedora", "rhel8", "rhel9", "ol8"] -%}} ++ {{%- if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8"] -%}} ^ExecStart=\-/usr/lib/systemd/systemd-sulogin-shell[\s]+emergency {{%- else -%}} ^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\" -@@ -43,8 +43,8 @@ - 1 - - -- - - -@@ -55,7 +55,7 @@ - ^emergency.service$ - - -- - diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml -index e2f61432..29683160 100644 +index cc0a2c53..f088ded1 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15 title: 'Require Authentication for Emergency Systemd Target' -@@ -42,7 +42,7 @@ references: - srg: SRG-OS-000080-GPOS-00048 +@@ -45,7 +45,7 @@ references: stigid@ol7: OL07-00-010481 + stigid@ol8: OL08-00-010152 stigid@rhel7: RHEL-07-010481 - stigid@rhel8: RHEL-08-010152 + stigid@almalinux8: RHEL-08-010152 ocil_clause: 'the output is different' -@@ -50,7 +50,7 @@ ocil: |- +@@ -53,7 +53,7 @@ ocil: |- To check if authentication is required for emergency mode, run the following command: 
$ grep sulogin /usr/lib/systemd/system/emergency.service
The output should be similar to the following, and the line must begin with -- {{% if product in ["fedora", "rhel8", "ol8"] -%}} -+ {{% if product in ["fedora", "rhel8", "ol8", "almalinux8"] -%}} +- {{% if product in ["fedora", "rhel8", "rhel9", "ol8"] -%}} ++ {{% if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8"] -%}} ExecStart and /usr/lib/systemd/systemd-sulogin-shell. 
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency
{{%- else -%}} diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh -index d3cd3035..c94f7b5f 100644 +index a8a5c8cc..53d62c68 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8,multi_platform_fedora -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora service_file="/usr/lib/systemd/system/emergency.service" sulogin="/usr/lib/systemd/systemd-sulogin-shell" diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh -index 9fa5cf84..2aec856e 100644 +index 96a0c842..048832a9 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8,multi_platform_fedora -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora +-# platform = multi_platform_rhel,multi_platform_fedora ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora service_file="/usr/lib/systemd/system/emergency.service" sulogin="/bin/bash" diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml -index 4164c163..186cc053 100644 +index 8173ffa6..79eb17b0 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml @@ -10,7 +10,7 @@ create: yes dest: /usr/lib/systemd/system/rescue.service regexp: "^#?ExecStart=" -- {{% if product in ["fedora", "rhel8", "ol8"] -%}} -+ {{% if product in ["fedora", "rhel8", "ol8", "almalinux8"] -%}} +- {{% if product in ["fedora", "rhel8", "rhel9", "ol8"] -%}} ++ {{% if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8"] -%}} line: "ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue" - {{%- else -%}} - line: 'ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"' + {{% elif product in ["rhel7"] %}} + line: 'ExecStart=-/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"' diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/bash/shared.sh -index b022a8e2..3d7cf90c 100644 +index 04c9e43c..e20b6d8c 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/bash/shared.sh @@ -1,10 +1,10 @@ @@ -6135,21 +6888,21 @@ index b022a8e2..3d7cf90c 100644 service_file="/usr/lib/systemd/system/rescue.service" --{{% if product in ["fedora", "rhel8", "ol8"] -%}} -+{{% if product in ["fedora", "rhel8", "ol8", "almalinux8"] -%}} +-{{% if product in ["fedora", "rhel8", "rhel9", "ol8"] -%}} ++{{% if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8"] -%}} sulogin="/usr/lib/systemd/systemd-sulogin-shell rescue" - {{%- else -%}} - sulogin='/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"' + {{%- elif product in ["rhel7"] -%}} + sulogin='/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"' diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml -index 49070519..605a28a0 100644 +index 9a12b8f1..05ad73ff 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml @@ -20,7 +20,7 @@ {{%- if init_system == "systemd" -%}} /usr/lib/systemd/system/rescue.service -- {{%- if product in ["fedora", "rhel8", "ol8", "rhcos4"] -%}} -+ {{%- if product in ["fedora", "rhel8", "ol8", "rhcos4", "almalinux8"] -%}} +- {{%- if product in ["fedora", "rhel8", "rhel9", "ol8", "rhcos4"] -%}} ++ {{%- if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8", "rhcos4"] -%}} ^ExecStart=\-.*/usr/lib/systemd/systemd-sulogin-shell[ ]+rescue {{%- else -%}} ^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\" -@@ -51,8 +51,8 @@ - 1 - - -- - - -@@ -63,7 +63,7 @@ - ^rescue.service$ - - -- - diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml -index 1ed97c35..2ad171fb 100644 +index 8d7a4fa7..d5e8c095 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'Require Authentication for Single User Mode' -@@ -46,7 +46,7 @@ references: - srg: SRG-OS-000080-GPOS-00048 +@@ -50,7 +50,7 @@ references: stigid@ol7: OL07-00-010481 + stigid@ol8: OL08-00-010151 stigid@rhel7: RHEL-07-010481 - stigid@rhel8: RHEL-08-010151 + stigid@almalinux8: RHEL-08-010151 ocil_clause: 'the output is different' -@@ -55,7 +55,7 @@ ocil: |- +@@ -59,7 +59,7 @@ ocil: |- To check if authentication is required for single-user mode, run the following command: 
$ grep sulogin /usr/lib/systemd/system/rescue.service
The output should be similar to the following, and the line must begin with -- {{% if product in ["fedora", "rhel8", "ol8", "rhcos4"] -%}} -+ {{% if product in ["fedora", "rhel8", "ol8", "rhcos4", "almalinux8"] -%}} +- {{% if product in ["fedora", "rhel8", "rhel9", "ol8", "rhcos4"] -%}} ++ {{% if product in ["fedora", "rhel8", "almalinux8", "rhel9", "ol8", "rhcos4"] -%}} ExecStart and /usr/lib/systemd/systemd-sulogin-shell. 
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue
- {{%- else -%}} + {{%- elif product in ["rhel7"] -%}} diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh -index f8cd337b..19925a1e 100644 +index 66d47a0e..047a82bd 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8,multi_platform_fedora -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora service_file="/usr/lib/systemd/system/rescue.service" sulogin="/usr/lib/systemd/systemd-sulogin-shell" diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh -index 0d76d825..ba2681b0 100644 +index d125b29e..6184023c 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = Red Hat Enterprise Linux 8,multi_platform_fedora -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora +-# platform = multi_platform_rhel,multi_platform_fedora ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora service_file="/usr/lib/systemd/system/rescue.service" sulogin="/bin/bash" -diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/bash/shared.sh -index 0c544bfb..0b6fa7c1 100644 ---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/bash/shared.sh -+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Oracle Linux 8 -+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 8 - - if ! grep -x ' case "$name" in sshd|login) exec tmux ;; esac' /etc/bashrc; then - cat >> /etc/bashrc <<'EOF' diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml -index c43b8cb7..7ed86b6a 100644 +index 9f224748..2380e50b 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml @@ -1,6 +1,6 @@ @@ -6256,10 +6979,10 @@ index c43b8cb7..7ed86b6a 100644 title: 'Support session locking with tmux' -@@ -23,7 +23,7 @@ references: - disa: CCI-000056 +@@ -24,7 +24,7 @@ references: ospp: FMT_SMF_EXT.1 srg: SRG-OS-000031-GPOS-00012,SRG-OS-000028-GPOS-00009 + stigid@ol8: OL08-00-020041 - stigid@rhel8: RHEL-08-020041 + stigid@almalinux8: RHEL-08-020041 @@ -6275,18 +6998,8 @@ index dc63eb65..dc693130 100644 # reboot = false # strategy = restrict # complexity = low -diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/bash/shared.sh -index 233047af..33549331 100644 ---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/bash/shared.sh -+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Oracle Linux 8 -+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 8 - - tmux_conf="/etc/tmux.conf" - diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml -index a3902b1f..dca9b85f 100644 +index ba17de40..1e98cfbd 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml @@ -1,6 +1,6 @@ @@ -6297,27 +7010,17 @@ index a3902b1f..dca9b85f 100644 title: 'Configure tmux to lock session after inactivity' -@@ -24,7 +24,7 @@ references: - disa: CCI-000057 +@@ -25,7 +25,7 @@ references: ospp: FMT_SMF_EXT.1 srg: SRG-OS-000029-GPOS-00010 + stigid@ol8: OL08-00-020070 - stigid@rhel8: RHEL-08-020070 + stigid@almalinux8: RHEL-08-020070 ocil_clause: 'lock-after-time is not set or set to zero' -diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/bash/shared.sh -index f2430618..b2e711bd 100644 ---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/bash/shared.sh -+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora -+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora - - tmux_conf="/etc/tmux.conf" - diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml -index e2436ca2..fde6e6e9 100644 +index a3a23d8e..263bc54f 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml @@ -1,6 +1,6 @@ @@ -6328,10 +7031,10 @@ index e2436ca2..fde6e6e9 100644 title: 'Configure the tmux Lock Command' -@@ -28,7 +28,7 @@ references: - disa: CCI-000056,CCI-000058 +@@ -29,7 +29,7 @@ references: nist: AC-11(a),AC-11(b),CM-6(a) srg: SRG-OS-000028-GPOS-00009 + stigid@ol8: OL08-00-020040 - stigid@rhel8: RHEL-08-020040 + stigid@almalinux8: RHEL-08-020040 vmmsrg: SRG-OS-000028-VMM-000090,SRG-OS-000030-VMM-000110 @@ -6377,16 +7080,6 @@ index e747275d..07b43ed4 100644 +# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8 echo 'set -g lock-command locker' >> '/etc/tmux.conf' -diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/bash/shared.sh -index 45c43e8d..441cef39 100644 ---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/bash/shared.sh -+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Oracle Linux 8 -+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 8 - - if grep -q 'tmux$' /etc/shells ; then - sed -i '/tmux$/d' /etc/shells diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml index 6b2d6cd5..c20712c9 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml @@ -6399,7 +7092,7 @@ index 6b2d6cd5..c20712c9 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml -index 595ddd6a..3df26783 100644 +index b069a87f..19668abe 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml @@ -1,6 +1,6 @@ @@ -6410,17 +7103,17 @@ index 595ddd6a..3df26783 100644 title: 'Prevent user from disabling the screen lock' -@@ -24,7 +24,7 @@ references: - disa: CCI-000056 +@@ -26,7 +26,7 @@ references: ospp: FMT_SMF_EXT.1 srg: SRG-OS-000324-GPOS-00125,SRG-OS-000028-GPOS-00009 + stigid@ol8: OL08-00-020042 - stigid@rhel8: RHEL-08-020042 + stigid@almalinux8: RHEL-08-020042 ocil_clause: 'tmux is listed in /etc/shells' diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml -index 120d1c49..3a609963 100644 +index a76cdedd..be480047 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml @@ -1,6 +1,6 @@ @@ -6431,76 +7124,56 @@ index 120d1c49..3a609963 100644 title: 'Install the tmux Package' -@@ -40,7 +40,7 @@ references: - nist-csf: PR.AC-7 +@@ -43,7 +43,7 @@ references: ospp: FMT_MOF_EXT.1 srg: SRG-OS-000030-GPOS-00011,SRG-OS-000028-GPOS-00009 + stigid@ol8: OL08-00-020039 - stigid@rhel8: RHEL-08-020039 + stigid@almalinux8: RHEL-08-020039 vmmsrg: SRG-OS-000030-VMM-000110 ocil_clause: 'the package is not installed' diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/ansible/shared.yml -index 37602754..5834c77f 100644 +index 748bff82..1760268e 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol - # reboot = false - # strategy = configure - # complexity = low -diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/bash/shared.sh -index 4e80be4f..28db2a10 100644 ---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/bash/shared.sh -+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol +-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle ++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml -index 54fff733..9212c077 100644 +index 00c9b8cb..607aca4a 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Configure opensc Smart Card Drivers' diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml -index f05423c0..4334b8a3 100644 +index f79727a0..49f74f41 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol - # reboot = false - # strategy = configure - # complexity = low -diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/bash/shared.sh -index 7c763a87..df907379 100644 ---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/bash/shared.sh -+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol +-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle ++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml -index a69968b6..b895cf75 100644 +index fc2c75e8..367e7869 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Force opensc To Use Defined Smart Card Driver' @@ -6518,21 +7191,21 @@ index 54524233..3697fd65 100644 {{% else %}} In Red Hat Enterprise Linux servers and workstations, hardware token login diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml -index 43b96404..ac689dcb 100644 +index 27725848..d4221ccc 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml -@@ -8,7 +8,7 @@ +@@ -12,7 +12,7 @@ documentation_complete: true --prodtype: fedora,ol7,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 -+prodtype: fedora,ol7,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Install Smart Card Packages For Multifactor Authentication' -@@ -46,7 +46,7 @@ references: - srg: SRG-OS-000105-GPOS-00052,SRG-OS-000375-GPOS-00160,SRG-OS-000375-GPOS-00161,SRG-OS-000377-GPOS-00162 +@@ -51,7 +51,7 @@ references: stigid@ol7: OL07-00-041001 + stigid@ol8: OL08-00-010390 stigid@rhel7: RHEL-07-041001 - stigid@rhel8: RHEL-08-010390 + stigid@almalinux8: RHEL-08-010390 @@ -6540,7 +7213,7 @@ index 43b96404..ac689dcb 100644 stigid@sle15: SLES-15-010460 stigid@ubuntu2004: UBTU-20-010063 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml -index 5d88eb4d..f4d70ff2 100644 +index a9bcfc66..5e762d5b 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml @@ -1,6 +1,6 @@ @@ -6551,61 +7224,49 @@ index 5d88eb4d..f4d70ff2 100644 title: 'Install the opensc Package For Multifactor Authentication' -@@ -35,7 +35,7 @@ references: - ism: 1382,1384,1386 +@@ -36,7 +36,7 @@ references: nist: CM-6(a) srg: SRG-OS-000375-GPOS-00160,SRG-OS-000376-GPOS-00161 + stigid@ol8: OL08-00-010410 - stigid@rhel8: RHEL-08-010410 + stigid@almalinux8: RHEL-08-010410 stigid@ubuntu2004: UBTU-20-010064 vmmsrg: SRG-OS-000376-VMM-001520 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml -index 0652fbea..215abe8b 100644 +index 9c6534cf..6cfe9268 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4 title: 'Install the pcsc-lite package' diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml -index 23a63bf4..05eb3b88 100644 +index 6472ade5..2efa5cb5 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Enable the pcscd Service' diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh -index d02a9674..9bdafdc1 100644 +index 2744af58..0f5c92be 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_ol -+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol +-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_sle ++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol,multi_platform_sle # Install required packages if ! rpm --quiet -q pam_pkcs11; then yum -y -d 1 install pam_pkcs11; fi -diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/rule.yml -index 73185c44..61701686 100644 ---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/rule.yml -+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/rule.yml -@@ -1,6 +1,6 @@ - documentation_complete: true - --prodtype: ol7,ol8,rhel7,rhel8,sle12,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2004 - - title: 'Configure Smart Card Certificate Status Checking' - diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/kubernetes/shared.yml index ff493491..082c8e61 100644 --- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/kubernetes/shared.yml @@ -6618,21 +7279,21 @@ index ff493491..082c8e61 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml -index 157ef461..be23be4f 100644 +index a9d19544..3db95485 100644 --- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Disable debug-shell SystemD Service' -@@ -34,7 +34,7 @@ references: - hipaa: 164.308(a)(1)(ii)(B),164.308(a)(7)(i),164.308(a)(7)(ii)(A),164.310(a)(1),164.310(a)(2)(i),164.310(a)(2)(ii),164.310(a)(2)(iii),164.310(b),164.310(c),164.310(d)(1),164.310(d)(2)(iii) +@@ -38,7 +38,7 @@ references: ospp: FIA_UAU.1 srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227 + stigid@ol8: OL08-00-040180 - stigid@rhel8: RHEL-08-040180 + stigid@almalinux8: RHEL-08-040180 @@ -6649,17 +7310,17 @@ index 74598bc7..680caf4b 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh -index c8c2a90e..c42ae5d6 100644 +index 8f1ea001..027aea64 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - . /usr/share/scap-security-guide/remediation_functions +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle + {{{ bash_instantiate_variables("var_account_disable_post_pw_expiration") }}} diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml -index a3d81cf7..7b20a031 100644 +index 48d3ecd3..9905d9b5 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml @@ -1,6 +1,6 @@ @@ -6670,9 +7331,9 @@ index a3d81cf7..7b20a031 100644 title: 'Set Account Expiration Following Inactivity' -@@ -51,7 +51,7 @@ references: - srg: SRG-OS-000118-GPOS-00060 +@@ -54,7 +54,7 @@ references: stigid@ol7: OL07-00-010310 + stigid@ol8: OL08-00-020260 stigid@rhel7: RHEL-07-010310 - stigid@rhel8: RHEL-08-020260 + stigid@almalinux8: RHEL-08-020260 @@ -6680,84 +7341,84 @@ index a3d81cf7..7b20a031 100644 stigid@sle15: SLES-15-020050 stigid@ubuntu2004: UBTU-20-010409 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml -index a47c7f39..a935a880 100644 +index 12926969..572f3fbb 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhel8 -+prodtype: fedora,rhel8,almalinux8 +-prodtype: fedora,ol8,rhel8,rhel9 ++prodtype: fedora,ol8,rhel8,almalinux8,rhel9 title: 'Assign Expiration Date to Emergency Accounts' -@@ -40,7 +40,7 @@ references: - nist: AC-2(2),AC-2(3),CM-6(a) +@@ -42,7 +42,7 @@ references: nist-csf: DE.CM-1,DE.CM-3,PR.AC-1,PR.AC-4,PR.AC-6 srg: SRG-OS-000123-GPOS-00064,SRG-OS-000002-GPOS-00002 + stigid@ol8: OL08-00-020270 - stigid@rhel8: RHEL-08-020270 + stigid@almalinux8: RHEL-08-020270 vmmsrg: SRG-OS-000002-VMM-000020,SRG-OS-000123-VMM-000620 ocil_clause: 'any emergency accounts have no expiration date set or do not expire within a documented time frame' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml -index b4f3688c..54de04ff 100644 +index bb5a1d55..ecf80300 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004 -+prodtype: fedora,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Assign Expiration Date to Temporary Accounts' -@@ -43,7 +43,7 @@ references: - nist: AC-2(2),AC-2(3),CM-6(a) +@@ -45,7 +45,7 @@ references: nist-csf: DE.CM-1,DE.CM-3,PR.AC-1,PR.AC-4,PR.AC-6 srg: SRG-OS-000123-GPOS-00064,SRG-OS-000002-GPOS-00002 + stigid@ol8: OL08-00-020000 - stigid@rhel8: RHEL-08-020000 + stigid@almalinux8: RHEL-08-020000 stigid@sle12: SLES-12-010360 stigid@sle15: SLES-15-020000 stigid@ubuntu2004: UBTU-20-010000 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml -index 5cfdf48d..16e11ddb 100644 +index d0665b41..f6ced399 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,sle12,sle15 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Ensure All Accounts on the System Have Unique User IDs' -@@ -21,7 +21,7 @@ references: - disa: CCI-000764,CCI-000804 +@@ -26,7 +26,7 @@ references: nist@sle12: IA-2,IA-2.1,IA-8,IA-8.1 srg: SRG-OS-000104-GPOS-00051,SRG-OS-000121-GPOS-00062,SRG-OS-000042-GPOS-00020 + stigid@ol8: OL08-00-020240 - stigid@rhel8: RHEL-08-020240 + stigid@almalinux8: RHEL-08-020240 stigid@sle12: SLES-12-010640 stigid@sle15: SLES-15-010230 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml -index e2311f6a..9c02a9f1 100644 +index d4a4c6b6..7434f97e 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,sle12,sle15,fedora,rhel8 -+prodtype: ol7,sle12,sle15,fedora,rhel8,almalinux8 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15 title: 'Only Authorized Local User Accounts Exist on Operating System' -@@ -34,7 +34,7 @@ references: - disa: CCI-000366 - nist@sle12: CM-6(b),CM-6.1(iv) - srg: SRG-OS-000480-GPOS-00227 +@@ -39,7 +39,7 @@ references: + stigid@ol7: OL07-00-020270 + stigid@ol8: OL08-00-020320 + stigid@rhel7: RHEL-07-020270 - stigid@rhel8: RHEL-08-020320 + stigid@almalinux8: RHEL-08-020320 stigid@sle12: SLES-12-010630 @@ -6774,6 +7435,30 @@ index d942f81d..bcafb5e8 100644 var_accounts_authorized_local_users_regex="^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$" +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml +index f21cc003..681af208 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml ++++ b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: fedora,rhel7,rhel8,sle15 ++prodtype: fedora,rhel7,rhel8,almalinux8,sle15 + + title: 'Ensure All Groups on the System Have Unique Group ID' + +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml +index dae8462a..9a804d56 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml ++++ b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml +@@ -1,6 +1,6 @@ + documentation_complete: true + +-prodtype: fedora,rhel7,rhel8,sle15 ++prodtype: fedora,rhel7,rhel8,almalinux8,sle15 + + title: 'Ensure All Groups on the System Have Unique Group Names' + diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml index bed135a4..1df8f3a2 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml @@ -6785,22 +7470,22 @@ index bed135a4..1df8f3a2 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/bash/shared.sh -index 135eb49d..2ad49f24 100644 +index de0ea219..196d11b0 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_fedora -+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_fedora - . /usr/share/scap-security-guide/remediation_functions +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_fedora,multi_platform_ubuntu ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_fedora,multi_platform_ubuntu + {{{ bash_instantiate_variables("var_accounts_maximum_age_login_defs") }}} diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml -index 1a0f05a7..af196b8f 100644 +index 206a08a3..d4136dd0 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml -@@ -51,7 +51,7 @@ references: - srg: SRG-OS-000076-GPOS-00044 +@@ -54,7 +54,7 @@ references: stigid@ol7: OL07-00-010250 + stigid@ol8: OL08-00-020200 stigid@rhel7: RHEL-07-010250 - stigid@rhel8: RHEL-08-020200 + stigid@almalinux8: RHEL-08-020200 @@ -6818,16 +7503,16 @@ index 0c81c0ee..29f31c65 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml -index 0b777e36..2096018a 100644 +index 34df2e5c..28421050 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml -@@ -49,7 +49,7 @@ references: - srg: SRG-OS-000075-GPOS-00043 +@@ -52,7 +52,7 @@ references: stigid@ol7: OL07-00-010230 + stigid@ol8: OL08-00-020190 stigid@rhel7: RHEL-07-010230 - stigid@rhel8: RHEL-08-020190 + stigid@almalinux8: RHEL-08-020190 - stigid@sle12: SLES-12-010270 + stigid@sle12: SLES-12-010260 stigid@sle15: SLES-15-020200 stigid@ubuntu2004: UBTU-20-010007 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml @@ -6841,23 +7526,23 @@ index eee37bda..a231fa41 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh -index 0b47d1f4..2a4f751b 100644 +index cb5efaa5..b2a0809b 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel +# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_accounts_password_minlen_login_defs") }}} diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml -index f65c2d2b..d93a45d8 100644 +index c8acda93..907ea25b 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml -@@ -45,7 +45,7 @@ references: - nist-csf: PR.AC-1,PR.AC-6,PR.AC-7 +@@ -46,7 +46,7 @@ references: ospp: FMT_MOF_EXT.1 srg: SRG-OS-000078-GPOS-00046 + stigid@ol8: OL08-00-020231 - stigid@rhel8: RHEL-08-020231 + stigid@almalinux8: RHEL-08-020231 @@ -6926,46 +7611,66 @@ index 88ecd439..678d3b6d 100644 +# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8 sed -i "/^PASS_MIN_LEN.*/d" /etc/login.defs +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh +index fc2d9735..58fba606 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh ++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh +@@ -1,4 +1,4 @@ +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle + # reboot = false + # strategy = restrict + # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml -index 8b5e0962..faa4da48 100644 +index 4a355eee..a1174cc5 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Set Existing Passwords Maximum Age' -@@ -31,7 +31,7 @@ references: - srg: SRG-OS-000076-GPOS-00044 +@@ -34,7 +34,7 @@ references: stigid@ol7: OL07-00-010260 + stigid@ol8: OL08-00-020210 stigid@rhel7: RHEL-07-010260 - stigid@rhel8: RHEL-08-020210 + stigid@almalinux8: RHEL-08-020210 stigid@sle12: SLES-12-010290 stigid@sle15: SLES-15-020230 vmmsrg: SRG-OS-000076-VMM-000430 +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/bash/shared.sh +index e55a4c9e..468e73ed 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/bash/shared.sh ++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/bash/shared.sh +@@ -1,4 +1,4 @@ +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle + # reboot = false + # strategy = restrict + # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml -index b250979f..bfe4e52b 100644 +index 831a3c52..1377b469 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Set Existing Passwords Minimum Age' -@@ -32,7 +32,7 @@ references: - srg: SRG-OS-000075-GPOS-00043 +@@ -35,7 +35,7 @@ references: stigid@ol7: OL07-00-010240 + stigid@ol8: OL08-00-020180 stigid@rhel7: RHEL-07-010240 - stigid@rhel8: RHEL-08-020180 + stigid@almalinux8: RHEL-08-020180 - stigid@sle12: SLES-12-010260 + stigid@sle12: SLES-12-010270 stigid@sle15: SLES-15-020210 vmmsrg: SRG-OS-000075-VMM000420 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml @@ -6979,28 +7684,28 @@ index 1091f8c8..00da1b03 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml -index d3a1b85c..1353a811 100644 +index 2db962da..5351e7ee 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,rhel8,sle12,sle15,ubuntu2004 -+prodtype: fedora,rhel8,almalinux8,sle12,sle15,ubuntu2004 +-prodtype: fedora,ol8,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: fedora,ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Verify All Account Password Hashes are Shadowed with SHA512' -@@ -34,7 +34,7 @@ references: - disa: CCI-000196,CCI-000803 +@@ -37,7 +37,7 @@ references: nist: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1 srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061 + stigid@ol8: OL08-00-010120 - stigid@rhel8: RHEL-08-010120 + stigid@almalinux8: RHEL-08-010120 stigid@sle12: SLES-12-010220 stigid@sle15: SLES-15-020180 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml -index 85f98d2f..4f2f1232 100644 +index dd260c7e..1b43bf44 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -7010,17 +7715,17 @@ index 85f98d2f..4f2f1232 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh -index 258a7615..ef4ea1fc 100644 +index b0c50f5f..1f86d0cf 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}} diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml -index 459692f4..2fbcc118 100644 +index 28e993e5..3bf7ecf2 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml @@ -1,6 +1,6 @@ @@ -7031,17 +7736,65 @@ index 459692f4..2fbcc118 100644 title: 'Set number of Password Hashing Rounds - password-auth' -@@ -32,7 +32,7 @@ references: - anssi: BP28(R32) +@@ -33,7 +33,7 @@ references: disa: CCI-000196 srg: SRG-OS-000073-GPOS-00041 + stigid@ol8: OL08-00-010130 - stigid@rhel8: RHEL-08-010130 + stigid@almalinux8: RHEL-08-010130 ocil_clause: 'it does not set the appropriate number of hashing rounds' +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh +index 244ae3db..daf80c77 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_unix_rounds=65536 + + authselect create-profile hardening -b sssd +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh +index 8af81389..29542c0f 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_unix_rounds=65536 + + ROUNDS=65536 +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh +index 5af0640b..d853eba1 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none + # variables = var_password_pam_unix_rounds=65536 + +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh +index 10d83eac..86d37185 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_unix_rounds=65536 + + ROUNDS=4000 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml -index e7dccf38..21382076 100644 +index 2e5aabcd..8f3d7421 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -7051,17 +7804,17 @@ index e7dccf38..21382076 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh -index b2c81662..b6a5e1f1 100644 +index 1cd0f94c..67e60d6d 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}} diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml -index 0b694b0e..314c0a1f 100644 +index 72707db7..2e05990b 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml @@ -1,6 +1,6 @@ @@ -7072,17 +7825,65 @@ index 0b694b0e..314c0a1f 100644 title: 'Set number of Password Hashing Rounds - system-auth' -@@ -32,7 +32,7 @@ references: - anssi: BP28(R32) +@@ -33,7 +33,7 @@ references: disa: CCI-000196 srg: SRG-OS-000073-GPOS-00041 + stigid@ol8: OL08-00-010131 - stigid@rhel8: RHEL-08-010131 + stigid@almalinux8: RHEL-08-010131 ocil_clause: 'it does not set the appropriate number of hashing rounds' +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh +index 506a8075..ed3c8ad2 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_unix_rounds=65536 + + authselect create-profile hardening -b sssd +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh +index 48c7f5a4..913b37d7 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_unix_rounds=65536 + + ROUNDS=65536 +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh +index d111f61e..62977fa4 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none + # variables = var_password_pam_unix_rounds=65536 + +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh +index 3c25268d..c34e3a10 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # variables = var_password_pam_unix_rounds=65536 + + ROUNDS=4000 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml -index db35dac3..b5c8d349 100644 +index 8e1ae005..27d584b4 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -7092,14 +7893,15 @@ index db35dac3..b5c8d349 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh -index 837c46b2..cf1e4f4d 100644 +index c82f2f73..7942e2f7 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh -@@ -1,3 +1,3 @@ --# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - sed --follow-symlinks -i 's/\//g' /etc/pam.d/system-auth - sed --follow-symlinks -i 's/\//g' /etc/pam.d/password-auth +@@ -1,4 +1,4 @@ +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle + # reboot = false + # strategy = configure + # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml index 075cc631..47e67288 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml @@ -7112,18 +7914,42 @@ index 075cc631..47e67288 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml -index 75f988ff..d5a15e3b 100644 +index 6cf476b6..cbbf8834 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml -@@ -53,7 +53,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -54,7 +54,7 @@ references: stigid@ol7: OL07-00-010290 + stigid@ol8: OL08-00-020331 stigid@rhel7: RHEL-07-010290 - stigid@rhel8: RHEL-08-020331 + stigid@almalinux8: RHEL-08-020331 stigid@sle12: SLES-12-010231 stigid@sle15: SLES-15-020300 +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh +index 84b10027..4425caae 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + # remediation = none + + SYSTEM_AUTH_FILE="/etc/pam.d/system-auth" +diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh +index 52ad383d..920e34b3 100644 +--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh ++++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = authselect +-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora + + SYSTEM_AUTH_FILE="/etc/pam.d/system-auth" + diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/ansible/shared.yml index acf0496e..7f1fb69d 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/ansible/shared.yml @@ -7191,12 +8017,12 @@ index 102c4def..9dd2ada2 100644 title: 'Ensure there are no legacy + NIS entries in /etc/shadow' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml -index edde64a7..69be3dfb 100644 +index 8bc5319d..2b8df2c9 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml -@@ -48,7 +48,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -51,7 +51,7 @@ references: stigid@ol7: OL07-00-020310 + stigid@ol8: OL08-00-040200 stigid@rhel7: RHEL-07-020310 - stigid@rhel8: RHEL-08-040200 + stigid@almalinux8: RHEL-08-040200 @@ -7237,7 +8063,7 @@ index b5bfabab..6742eeb2 100644 title: 'Restrict Web Browser Use for Administrative Accounts' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml -index 5129557e..08dcd47d 100644 +index 2cd7a9ef..f2c75308 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml @@ -1,6 +1,6 @@ @@ -7291,25 +8117,24 @@ index 7194be9c..33bf1622 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh -index d001e733..7c7000ed 100644 +index 96a41cad..5b36c8a7 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh -@@ -1,5 +1,5 @@ - #!/bin/bash +@@ -1,4 +1,4 @@ -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv # uncomment the option if commented sed '/^[[:space:]]*#[[:space:]]*auth[[:space:]]\+required[[:space:]]\+pam_wheel\.so[[:space:]]\+use_uid$/s/^[[:space:]]*#//' -i /etc/pam.d/su diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml -index 20648132..c1b3d384 100644 +index 9845160e..4596cfbe 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle15,ubuntu2004 -+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15,ubuntu2004 +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Enforce usage of pam_wheel for su authentication' @@ -7333,20 +8158,20 @@ index be3cc99c..6770cf9e 100644 {{{ set_config_file("/etc/login.defs", "CREATE_HOME", "yes", create=true, insert_after="", insert_before="^\s*CREATE_HOME", insensitive=true) }}} diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml -index f478f78e..1f3c358d 100644 +index 0587c51e..d83d4d1d 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,wrlinux1019,fedora -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,wrlinux1019,fedora +-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'Ensure Home Directories are Created for New Users' -@@ -29,7 +29,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -31,7 +31,7 @@ references: stigid@ol7: OL07-00-020610 + stigid@ol8: OL08-00-010760 stigid@rhel7: RHEL-07-020610 - stigid@rhel8: RHEL-08-010760 + stigid@almalinux8: RHEL-08-010760 @@ -7364,22 +8189,22 @@ index 53b68079..2a6b6612 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh -index a352897a..b42bcca5 100644 +index e18dacd3..f7eb010c 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ol +# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ol - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_accounts_fail_delay") }}} + diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml -index 3d7c3771..b839c129 100644 +index e8a68060..b2705ed0 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml -@@ -31,7 +31,7 @@ references: - srg: SRG-OS-000480-GPOS-00226 +@@ -32,7 +32,7 @@ references: stigid@ol7: OL07-00-010430 + stigid@ol8: OL08-00-020310 stigid@rhel7: RHEL-07-010430 - stigid@rhel8: RHEL-08-020310 + stigid@almalinux8: RHEL-08-020310 @@ -7397,22 +8222,22 @@ index 536ac295..d1bff5ff 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh -index 65066e77..fd616495 100644 +index c0b854da..cb75cd10 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux - . /usr/share/scap-security-guide/remediation_functions +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ubuntu,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ubuntu,multi_platform_sle + {{{ bash_instantiate_variables("var_accounts_max_concurrent_login_sessions") }}} diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml -index 5ac0a7db..aa22264c 100644 +index 8a6ca3c8..307af457 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml -@@ -38,7 +38,7 @@ references: - srg: SRG-OS-000027-GPOS-00008 +@@ -39,7 +39,7 @@ references: stigid@ol7: OL07-00-040000 + stigid@ol8: OL08-00-020024 stigid@rhel7: RHEL-07-040000 - stigid@rhel8: RHEL-08-020024 + stigid@almalinux8: RHEL-08-020024 @@ -7450,7 +8275,7 @@ index f37ac948..dc8eb410 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml -index 7d90a3f6..89b62218 100644 +index b970972a..ba6d300d 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml @@ -1,6 +1,6 @@ @@ -7462,32 +8287,32 @@ index 7d90a3f6..89b62218 100644 title: 'Set Interactive Session Timeout' diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml -index a9cf96af..b988b245 100644 +index e7d83f84..a8ca1ec9 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,ubuntu2004,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,ubuntu2004,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15,ubuntu2004,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15,ubuntu2004,wrlinux1019 title: 'User Initialization Files Must Be Group-Owned By The Primary User' diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml -index 13019f6d..53c7cbb7 100644 +index 94a8b358..5dfeb554 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019,sle12,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019,sle12,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'User Initialization Files Must Not Run World-Writable Programs' -@@ -29,7 +29,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -32,7 +32,7 @@ references: stigid@ol7: OL07-00-020730 + stigid@ol8: OL08-00-010660 stigid@rhel7: RHEL-07-020730 - stigid@rhel8: RHEL-08-010660 + stigid@almalinux8: RHEL-08-010660 @@ -7495,7 +8320,7 @@ index 13019f6d..53c7cbb7 100644 stigid@sle15: SLES-15-040130 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml -index 37efb159..e74c5317 100644 +index 33bb0f51..649e1068 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml @@ -1,6 +1,6 @@ @@ -7507,20 +8332,20 @@ index 37efb159..e74c5317 100644 title: 'User Initialization Files Must Be Owned By the Primary User' diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml -index f49c5a9e..e44c3f42 100644 +index 350d2cc5..76e98b04 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019,sle12,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019,sle12,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'Ensure that Users Path Contains Only Local Directories' -@@ -33,7 +33,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -35,7 +35,7 @@ references: stigid@ol7: OL07-00-020720 + stigid@ol8: OL08-00-010690 stigid@rhel7: RHEL-07-020720 - stigid@rhel8: RHEL-08-010690 + stigid@almalinux8: RHEL-08-010690 @@ -7528,20 +8353,20 @@ index f49c5a9e..e44c3f42 100644 stigid@sle15: SLES-15-040120 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml -index 1863ab76..f9548568 100644 +index a666d82f..3e6404d4 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019,sle12,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019,sle12,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'All Interactive Users Must Have A Home Directory Defined' -@@ -25,7 +25,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -32,7 +32,7 @@ references: stigid@ol7: OL07-00-020600 + stigid@ol8: OL08-00-010720 stigid@rhel7: RHEL-07-020600 - stigid@rhel8: RHEL-08-010720 + stigid@almalinux8: RHEL-08-010720 @@ -7549,7 +8374,7 @@ index 1863ab76..f9548568 100644 stigid@sle15: SLES-15-040070 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml -index 8a111943..db4fdd25 100644 +index 5bca9149..3fabb448 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml @@ -1,6 +1,6 @@ @@ -7560,9 +8385,9 @@ index 8a111943..db4fdd25 100644 title: 'All Interactive Users Home Directories Must Exist' -@@ -33,7 +33,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -37,7 +37,7 @@ references: stigid@ol7: OL07-00-020620 + stigid@ol8: OL08-00-010750 stigid@rhel7: RHEL-07-020620 - stigid@rhel8: RHEL-08-010750 + stigid@almalinux8: RHEL-08-010750 @@ -7570,43 +8395,43 @@ index 8a111943..db4fdd25 100644 stigid@sle15: SLES-15-040080 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml -index 1c0f93ad..720a5a8f 100644 +index b5d629a4..5df2b3e5 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15,wrlinux1019 title: 'All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary User' diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml -index 13f6bfe2..770562eb 100644 +index 00f5f0b9..55b7fcb0 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15,wrlinux1019 - title: 'All User Files and Directories In The Home Directory Must Be Owned By The Primary User' + title: 'All User Files and Directories In The Home Directory Must Have a Valid Owner' diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml -index c434cc96..15e0bb4c 100644 +index 4777f8a3..4e9bc29f 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019,sle15 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019,sle15 +-prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15,wrlinux1019 title: 'All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissive' diff --git a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml -index 2e6ce604..2b44a8e6 100644 +index 0d99f9aa..8a93692f 100644 --- a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml @@ -1,6 +1,6 @@ @@ -7617,9 +8442,9 @@ index 2e6ce604..2b44a8e6 100644 title: 'All Interactive User Home Directories Must Be Group-Owned By The Primary User' -@@ -32,7 +32,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -38,7 +38,7 @@ references: stigid@ol7: OL07-00-020650 + stigid@ol8: OL08-00-010740 stigid@rhel7: RHEL-07-020650 - stigid@rhel8: RHEL-08-010740 + stigid@almalinux8: RHEL-08-010740 @@ -7627,19 +8452,19 @@ index 2e6ce604..2b44a8e6 100644 stigid@sle15: SLES-15-040100 diff --git a/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml -index 198a9be7..c13180b4 100644 +index 754dd064..e28b1faf 100644 --- a/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,wrlinux1019 title: 'All Interactive User Home Directories Must Be Owned By The Primary User' diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml -index 5244533a..62ef0971 100644 +index e33c068f..5a5fa38b 100644 --- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml @@ -1,6 +1,6 @@ @@ -7650,9 +8475,9 @@ index 5244533a..62ef0971 100644 title: 'Ensure All User Initialization Files Have Mode 0740 Or Less Permissive' -@@ -28,7 +28,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -29,7 +29,7 @@ references: stigid@ol7: OL07-00-020710 + stigid@ol8: OL08-00-010770 stigid@rhel7: RHEL-07-020710 - stigid@rhel8: RHEL-08-010770 + stigid@almalinux8: RHEL-08-010770 @@ -7660,7 +8485,7 @@ index 5244533a..62ef0971 100644 stigid@sle15: SLES-15-040110 diff --git a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml -index 1f7a5ffa..30b8be81 100644 +index e8211cb5..b78cb8e9 100644 --- a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml @@ -1,6 +1,6 @@ @@ -7671,9 +8496,9 @@ index 1f7a5ffa..30b8be81 100644 title: 'All Interactive User Home Directories Must Have mode 0750 Or Less Permissive' -@@ -29,7 +29,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -34,7 +34,7 @@ references: stigid@ol7: OL07-00-020630 + stigid@ol8: OL08-00-010730 stigid@rhel7: RHEL-07-020630 - stigid@rhel8: RHEL-08-010730 + stigid@almalinux8: RHEL-08-010730 @@ -7691,31 +8516,31 @@ index 4e7ea875..ecbce672 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/bash/shared.sh -index a8301696..ec78ad7a 100644 +index 9417c63d..fb02f72b 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol +# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_accounts_user_umask") }}} diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml -index aa763481..6ac17762 100644 +index 73c0d4c0..5a2cd9e4 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004 +-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Ensure the Default Bash Umask is Set Correctly' -@@ -37,7 +37,7 @@ references: - nist: AC-6(1),CM-6(a) +@@ -40,7 +40,7 @@ references: nist-csf: PR.IP-2 srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227 + stigid@ol8: OL08-00-020353 - stigid@rhel8: RHEL-08-020353 + stigid@almalinux8: RHEL-08-020353 @@ -7734,29 +8559,50 @@ index eaaf1d3b..c5abfe41 100644 sed -i '/umask/d' /etc/bashrc echo "umask 077" >> /etc/bashrc diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh -index 716dede4..51ce94dd 100644 +index b5fa44e9..10d895a0 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol +# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_instantiate_variables("var_accounts_user_umask") }}} diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml -index 1b71c7d3..cfa4fecc 100644 +index 3fe2ebc9..6ea4c7e0 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhcos4,rhel7,rhel8,sle15,ubuntu2004 -+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,sle15,ubuntu2004 +-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu2004 ++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004 title: 'Ensure the Default C Shell Umask is Set Correctly' +@@ -33,7 +33,7 @@ references: + nist: AC-6(1),CM-6(a) + nist-csf: PR.IP-2 + srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227 +- stigid@rhel8: RHEL-08-020353 ++ stigid@almalinux8: RHEL-08-020353 + + ocil_clause: 'the above command returns no output, or if the umask is configured incorrectly' + +diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh +index a6db2863..f33d4eca 100644 +--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh ++++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/tests/stig_correct.pass.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # profiles = xccdf_org.ssgproject.content_profile_stig +-# platform = Red Hat Enterprise Linux 8 ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8 + + sed -i '/umask/d' /etc/csh.cshrc + echo "umask 077" >> /etc/csh.cshrc diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/ansible/shared.yml -index 259997f7..acff4ae7 100644 +index ea0edc6f..073a937f 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -7766,43 +8612,56 @@ index 259997f7..acff4ae7 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/bash/shared.sh -index f74cbfe5..b418c6da 100644 +index 575d2b5b..c3a04c68 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ol -+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ol - . /usr/share/scap-security-guide/remediation_functions +-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu + {{{ bash_instantiate_variables("var_accounts_user_umask") }}} diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml -index 51f8e51f..23fa9ee3 100644 +index 11d6291b..368baec7 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml -@@ -38,7 +38,7 @@ references: - srg: SRG-OS-000480-GPOS-00228 +@@ -41,7 +41,7 @@ references: stigid@ol7: OL07-00-020240 + stigid@ol8: OL08-00-020351 stigid@rhel7: RHEL-07-020240 - stigid@rhel8: RHEL-08-020351 + stigid@almalinux8: RHEL-08-020351 stigid@sle12: SLES-12-010620 stigid@sle15: SLES-15-040420 stigid@ubuntu2004: UBTU-20-010016 +diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml +index 771a09d4..66396b4c 100644 +--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml ++++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml +@@ -36,7 +36,7 @@ references: + nist: AC-6(1),CM-6(a) + nist-csf: PR.IP-2 + srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227 +- stigid@rhel8: RHEL-08-020353 ++ stigid@almalinux8: RHEL-08-020353 + + ocil_clause: 'the above command returns no output, or if the umask is configured incorrectly' + diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml -index 36032c66..08f847a7 100644 +index 9219e578..e0dd6c26 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhv4,sle15,ubuntu2004,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15,ubuntu2004,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 title: 'Ensure the Default Umask is Set Correctly For Interactive Users' -@@ -26,7 +26,7 @@ references: - srg: SRG-OS-000480-GPOS-00227 +@@ -28,7 +28,7 @@ references: stigid@ol7: OL07-00-021040 + stigid@ol8: OL08-00-020352 stigid@rhel7: RHEL-07-021040 - stigid@rhel8: RHEL-08-020352 + stigid@almalinux8: RHEL-08-020352 @@ -7810,12 +8669,12 @@ index 36032c66..08f847a7 100644 ocil_clause: 'the above command returns no output, or if the umask is configured incorrectly' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml -index 07d37b18..10325371 100644 +index eadfb057..efe6a244 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml -@@ -55,7 +55,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203 +@@ -58,7 +58,7 @@ references: stigid@ol7: OL07-00-030410 + stigid@ol8: OL08-00-030490 stigid@rhel7: RHEL-07-030410 - stigid@rhel8: RHEL-08-030490 + stigid@almalinux8: RHEL-08-030490 @@ -7823,12 +8682,12 @@ index 07d37b18..10325371 100644 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml -index e2d9944a..37701323 100644 +index 970fed53..66609376 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml -@@ -55,7 +55,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219 +@@ -58,7 +58,7 @@ references: stigid@ol7: OL07-00-030370 + stigid@ol8: OL08-00-030480 stigid@rhel7: RHEL-07-030370 - stigid@rhel8: RHEL-08-030480 + stigid@almalinux8: RHEL-08-030480 @@ -7836,103 +8695,196 @@ index e2d9944a..37701323 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml -index 6c3cc559..1c450020 100644 +index 81cc315e..d32d7960 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml -@@ -55,7 +55,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203 +@@ -58,7 +58,7 @@ references: stigid@ol7: OL07-00-030420 + stigid@ol8: OL08-00-030540 stigid@rhel7: RHEL-07-030420 -- stigid@rhel8: RHEL-08-030540 -+ stigid@almalinux8: RHEL-08-030540 +- stigid@rhel8: RHEL-08-030490 ++ stigid@almalinux8: RHEL-08-030490 stigid@sle12: SLES-12-020470 stigid@sle15: SLES-15-030300 stigid@ubuntu2004: UBTU-20-010153 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml -index 3e51d482..d9416b03 100644 +index 9a16e0c0..70b0e92f 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml -@@ -55,7 +55,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203 +@@ -58,7 +58,7 @@ references: stigid@ol7: OL07-00-030430 + stigid@ol8: OL08-00-030530 stigid@rhel7: RHEL-07-030430 -- stigid@rhel8: RHEL-08-030530 -+ stigid@almalinux8: RHEL-08-030530 +- stigid@rhel8: RHEL-08-030490 ++ stigid@almalinux8: RHEL-08-030490 stigid@sle12: SLES-12-020480 - stigid@sle15: SLES-12-030310 + stigid@sle15: SLES-15-030310 stigid@ubuntu2004: UBTU-20-010154 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml -index d89875fc..1d8cb96f 100644 +index 11d522c2..72012bac 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml -@@ -58,7 +58,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219 +@@ -61,7 +61,7 @@ references: stigid@ol7: OL07-00-030380 + stigid@ol8: OL08-00-030520 stigid@rhel7: RHEL-07-030380 -- stigid@rhel8: RHEL-08-030520 -+ stigid@almalinux8: RHEL-08-030520 +- stigid@rhel8: RHEL-08-030480 ++ stigid@almalinux8: RHEL-08-030480 stigid@sle12: SLES-12-020430 stigid@sle15: SLES-15-030260 stigid@ubuntu2004: UBTU-20-010149 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml -index e6caaeb5..c60ea30d 100644 +index 1f74f950..11288f64 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml -@@ -55,7 +55,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219 +@@ -58,7 +58,7 @@ references: stigid@ol7: OL07-00-030400 + stigid@ol8: OL08-00-030510 stigid@rhel7: RHEL-07-030400 -- stigid@rhel8: RHEL-08-030510 -+ stigid@almalinux8: RHEL-08-030510 +- stigid@rhel8: RHEL-08-030480 ++ stigid@almalinux8: RHEL-08-030480 stigid@sle12: SLES-12-020450 stigid@sle15: SLES-15-030280 stigid@ubuntu2004: UBTU-20-010150 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml -index b9ad3c79..7efc9a2c 100644 +index a7a3a872..33332a47 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml -@@ -72,7 +72,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033 +@@ -11,13 +11,13 @@ description: |- + startup (the default), add the following line to a file with suffix + .rules in the directory /etc/audit/rules.d: + 
-a always,exit -F arch=b32 -S fremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b32 -S fremovexattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} +

+ If the system is 64 bit then also add the following line: + 
-a always,exit -F arch=b64 -S fremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b64 -S fremovexattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} +

+@@ -25,13 +25,13 @@ description: |- + utility to read audit rules during daemon startup, add the following line to + /etc/audit/audit.rules file: + 
-a always,exit -F arch=b32 -S fremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b32 -S fremovexattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} +

+ If the system is 64 bit then also add the following line: + 
-a always,exit -F arch=b64 -S fremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b64 -S fremovexattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + +@@ -75,7 +75,7 @@ references: stigid@ol7: OL07-00-030480 + stigid@ol8: OL08-00-030240 stigid@rhel7: RHEL-07-030480 -- stigid@rhel8: RHEL-08-030240 -+ stigid@almalinux8: RHEL-08-030240 +- stigid@rhel8: RHEL-08-030200 ++ stigid@almalinux8: RHEL-08-030200 stigid@sle12: SLES-12-020410 stigid@sle15: SLES-15-030210 stigid@ubuntu2004: UBTU-20-010147 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml -index cedf05f9..ad793205 100644 +index 0bff8533..112e3259 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml -@@ -67,7 +67,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033 +@@ -9,24 +9,24 @@ description: |- + startup (the default), add the following line to a file with suffix + .rules in the directory /etc/audit/rules.d: + 
-a always,exit -F arch=b32 -S fsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b32 -S fsetxattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + If the system is 64 bit then also add the following line: + 
-a always,exit -F arch=b64 -S fsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b64 -S fsetxattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + If the auditd daemon is configured to use the auditctl + utility to read audit rules during daemon startup, add the following line to + /etc/audit/audit.rules file: + 
-a always,exit -F arch=b32 -S fsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b32 -S fsetxattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + If the system is 64 bit then also add the following line: + 
-a always,exit -F arch=b64 -S fsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b64 -S fsetxattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + +@@ -70,7 +70,7 @@ references: stigid@ol7: OL07-00-030450 + stigid@ol8: OL08-00-030230 stigid@rhel7: RHEL-07-030450 -- stigid@rhel8: RHEL-08-030230 -+ stigid@almalinux8: RHEL-08-030230 +- stigid@rhel8: RHEL-08-030200 ++ stigid@almalinux8: RHEL-08-030200 stigid@sle12: SLES-12-020380 stigid@sle15: SLES-15-030230 stigid@ubuntu2004: UBTU-20-010144 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml -index 190509c0..578d214a 100644 +index dec01548..26c3cce5 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml -@@ -55,7 +55,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219 +@@ -58,7 +58,7 @@ references: stigid@ol7: OL07-00-030390 + stigid@ol8: OL08-00-030500 stigid@rhel7: RHEL-07-030390 -- stigid@rhel8: RHEL-08-030500 -+ stigid@almalinux8: RHEL-08-030500 +- stigid@rhel8: RHEL-08-030480 ++ stigid@almalinux8: RHEL-08-030480 stigid@sle12: SLES-12-020440 stigid@sle15: SLES-15-030270 stigid@ubuntu2004: UBTU-20-010151 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml -index ffdacdf0..394b26ef 100644 +index 8f29dd24..6c5db2b7 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml -@@ -72,7 +72,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033 +@@ -11,13 +11,13 @@ description: |- + startup (the default), add the following line to a file with suffix + .rules in the directory /etc/audit/rules.d: + 
-a always,exit -F arch=b32 -S lremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8"] %}} ++{{%- if product in ["rhel8", "almalinux8"] %}} + 
-a always,exit -F arch=b32 -S lremovexattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} +

+ If the system is 64 bit then also add the following line: + 
-a always,exit -F arch=b64 -S lremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8"] %}} ++{{%- if product in ["rhel8", "almalinux8"] %}} + 
-a always,exit -F arch=b64 -S lremovexattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} +

+@@ -25,13 +25,13 @@ description: |- + utility to read audit rules during daemon startup, add the following line to + /etc/audit/audit.rules file: + 
-a always,exit -F arch=b32 -S lremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8"] %}} ++{{%- if product in ["rhel8", "almalinux8"] %}} + 
-a always,exit -F arch=b32 -S lremovexattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} +

+ If the system is 64 bit then also add the following line: + 
-a always,exit -F arch=b64 -S lremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8"] %}} ++{{%- if product in ["rhel8", "almalinux8"] %}} + 
-a always,exit -F arch=b64 -S lremovexattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + +@@ -75,7 +75,7 @@ references: stigid@ol7: OL07-00-030490 + stigid@ol8: OL08-00-030200 stigid@rhel7: RHEL-07-030490 - stigid@rhel8: RHEL-08-030200 + stigid@almalinux8: RHEL-08-030200 @@ -7940,91 +8892,185 @@ index ffdacdf0..394b26ef 100644 stigid@sle15: SLES-15-030200 stigid@ubuntu2004: UBTU-20-010146 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml -index 3662262f..f05f4d8e 100644 +index 44ff9cf8..52ae4834 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml -@@ -66,7 +66,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033 +@@ -9,24 +9,24 @@ description: |- + startup (the default), add the following line to a file with suffix + .rules in the directory /etc/audit/rules.d: + 
-a always,exit -F arch=b32 -S lsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b32 -S lsetxattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + If the system is 64 bit then also add the following line: + 
-a always,exit -F arch=b64 -S lsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b64 -S lsetxattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + If the auditd daemon is configured to use the auditctl + utility to read audit rules during daemon startup, add the following line to + /etc/audit/audit.rules file: + 
-a always,exit -F arch=b32 -S lsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b32 -S lsetxattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + If the system is 64 bit then also add the following line: + 
-a always,exit -F arch=b64 -S lsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b64 -S lsetxattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + +@@ -69,7 +69,7 @@ references: stigid@ol7: OL07-00-030460 + stigid@ol8: OL08-00-030220 stigid@rhel7: RHEL-07-030460 -- stigid@rhel8: RHEL-08-030220 -+ stigid@almalinux8: RHEL-08-030220 +- stigid@rhel8: RHEL-08-030200 ++ stigid@almalinux8: RHEL-08-030200 stigid@sle15: SLES-15-030240 stigid@ubuntu2004: UBTU-20-010143 vmmsrg: SRG-OS-000458-VMM-001810,SRG-OS-000474-VMM-001940 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml -index ac9d3492..45ecd956 100644 +index f5b0d926..64ef3a12 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml -@@ -71,7 +71,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033 +@@ -10,13 +10,13 @@ description: |- + program to read audit rules during daemon startup (the default), add the + following line to a file with suffix .rules in the directory /etc/audit/rules.d: + 
-a always,exit -F arch=b32 -S removexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b32 -S removexattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} +

+ If the system is 64 bit then also add the following line: + 
-a always,exit -F arch=b64 -S removexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b64 -S removexattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} +

+@@ -24,13 +24,13 @@ description: |- + utility to read audit rules during daemon startup, add the following line to + /etc/audit/audit.rules file: + 
-a always,exit -F arch=b32 -S removexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b32 -S removexattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} +

+ If the system is 64 bit then also add the following line: + 
-a always,exit -F arch=b64 -S removexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b64 -S removexattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + +@@ -74,7 +74,7 @@ references: stigid@ol7: OL07-00-030470 + stigid@ol8: OL08-00-030210 stigid@rhel7: RHEL-07-030470 -- stigid@rhel8: RHEL-08-030210 -+ stigid@almalinux8: RHEL-08-030210 +- stigid@rhel8: RHEL-08-030200 ++ stigid@almalinux8: RHEL-08-030200 stigid@sle12: SLES-12-020390 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010145 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml -index b661a1f9..b79ee03b 100644 +index 5dc13a0a..27f641ed 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml -@@ -67,7 +67,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203 +@@ -9,24 +9,24 @@ description: |- + startup (the default), add the following line to a file with suffix + .rules in the directory /etc/audit/rules.d: + 
-a always,exit -F arch=b32 -S setxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b32 -S setxattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + If the system is 64 bit then also add the following line: + 
-a always,exit -F arch=b64 -S setxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b64 -S setxattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + If the auditd daemon is configured to use the auditctl + utility to read audit rules during daemon startup, add the following line to + /etc/audit/audit.rules file: + 
-a always,exit -F arch=b32 -S setxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b32 -S setxattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + If the system is 64 bit then also add the following line: + 
-a always,exit -F arch=b64 -S setxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
+-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + 
-a always,exit -F arch=b64 -S setxattr -F auid=0 -F key=perm_mod
+ {{%- endif %}} + +@@ -70,7 +70,7 @@ references: stigid@ol7: OL07-00-030440 + stigid@ol8: OL08-00-030270 stigid@rhel7: RHEL-07-030440 -- stigid@rhel8: RHEL-08-030270 -+ stigid@almalinux8: RHEL-08-030270 +- stigid@rhel8: RHEL-08-030200 ++ stigid@almalinux8: RHEL-08-030200 stigid@sle12: SLES-12-020370 stigid@sle15: SLES-15-030220 stigid@ubuntu2004: UBTU-20-010142 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml -index 735817e4..5d6f6973 100644 +index eb29c31f..525f475c 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8,sle12,sle15,ubuntu2004 -+prodtype: rhel8,almalinux8,sle12,sle15,ubuntu2004 +-prodtype: ol8,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Record Any Attempts to Run chacl' -@@ -35,7 +35,7 @@ references: - disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 +@@ -37,7 +37,7 @@ references: nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210 + stigid@ol8: OL08-00-030570 - stigid@rhel8: RHEL-08-030570 + stigid@almalinux8: RHEL-08-030570 stigid@sle12: SLES-12-020620 stigid@sle15: SLES-15-030440 stigid@ubuntu2004: UBTU-20-010168 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml -index 341790d7..222c9853 100644 +index 401f22ff..4d7555c9 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8,sle12,sle15,ubuntu2004 -+prodtype: rhel8,almalinux8,sle12,sle15,ubuntu2004 +-prodtype: ol8,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Record Any Attempts to Run setfacl' -@@ -35,7 +35,7 @@ references: - disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 +@@ -37,7 +37,7 @@ references: nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + stigid@ol8: OL08-00-030330 - stigid@rhel8: RHEL-08-030330 + stigid@almalinux8: RHEL-08-030330 stigid@sle12: SLES-12-020610 stigid@sle15: SLES-15-030430 stigid@ubuntu2004: UBTU-20-010167 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml -index 4a5f4337..86ef5b52 100644 +index 6aa92b44..99d49d4b 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -8033,9 +9079,9 @@ index 4a5f4337..86ef5b52 100644 title: 'Record Any Attempts to Run chcon' -@@ -59,7 +59,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209 +@@ -60,7 +60,7 @@ references: stigid@ol7: OL07-00-030580 + stigid@ol8: OL08-00-030260 stigid@rhel7: RHEL-07-030580 - stigid@rhel8: RHEL-08-030260 + stigid@almalinux8: RHEL-08-030260 @@ -8043,33 +9089,42 @@ index 4a5f4337..86ef5b52 100644 stigid@sle15: SLES-15-030450 stigid@ubuntu2004: UBTU-20-010165 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml -index eb913156..5c51715f 100644 +index 02b16e46..cb5b37cb 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml -@@ -1,6 +1,6 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} + documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Record Any Attempts to Run restorecon' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml -index a945ce16..4b88bd97 100644 +index c4a1a692..019ab9a2 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019 title: 'Record Any Attempts to Run semanage' -@@ -56,7 +56,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209 +@@ -58,7 +58,7 @@ references: stigid@ol7: OL07-00-030560 + stigid@ol8: OL08-00-030313 stigid@rhel7: RHEL-07-030560 - stigid@rhel8: RHEL-08-030313 + stigid@almalinux8: RHEL-08-030313 @@ -8077,10 +9132,14 @@ index a945ce16..4b88bd97 100644 ocil: |- diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml -index 6db7d1da..e3a2f24a 100644 +index 57f66640..a23e8b47 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -8089,9 +9148,9 @@ index 6db7d1da..e3a2f24a 100644 title: 'Record Any Attempts to Run setfiles' -@@ -46,7 +46,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209 +@@ -47,7 +47,7 @@ references: stigid@ol7: OL07-00-030590 + stigid@ol8: OL08-00-030314 stigid@rhel7: RHEL-07-030590 - stigid@rhel8: RHEL-08-030314 + stigid@almalinux8: RHEL-08-030314 @@ -8099,21 +9158,25 @@ index 6db7d1da..e3a2f24a 100644 ocil: |- diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml -index c357c48f..ef3ecb90 100644 +index a6ce0ee6..c1224c2d 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,wrlinux1019 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019 title: 'Record Any Attempts to Run setsebool' -@@ -55,7 +55,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209 +@@ -57,7 +57,7 @@ references: stigid@ol7: OL07-00-030570 + stigid@ol8: OL08-00-030316 stigid@rhel7: RHEL-07-030570 - stigid@rhel8: RHEL-08-030316 + stigid@almalinux8: RHEL-08-030316 @@ -8121,10 +9184,16 @@ index c357c48f..ef3ecb90 100644 ocil: |- diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml -index e317a2d5..0ee53626 100644 +index 00684ec0..2d111f1d 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml -@@ -1,6 +1,6 @@ +@@ -1,11 +1,11 @@ +-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} + + documentation_complete: true -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9 @@ -8133,34 +9202,34 @@ index e317a2d5..0ee53626 100644 title: 'Record Any Attempts to Run seunshare' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh -index 2b5e6649..5664dae0 100644 +index 275e61d5..6fe950aa 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # Perform the remediation for the syscall rule + # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml -index 1c9cf37d..f76ade39 100644 +index 3099393b..15487c16 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'Ensure auditd Collects File Deletion Events by User' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml -index 2f2d75a4..609151ec 100644 +index 2157ea14..e877083a 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml -@@ -48,7 +48,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212 +@@ -52,7 +52,7 @@ references: stigid@ol7: OL07-00-030880 + stigid@ol8: OL08-00-030361 stigid@rhel7: RHEL-07-030880 - stigid@rhel8: RHEL-08-030361 + stigid@almalinux8: RHEL-08-030361 @@ -8168,54 +9237,54 @@ index 2f2d75a4..609151ec 100644 vmmsrg: SRG-OS-000466-VMM-001870,SRG-OS-000468-VMM-001890 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml -index 37620a38..ffb34db7 100644 +index 2598ee66..819f26a3 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml -@@ -48,7 +48,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212 +@@ -52,7 +52,7 @@ references: stigid@ol7: OL07-00-030890 + stigid@ol8: OL08-00-030362 stigid@rhel7: RHEL-07-030890 -- stigid@rhel8: RHEL-08-030362 -+ stigid@almalinux8: RHEL-08-030362 +- stigid@rhel8: RHEL-08-030361 ++ stigid@almalinux8: RHEL-08-030361 stigid@ubuntu2004: UBTU-20-010270 vmmsrg: SRG-OS-000466-VMM-001870,SRG-OS-000468-VMM-001890 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml -index e6b40042..89cf23af 100644 +index ecb3dfe0..3ab7d061 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml -@@ -47,7 +47,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212 +@@ -49,7 +49,7 @@ references: stigid@ol7: OL07-00-030900 + stigid@ol8: OL08-00-030363 stigid@rhel7: RHEL-07-030900 -- stigid@rhel8: RHEL-08-030363 -+ stigid@almalinux8: RHEL-08-030363 +- stigid@rhel8: RHEL-08-030361 ++ stigid@almalinux8: RHEL-08-030361 vmmsrg: SRG-OS-000466-VMM-001870,SRG-OS-000468-VMM-001890 {{{ complete_ocil_entry_audit_syscall(syscall="rmdir") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml -index bfe53b7d..d6a1340b 100644 +index 8fea9dc4..dab9ce26 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml -@@ -48,7 +48,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212 +@@ -52,7 +52,7 @@ references: stigid@ol7: OL07-00-030910 + stigid@ol8: OL08-00-030364 stigid@rhel7: RHEL-07-030910 -- stigid@rhel8: RHEL-08-030364 -+ stigid@almalinux8: RHEL-08-030364 +- stigid@rhel8: RHEL-08-030361 ++ stigid@almalinux8: RHEL-08-030361 stigid@ubuntu2004: UBTU-20-010267 vmmsrg: SRG-OS-000466-VMM-001870,SRG-OS-000468-VMM-001890 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml -index bd246f1b..ea4b92b3 100644 +index 6a5dcb6b..547ec963 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml -@@ -48,7 +48,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212 +@@ -52,7 +52,7 @@ references: stigid@ol7: OL07-00-030920 + stigid@ol8: OL08-00-030365 stigid@rhel7: RHEL-07-030920 -- stigid@rhel8: RHEL-08-030365 -+ stigid@almalinux8: RHEL-08-030365 +- stigid@rhel8: RHEL-08-030361 ++ stigid@almalinux8: RHEL-08-030361 stigid@ubuntu2004: UBTU-20-010268 vmmsrg: SRG-OS-000466-VMM-001870,SRG-OS-000468-VMM-001890 @@ -8568,24 +9637,24 @@ index a11b195b..3e87d37f 100644 title: 'Record Successful Delete Attempts to Files - unlinkat' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh -index 5cb4dbe6..f88cd458 100644 +index 853f8fe9..103b83c1 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # Perform the remediation of the syscall rule + # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml -index e2ff8a02..f106a17b 100644 +index b6aeb8bc..edb084f7 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful)' @@ -8614,23 +9683,23 @@ index 6ca6e27b..bb624b8f 100644 title: 'Record Unsuccessul Ownership Changes to Files - chown' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml -index 5c751cb2..14cf1b53 100644 +index 24a4b100..4e38d942 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Record Unsuccessful Access Attempts to Files - creat' -@@ -60,7 +60,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 +@@ -63,7 +63,7 @@ references: stigid@ol7: OL07-00-030500 + stigid@ol8: OL08-00-030470 stigid@rhel7: RHEL-07-030500 -- stigid@rhel8: RHEL-08-030470 -+ stigid@almalinux8: RHEL-08-030470 +- stigid@rhel8: RHEL-08-030420 ++ stigid@almalinux8: RHEL-08-030420 stigid@sle12: SLES-12-020520 stigid@sle15: SLES-15-030160 stigid@ubuntu2004: UBTU-20-010158 @@ -8707,23 +9776,23 @@ index bf1ff867..ac79f42c 100644 title: 'Record Unsuccessul Permission Changes to Files - fsetxattr' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml -index 76bcea15..f5cf3e82 100644 +index f9212bbb..7446c16b 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Record Unsuccessful Access Attempts to Files - ftruncate' -@@ -63,7 +63,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 +@@ -66,7 +66,7 @@ references: stigid@ol7: OL07-00-030550 + stigid@ol8: OL08-00-030460 stigid@rhel7: RHEL-07-030550 -- stigid@rhel8: RHEL-08-030460 -+ stigid@almalinux8: RHEL-08-030460 +- stigid@rhel8: RHEL-08-030420 ++ stigid@almalinux8: RHEL-08-030420 stigid@sle12: SLES-12-020510 stigid@sle15: SLES-15-030320 stigid@ubuntu2004: UBTU-20-010157 @@ -8764,57 +9833,56 @@ index e388ec2d..314b64f7 100644 title: 'Record Unsuccessul Permission Changes to Files - lsetxattr' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml -index 7c6764d2..28974844 100644 +index d64c2a19..13cf42e0 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Record Unsuccessful Access Attempts to Files - open' -@@ -63,7 +63,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 +@@ -66,7 +66,7 @@ references: stigid@ol7: OL07-00-030510 + stigid@ol8: OL08-00-030440 stigid@rhel7: RHEL-07-030510 -- stigid@rhel8: RHEL-08-030440 -+ stigid@almalinux8: RHEL-08-030440 +- stigid@rhel8: RHEL-08-030420 ++ stigid@almalinux8: RHEL-08-030420 stigid@sle12: SLES-12-020490 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml -index 9bb5ffe3..706edf61 100644 +index 937aa74c..dd23cc56 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Record Unsuccessful Access Attempts to Files - open_by_handle_at' -@@ -59,7 +59,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 +@@ -60,7 +60,7 @@ references: stigid@ol7: OL07-00-030530 + stigid@ol8: OL08-00-030450 stigid@rhel7: RHEL-07-030530 -- stigid@rhel8: RHEL-08-030450 -+ stigid@almalinux8: RHEL-08-030450 +- stigid@rhel8: RHEL-08-030420 ++ stigid@almalinux8: RHEL-08-030420 stigid@sle12: SLES-12-020540 stigid@sle15: SLES-15-030180 stigid@ubuntu2004: UBTU-20-010160 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh -index c93a8d88..5d2171bb 100644 +index b3a9d84a..f9d579a9 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh -@@ -1,4 +1,4 @@ +@@ -1,3 +1,3 @@ -# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux - # - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml index dbca575d..f00a0ff9 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml @@ -8828,15 +9896,14 @@ index dbca575d..f00a0ff9 100644 title: 'Record Unsuccessful Creation Attempts to Files - open_by_handle_at O_CREAT' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh -index c93a8d88..5d2171bb 100644 +index b3a9d84a..f9d579a9 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh -@@ -1,4 +1,4 @@ +@@ -1,3 +1,3 @@ -# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux - # - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml index b3a06000..462ad0a1 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml @@ -8850,15 +9917,14 @@ index b3a06000..462ad0a1 100644 title: 'Record Unsuccessful Modification Attempts to Files - open_by_handle_at O_TRUNC_WRITE' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh -index 282e673c..b7c5f1bf 100644 +index c944fb9e..b506644a 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh -@@ -1,4 +1,4 @@ +@@ -1,3 +1,3 @@ -# platform = multi_platform_rhel,multi_platform_ol +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol - # - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml index 650f5b6d..7104f6cd 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml @@ -8872,15 +9938,14 @@ index 650f5b6d..7104f6cd 100644 title: 'Ensure auditd Unauthorized Access Attempts To open_by_handle_at Are Ordered Correctly' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh -index 1e021c4f..41533c52 100644 +index c1352ae3..31de4374 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh -@@ -1,4 +1,4 @@ +@@ -1,3 +1,3 @@ -# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - # - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml index e0d4117e..222d70c8 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml @@ -8894,15 +9959,14 @@ index e0d4117e..222d70c8 100644 title: 'Record Unsuccessful Creation Attempts to Files - open O_CREAT' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh -index 1e021c4f..41533c52 100644 +index c1352ae3..31de4374 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh -@@ -1,4 +1,4 @@ +@@ -1,3 +1,3 @@ -# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - # - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml index 1cc53b18..2d82f928 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml @@ -8916,15 +9980,14 @@ index 1cc53b18..2d82f928 100644 title: 'Record Unsuccessful Modification Attempts to Files - open O_TRUNC_WRITE' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh -index 282e673c..b7c5f1bf 100644 +index c944fb9e..b506644a 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh -@@ -1,4 +1,4 @@ +@@ -1,3 +1,3 @@ -# platform = multi_platform_rhel,multi_platform_ol +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol - # - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml index 34e5d448..7d6ab8dc 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml @@ -8938,36 +10001,35 @@ index 34e5d448..7d6ab8dc 100644 title: 'Ensure auditd Rules For Unauthorized Attempts To open Are Ordered Correctly' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml -index c99656cc..5a0651b2 100644 +index 15fd7fec..172d1285 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Record Unsuccessful Access Attempts to Files - openat' -@@ -63,7 +63,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 +@@ -66,7 +66,7 @@ references: stigid@ol7: OL07-00-030520 + stigid@ol8: OL08-00-030430 stigid@rhel7: RHEL-07-030520 -- stigid@rhel8: RHEL-08-030430 -+ stigid@almalinux8: RHEL-08-030430 +- stigid@rhel8: RHEL-08-030420 ++ stigid@almalinux8: RHEL-08-030420 stigid@sle12: SLES-12-020530 stigid@sle15: SLES-15-030170 stigid@ubuntu2004: UBTU-20-010159 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh -index 1e021c4f..41533c52 100644 +index c1352ae3..31de4374 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh -@@ -1,4 +1,4 @@ +@@ -1,3 +1,3 @@ -# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - # - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml index b66f7225..e6c6c787 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml @@ -8981,15 +10043,14 @@ index b66f7225..e6c6c787 100644 title: 'Record Unsuccessful Creation Attempts to Files - openat O_CREAT' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh -index 1e021c4f..41533c52 100644 +index c1352ae3..31de4374 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh -@@ -1,4 +1,4 @@ +@@ -1,3 +1,3 @@ -# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - # - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml index bf575128..4081e603 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml @@ -9003,15 +10064,14 @@ index bf575128..4081e603 100644 title: 'Record Unsuccessful Modification Attempts to Files - openat O_TRUNC_WRITE' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh -index 282e673c..b7c5f1bf 100644 +index c944fb9e..b506644a 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh -@@ -1,4 +1,4 @@ +@@ -1,3 +1,3 @@ -# platform = multi_platform_rhel,multi_platform_ol +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol - # - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + + {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml index 4a09bc68..40f06aae 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml @@ -9049,7 +10109,7 @@ index ae390fc9..bc2c87f4 100644 title: 'Record Unsuccessul Delete Attempts to Files - rename' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml -index ab5d3b8d..a943e75f 100644 +index b26847c4..95aed62a 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml @@ -1,6 +1,6 @@ @@ -9073,20 +10133,20 @@ index a45d0cda..69fc6720 100644 title: 'Record Unsuccessul Permission Changes to Files - setxattr' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml -index 12771beb..fc214ad6 100644 +index 3c6a1b12..8ca0eeae 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Record Unsuccessful Access Attempts to Files - truncate' -@@ -62,7 +62,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205 +@@ -65,7 +65,7 @@ references: stigid@ol7: OL07-00-030540 + stigid@ol8: OL08-00-030420 stigid@rhel7: RHEL-07-030540 - stigid@rhel8: RHEL-08-030420 + stigid@almalinux8: RHEL-08-030420 @@ -9094,7 +10154,7 @@ index 12771beb..fc214ad6 100644 stigid@sle15: SLES-15-030610 stigid@ubuntu2004: UBTU-20-010156 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml -index c78957ba..97e31b51 100644 +index 327bf51e..b2018008 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml @@ -1,6 +1,6 @@ @@ -9106,7 +10166,7 @@ index c78957ba..97e31b51 100644 title: 'Record Unsuccessul Delete Attempts to Files - unlink' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml -index 8fa62518..b5bc00b2 100644 +index ae5f119a..13f0356d 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml @@ -1,6 +1,6 @@ @@ -9128,14 +10188,14 @@ index 905c14fe..fb7f6cff 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml -index 55246da9..20b1a3ea 100644 +index c3d70a84..cbea82ed 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading' @@ -9161,20 +10221,20 @@ index 51a61028..71df13a4 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml -index 052d21b4..584c6a3e 100644 +index d55bf54d..f23ea207 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Ensure auditd Collects Information on Kernel Module Unloading - delete_module' -@@ -51,7 +51,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222 +@@ -54,7 +54,7 @@ references: stigid@ol7: OL07-00-030830 + stigid@ol8: OL08-00-030390 stigid@rhel7: RHEL-07-030830 - stigid@rhel8: RHEL-08-030390 + stigid@almalinux8: RHEL-08-030390 @@ -9203,23 +10263,23 @@ index 90d7d43d..818c3cad 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml -index aa170023..bb9ee295 100644 +index 410c103a..50a2090d 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module' -@@ -50,7 +50,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222 +@@ -51,7 +51,7 @@ references: stigid@ol7: OL07-00-030821 + stigid@ol8: OL08-00-030380 stigid@rhel7: RHEL-07-030821 -- stigid@rhel8: RHEL-08-030380 -+ stigid@almalinux8: RHEL-08-030380 +- stigid@rhel8: RHEL-08-030360 ++ stigid@almalinux8: RHEL-08-030360 stigid@sle12: SLES-12-020740 stigid@sle15: SLES-15-030530 stigid@ubuntu2004: UBTU-20-010180 @@ -9245,20 +10305,20 @@ index 2fb9a7ff..7cef862d 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml -index 1d826043..26eebc3d 100644 +index c7d78888..0ab729e7 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Ensure auditd Collects Information on Kernel Module Loading - init_module' -@@ -50,7 +50,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222 +@@ -53,7 +53,7 @@ references: stigid@ol7: OL07-00-030820 + stigid@ol8: OL08-00-030360 stigid@rhel7: RHEL-07-030820 - stigid@rhel8: RHEL-08-030360 + stigid@almalinux8: RHEL-08-030360 @@ -9266,54 +10326,54 @@ index 1d826043..26eebc3d 100644 stigid@sle15: SLES-15-030540 stigid@ubuntu2004: UBTU-20-010179 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh -index 9c86d272..3e329261 100644 +index 13991cd7..77a89efb 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel +# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' + diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml -index c062cf52..9c29b4e1 100644 +index 858affea..0027d79a 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'Record Attempts to Alter Logon and Logout Events' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml -index 94d044ff..593a6d56 100644 +index 6a8fa7cb..7d3cc6c9 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019 title: 'Record Attempts to Alter Logon and Logout Events - faillock' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml -index 25f578b1..cc309bec 100644 +index cfd5fd79..20a33dde 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Record Attempts to Alter Logon and Logout Events - lastlog' -@@ -51,7 +51,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000470-GPOS-00214 +@@ -54,7 +54,7 @@ references: stigid@ol7: OL07-00-030620 + stigid@ol8: OL08-00-030600 stigid@rhel7: RHEL-07-030620 - stigid@rhel8: RHEL-08-030600 + stigid@almalinux8: RHEL-08-030600 @@ -9321,37 +10381,37 @@ index 25f578b1..cc309bec 100644 stigid@sle15: SLES-15-030480 stigid@ubuntu2004: UBTU-20-010171 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml -index 0da92228..441f051e 100644 +index ff8a7b24..cfd75f28 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 -+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 +-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 ++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019 title: 'Record Attempts to Alter Logon and Logout Events - tallylog' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml -index 850b4b1b..89815499 100644 +index 68c8497c..83094aae 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/bash/shared.sh -index 9e55247a..bf32011e 100644 +index 727868f8..76cc889b 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' + {{{ bash_perform_audit_rules_privileged_commands_remediation("auditctl", auid) }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh index 7e15005a..59b04990 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh @@ -9531,10 +10591,15 @@ index 3a947ea1..8471b399 100644 ./generate_privileged_commands_rule.sh 1000 own_key /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml -index c6464dbf..2961fb6d 100644 +index 453b64fe..8da9508a 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml -@@ -1,6 +1,6 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "ubuntu2004"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "ubuntu2004"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} + documentation_complete: true -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,ubuntu2004 @@ -9543,10 +10608,14 @@ index c6464dbf..2961fb6d 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - at' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml -index b5a9e29d..0f3b5781 100644 +index 1ba98b84..182eb072 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -9555,9 +10624,9 @@ index b5a9e29d..0f3b5781 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - chage' -@@ -58,7 +58,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215 +@@ -59,7 +59,7 @@ references: stigid@ol7: OL07-00-030660 + stigid@ol8: OL08-00-030250 stigid@rhel7: RHEL-07-030660 - stigid@rhel8: RHEL-08-030250 + stigid@almalinux8: RHEL-08-030250 @@ -9565,10 +10634,14 @@ index b5a9e29d..0f3b5781 100644 stigid@sle15: SLES-15-030120 stigid@ubuntu2004: UBTU-20-010175 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml -index 8cc2b236..d97ac264 100644 +index b2573957..2be5e675 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -9577,9 +10650,9 @@ index 8cc2b236..d97ac264 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - chsh' -@@ -58,7 +58,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -59,7 +59,7 @@ references: stigid@ol7: OL07-00-030720 + stigid@ol8: OL08-00-030410 stigid@rhel7: RHEL-07-030720 - stigid@rhel8: RHEL-08-030410 + stigid@almalinux8: RHEL-08-030410 @@ -9587,10 +10660,14 @@ index 8cc2b236..d97ac264 100644 stigid@sle15: SLES-15-030100 stigid@ubuntu2004: UBTU-20-010163 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml -index 86633fb6..c9994260 100644 +index 48fad244..4b2ac61a 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -9599,9 +10676,9 @@ index 86633fb6..c9994260 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - crontab' -@@ -57,7 +57,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -58,7 +58,7 @@ references: stigid@ol7: OL07-00-030800 + stigid@ol8: OL08-00-030400 stigid@rhel7: RHEL-07-030800 - stigid@rhel8: RHEL-08-030400 + stigid@almalinux8: RHEL-08-030400 @@ -9609,10 +10686,14 @@ index 86633fb6..c9994260 100644 stigid@sle15: SLES-15-030130 stigid@ubuntu2004: UBTU-20-010177 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml -index ac5bfb2c..fc55348f 100644 +index a0922716..4e766e4a 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -9621,9 +10702,9 @@ index ac5bfb2c..fc55348f 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - gpasswd' -@@ -59,7 +59,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -60,7 +60,7 @@ references: stigid@ol7: OL07-00-030650 + stigid@ol8: OL08-00-030370 stigid@rhel7: RHEL-07-030650 - stigid@rhel8: RHEL-08-030370 + stigid@almalinux8: RHEL-08-030370 @@ -9641,32 +10722,38 @@ index 5baa999e..cb49a4d7 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh -index 8e4fa636..04619986 100644 +index f9cbf11b..02cfce0d 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_sle,multi_platform_rhel +# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' + {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/insmod", "x", "modules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml -index b469e42b..ad89b5f9 100644 +index f5ec9ecf..af2fa414 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml +@@ -1,4 +1,4 @@ +-{{%- if product in ["rhel8"] %}} ++{{%- if product in ["rhel8", "almalinux8"] %}} + {{%- set kmod_audit="-a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged" %}} + {{%- elif product in ["ubuntu2004"] %}} + {{%- set kmod_audit="-w /bin/kmod -p x -k modules" %}} @@ -8,7 +8,7 @@ documentation_complete: true --prodtype: rhel8,sle12,sle15,ubuntu2004 -+prodtype: rhel8,almalinux8,sle12,sle15,ubuntu2004 +-prodtype: ol8,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - kmod' -@@ -44,7 +44,7 @@ references: - disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 +@@ -46,7 +46,7 @@ references: nist: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv)AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222 + stigid@ol8: OL08-00-030580 - stigid@rhel8: RHEL-08-030580 + stigid@almalinux8: RHEL-08-030580 stigid@sle12: SLES-12-020360 @@ -9683,20 +10770,24 @@ index 8f61ee32..07ddf429 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh -index 59ebc0fd..f0cc57e1 100644 +index ed9771d0..665d2cc0 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_sle,multi_platform_rhel -+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_ubuntu ++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' + {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/modprobe", "x", "modules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml -index 56bd72b6..ee8f032c 100644 +index c8a729bc..82141829 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -9706,19 +10797,24 @@ index 56bd72b6..ee8f032c 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - mount' @@ -50,7 +50,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@ol7: OL07-00-030740 + stigid@ol8: OL08-00-030300 stigid@rhel7: RHEL-07-030740 - stigid@rhel8: RHEL-08-030300 + stigid@almalinux8: RHEL-08-030300 stigid@sle12: SLES-12-020290 - stigid@sle15: SLES-15-030350 stigid@ubuntu2004: UBTU-20-010138 + vmmsrg: SRG-OS-000471-VMM-001910 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml -index f636e162..2f9498cf 100644 +index e57cd67d..da2919b3 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml -@@ -1,6 +1,6 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "ubuntu2004"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "ubuntu2004"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} + documentation_complete: true -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,ubuntu2004 @@ -9727,10 +10823,14 @@ index f636e162..2f9498cf 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newgidmap' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml -index 4c14ea50..b841a3fa 100644 +index 72a54c6b..3fddf556 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -9739,9 +10839,9 @@ index 4c14ea50..b841a3fa 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newgrp' -@@ -59,7 +59,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -60,7 +60,7 @@ references: stigid@ol7: OL07-00-030710 + stigid@ol8: OL08-00-030350 stigid@rhel7: RHEL-07-030710 - stigid@rhel8: RHEL-08-030350 + stigid@almalinux8: RHEL-08-030350 @@ -9749,10 +10849,15 @@ index 4c14ea50..b841a3fa 100644 stigid@sle15: SLES-15-030090 stigid@ubuntu2004: UBTU-20-010164 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml -index d75f2051..696b4e0e 100644 +index c66e67d1..831f1655 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml -@@ -1,6 +1,6 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "ubuntu2004"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "ubuntu2004"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} + documentation_complete: true -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,ubuntu2004 @@ -9761,9 +10866,16 @@ index d75f2051..696b4e0e 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newuidmap' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml -index c34eeb54..dc4ec5dd 100644 +index 6d161b5d..7e65a6d5 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml +@@ -1,5 +1,5 @@ + +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} + @@ -11,7 +11,7 @@ documentation_complete: true @@ -9773,9 +10885,9 @@ index c34eeb54..dc4ec5dd 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - pam_timestamp_check' -@@ -65,7 +65,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -66,7 +66,7 @@ references: stigid@ol7: OL07-00-030810 + stigid@ol8: OL08-00-030340 stigid@rhel7: RHEL-07-030810 - stigid@rhel8: RHEL-08-030340 + stigid@almalinux8: RHEL-08-030340 @@ -9783,10 +10895,14 @@ index c34eeb54..dc4ec5dd 100644 stigid@sle15: SLES-15-030510 stigid@ubuntu2004: UBTU-20-010178 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml -index 2af86f50..7cb88891 100644 +index 586efb3e..cc26d446 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -9795,9 +10911,9 @@ index 2af86f50..7cb88891 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - passwd' -@@ -58,7 +58,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -59,7 +59,7 @@ references: stigid@ol7: OL07-00-030630 + stigid@ol8: OL08-00-030290 stigid@rhel7: RHEL-07-030630 - stigid@rhel8: RHEL-08-030290 + stigid@almalinux8: RHEL-08-030290 @@ -9805,21 +10921,25 @@ index 2af86f50..7cb88891 100644 stigid@sle15: SLES-15-030070 stigid@ubuntu2004: UBTU-20-010172 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml -index 9509216e..859a508e 100644 +index c5cd8408..b2b5d4cf 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true --prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,ubuntu2004,wrlinux1019 -+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,wrlinux1019 +-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 ++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - postdrop' -@@ -55,7 +55,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -57,7 +57,7 @@ references: stigid@ol7: OL07-00-030760 + stigid@ol8: OL08-00-030311 stigid@rhel7: RHEL-07-030760 - stigid@rhel8: RHEL-08-030311 + stigid@almalinux8: RHEL-08-030311 @@ -9827,21 +10947,25 @@ index 9509216e..859a508e 100644 ocil_clause: 'it is not the case' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml -index c5d1a82c..95d5f841 100644 +index 4a15cd91..1d268284 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true --prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,ubuntu2004,wrlinux1019 -+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,ubuntu2004,wrlinux1019 +-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 ++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - postqueue' -@@ -55,7 +55,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -57,7 +57,7 @@ references: stigid@ol7: OL07-00-030770 + stigid@ol8: OL08-00-030312 stigid@rhel7: RHEL-07-030770 - stigid@rhel8: RHEL-08-030312 + stigid@almalinux8: RHEL-08-030312 @@ -9849,10 +10973,15 @@ index c5d1a82c..95d5f841 100644 ocil_clause: 'it is not the case' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml -index cb5995c1..7dbcaa68 100644 +index 0b4bb3cc..37995c62 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml -@@ -1,6 +1,6 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} + documentation_complete: true -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9 @@ -9871,40 +11000,46 @@ index f3c3324e..d5545d32 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh -index 699b21f9..c16036a3 100644 +index cab3cb16..d895a1d3 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = multi_platform_sle,multi_platform_rhel +# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' + {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/rmmod", "x", "modules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml -index f2ebca45..113b4c55 100644 +index 8cdfca3d..72b0ee78 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8,sle12,sle15,ubuntu2004 -+prodtype: rhel8,almalinux8,sle12,sle15,ubuntu2004 +-prodtype: ol8,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Record Any Attempts to Run ssh-agent' -@@ -37,7 +37,7 @@ references: - disa: CCI-000130,CCI-000169,CCI-000172 +@@ -39,7 +39,7 @@ references: nist@sle12: AU-3,AU-3.1,AU-12(a),AU-12(c),AU-12.1(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + stigid@ol8: OL08-00-030280 - stigid@rhel8: RHEL-08-030280 + stigid@almalinux8: RHEL-08-030280 stigid@sle12: SLES-12-020310 stigid@sle15: SLES-15-030370 stigid@ubuntu2004: UBTU-20-010140 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml -index 604cbcda..4ad6e2ad 100644 +index 96fd5e95..914f7b0d 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml +@@ -1,4 +1,4 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} + @@ -10,7 +10,7 @@ documentation_complete: true @@ -9914,9 +11049,9 @@ index 604cbcda..4ad6e2ad 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - ssh-keysign' -@@ -64,7 +64,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -65,7 +65,7 @@ references: stigid@ol7: OL07-00-030780 + stigid@ol8: OL08-00-030320 stigid@rhel7: RHEL-07-030780 - stigid@rhel8: RHEL-08-030320 + stigid@almalinux8: RHEL-08-030320 @@ -9924,10 +11059,14 @@ index 604cbcda..4ad6e2ad 100644 stigid@sle15: SLES-15-030060 stigid@ubuntu2004: UBTU-20-010141 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml -index 87a81ee0..1177a271 100644 +index cd83c4ed..659233c3 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -9936,9 +11075,9 @@ index 87a81ee0..1177a271 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - su' -@@ -58,7 +58,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-0003,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210 +@@ -59,7 +59,7 @@ references: stigid@ol7: OL07-00-030680 + stigid@ol8: OL08-00-030190 stigid@rhel7: RHEL-07-030680 - stigid@rhel8: RHEL-08-030190 + stigid@almalinux8: RHEL-08-030190 @@ -9946,10 +11085,14 @@ index 87a81ee0..1177a271 100644 stigid@sle15: SLES-15-030550 stigid@ubuntu2004: UBTU-20-010136 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml -index e9890918..e533bfed 100644 +index a3bac816..0da31642 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -9958,9 +11101,9 @@ index e9890918..e533bfed 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - sudo' -@@ -59,7 +59,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210 +@@ -60,7 +60,7 @@ references: stigid@ol7: OL07-00-030690 + stigid@ol8: OL08-00-030550 stigid@rhel7: RHEL-07-030690 - stigid@rhel8: RHEL-08-030550 + stigid@almalinux8: RHEL-08-030550 @@ -9968,10 +11111,15 @@ index e9890918..e533bfed 100644 stigid@sle15: SLES-15-030560 stigid@ubuntu2004: UBTU-20-010161 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml -index b65afabb..c6b62ef0 100644 +index a401027e..15a7c2cb 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml -@@ -1,6 +1,6 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle15", "ubuntu2004"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle15", "ubuntu2004"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} + documentation_complete: true -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 @@ -9980,10 +11128,14 @@ index b65afabb..c6b62ef0 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - sudoedit' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml -index 5d47508b..71f9546c 100644 +index 5fa4a273..f649ffb2 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -9993,19 +11145,23 @@ index 5d47508b..71f9546c 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - umount' @@ -58,7 +58,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@ol7: OL07-00-030750 + stigid@ol8: OL08-00-030301 stigid@rhel7: RHEL-07-030750 - stigid@rhel8: RHEL-08-030301 + stigid@almalinux8: RHEL-08-030301 stigid@sle12: SLES-12-020300 - stigid@sle15: SLES-15-030360 stigid@ubuntu2004: UBTU-20-010139 + vmmsrg: SRG-OS-000471-VMM-001910 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml -index 5be7f486..459617f7 100644 +index 15fe5052..aa270bad 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true @@ -10014,9 +11170,9 @@ index 5be7f486..459617f7 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - unix_chkpwd' -@@ -59,7 +59,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -60,7 +60,7 @@ references: stigid@ol7: OL07-00-030640 + stigid@ol8: OL08-00-030317 stigid@rhel7: RHEL-07-030640 - stigid@rhel8: RHEL-08-030317 + stigid@almalinux8: RHEL-08-030317 @@ -10024,42 +11180,46 @@ index 5be7f486..459617f7 100644 stigid@sle15: SLES-15-030110 vmmsrg: SRG-OS-000471-VMM-001910 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml -index 7ef800da..d645e83c 100644 +index 64a4c85e..7ea9b814 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8,rhel9 -+prodtype: rhel8,almalinux8,rhel9 +-prodtype: ol8,rhel8,rhel9,ubuntu2004 ++prodtype: ol8,rhel8,almalinux8,rhel9,ubuntu2004 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - unix_update' -@@ -37,7 +37,7 @@ identifiers: - references: - disa: CCI-000169 - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -38,7 +38,7 @@ references: + disa: CCI-000169,CCI-000172 + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 + stigid@ol8: OL08-00-030310 - stigid@rhel8: RHEL-08-030310 + stigid@almalinux8: RHEL-08-030310 + stigid@ubuntu2004: UBTU-20-010173 ocil_clause: 'it is not the case' - diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml -index 6dccc806..11e8adad 100644 +index 448d36c4..b085b827 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml -@@ -4,7 +4,7 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - userhelper' -@@ -55,7 +55,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -57,7 +57,7 @@ references: stigid@ol7: OL07-00-030670 + stigid@ol8: OL08-00-030315 stigid@rhel7: RHEL-07-030670 - stigid@rhel8: RHEL-08-030315 + stigid@almalinux8: RHEL-08-030315 @@ -10067,31 +11227,36 @@ index 6dccc806..11e8adad 100644 ocil_clause: 'it is not the case' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml -index 70890161..bfc61715 100644 +index 8cd21a5c..853577b8 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8,sle12,sle15,ubuntu2004 -+prodtype: rhel8,almalinux8,sle12,sle15,ubuntu2004 +-prodtype: ol8,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - usermod' -@@ -39,7 +39,7 @@ references: - disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 +@@ -41,7 +41,7 @@ references: nist@sle12: AU-3,AU-12(a),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210 + stigid@ol8: OL08-00-030560 - stigid@rhel8: RHEL-08-030560 + stigid@almalinux8: RHEL-08-030560 stigid@sle12: SLES-12-020700 stigid@sle15: SLES-15-030500 stigid@ubuntu2004: UBTU-20-010176 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml -index 82aee103..b3f858f6 100644 +index 88fc3a7c..1159b2eb 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml -@@ -1,6 +1,6 @@ +@@ -1,10 +1,10 @@ +-{{%- if product in ["rhel8", "rhel9"] %}} ++{{%- if product in ["rhel8", "rhel9", "almalinux8"] %}} + {{%- set perm_x="-F perm=x " %}} + {{%- endif %}} + documentation_complete: true -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9 @@ -10100,7 +11265,7 @@ index 82aee103..b3f858f6 100644 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - usernetctl' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml -index 1624800e..4779206a 100644 +index 4fd5bef0..30e9c339 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml @@ -1,6 +1,6 @@ @@ -10112,7 +11277,7 @@ index 1624800e..4779206a 100644 title: 'Record Events that Modify User/Group Information via open syscall - /etc/group' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml -index 40a4dbe1..c2bd2b96 100644 +index 79dc227e..d97d3a1e 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml @@ -1,6 +1,6 @@ @@ -10124,7 +11289,7 @@ index 40a4dbe1..c2bd2b96 100644 title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/group' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml -index 9fc74c8d..eaf19da7 100644 +index e1221d1a..d4b05056 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml @@ -1,6 +1,6 @@ @@ -10136,7 +11301,7 @@ index 9fc74c8d..eaf19da7 100644 title: 'Record Events that Modify User/Group Information via openat syscall - /etc/group' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml -index 6d8b3825..48d2733e 100644 +index 84d77e89..969bb5e4 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml @@ -1,6 +1,6 @@ @@ -10148,7 +11313,7 @@ index 6d8b3825..48d2733e 100644 title: 'Record Events that Modify User/Group Information via open syscall - /etc/gshadow' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml -index 193ba904..f8cfe822 100644 +index 3c8971e4..91444872 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml @@ -1,6 +1,6 @@ @@ -10160,7 +11325,7 @@ index 193ba904..f8cfe822 100644 title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/gshadow' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml -index b4c62c06..80570cd3 100644 +index 6ee8ef91..7b7abadc 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml @@ -1,6 +1,6 @@ @@ -10172,7 +11337,7 @@ index b4c62c06..80570cd3 100644 title: 'Record Events that Modify User/Group Information via openat syscall - /etc/gshadow' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml -index 5a2720c7..ae278d24 100644 +index 449fe58e..9a8dc9be 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml @@ -1,6 +1,6 @@ @@ -10184,7 +11349,7 @@ index 5a2720c7..ae278d24 100644 title: 'Record Events that Modify User/Group Information via open syscall - /etc/passwd' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml -index ffbc6bb7..ed4ab674 100644 +index 37094bd4..a62486e4 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml @@ -1,6 +1,6 @@ @@ -10196,7 +11361,7 @@ index ffbc6bb7..ed4ab674 100644 title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/passwd' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml -index 82f30df8..2c22c45d 100644 +index ee516082..6ae9798c 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml @@ -1,6 +1,6 @@ @@ -10208,7 +11373,7 @@ index 82f30df8..2c22c45d 100644 title: 'Record Events that Modify User/Group Information via openat syscall - /etc/passwd' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml -index 1f108ace..35527d88 100644 +index 01b22ecb..f3c198fb 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml @@ -1,6 +1,6 @@ @@ -10220,7 +11385,7 @@ index 1f108ace..35527d88 100644 title: 'Record Events that Modify User/Group Information via open syscall - /etc/shadow' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml -index 524503c7..2b263578 100644 +index 0eaf7977..2c4c9699 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml @@ -1,6 +1,6 @@ @@ -10232,7 +11397,7 @@ index 524503c7..2b263578 100644 title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/shadow' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml -index cf135641..ff19970a 100644 +index a1a40472..325c88f4 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml @@ -1,6 +1,6 @@ @@ -10244,12 +11409,12 @@ index cf135641..ff19970a 100644 title: 'Record Events that Modify User/Group Information via openat syscall - /etc/shadow' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh -index 36e06914..1e43efa0 100644 +index b9daadd7..514f4744 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle # Traverse all of: # @@ -10265,35 +11430,35 @@ index 26d02c24..28daa910 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml -index 6818e5c7..74f4a76a 100644 +index d298d9e9..d4add406 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml -@@ -48,4 +48,4 @@ references: - nist-csf: DE.AE-3,DE.AE-5,ID.SC-4,PR.AC-4,PR.DS-5,PR.PT-1,RS.AN-1,RS.AN-4 +@@ -51,4 +51,4 @@ references: pcidss: Req-10.5.2 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029 + stigid@ol8: OL08-00-030121 - stigid@rhel8: RHEL-08-030121 + stigid@almalinux8: RHEL-08-030121 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml -index 4633be5a..cb5dd0dc 100644 +index e55119fd..2e7514b5 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh -index 0d731ffc..48457226 100644 +index 632149b9..038c574b 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle + # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' + {{{ bash_fix_audit_watch_rule("auditctl", "/etc/selinux/", "wa", "MAC-policy") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml index 4534624b..7d1db5bb 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml @@ -10306,58 +11471,58 @@ index 4534624b..7d1db5bb 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml -index 298aec87..772cf5d4 100644 +index e3b53819..cef1ede1 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml -@@ -49,7 +49,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 +@@ -53,7 +53,7 @@ references: stigid@ol7: OL07-00-030740 + stigid@ol8: OL08-00-030302 stigid@rhel7: RHEL-07-030740 - stigid@rhel8: RHEL-08-030302 + stigid@almalinux8: RHEL-08-030302 stigid@sle12: SLES-12-020290 + stigid@sle15: SLES-15-030350 - ocil_clause: 'there is no output' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml -index b5262d79..ffe98233 100644 +index 3c1ca33a..fdb0252c 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle # reboot =false # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh -index 3c5e593d..5504f293 100644 +index 352d01bd..a3b0b525 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # First perform the remediation of the syscall rule + # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml -index 08694d30..dc3e8362 100644 +index 7f2f4e29..7ad5c59a 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh -index e8801374..95ec4a64 100644 +index d01b505a..8cce3781 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' + {{{ bash_fix_audit_watch_rule("auditctl", "/var/run/utmp", "wa", "session") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml index 1decbff9..083f80bd 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml @@ -10370,82 +11535,82 @@ index 1decbff9..083f80bd 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml -index f39bfa7e..02c5a419 100644 +index 36f780a9..f4141fe3 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8,rhel9 -+prodtype: rhel8,almalinux8,rhel9 +-prodtype: ol8,rhel8,rhel9 ++prodtype: ol8,rhel8,almalinux8,rhel9 title: 'Ensure auditd Collects System Administrator Actions - /etc/sudoers' -@@ -29,7 +29,7 @@ identifiers: - references: - disa: CCI-000169 - srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,CCI-002884,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221 +@@ -30,7 +30,7 @@ references: + disa: CCI-000169,CCI-002884 + srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221 + stigid@ol8: OL08-00-030171 - stigid@rhel8: RHEL-08-030171 + stigid@almalinux8: RHEL-08-030171 ocil_clause: 'there is not output' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml -index d4a35a79..c2acf809 100644 +index a5f906e9..36370d87 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8,rhel9 -+prodtype: rhel8,almalinux8,rhel9 +-prodtype: ol8,rhel8,rhel9 ++prodtype: ol8,rhel8,almalinux8,rhel9 title: 'Ensure auditd Collects System Administrator Actions - /etc/sudoers.d/' -@@ -29,7 +29,7 @@ identifiers: - references: - disa: CCI-000169 - srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,CCI-002884,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221 +@@ -30,7 +30,7 @@ references: + disa: CCI-000169,CCI-002884 + srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221 + stigid@ol8: OL08-00-030172 - stigid@rhel8: RHEL-08-030172 + stigid@almalinux8: RHEL-08-030172 ocil_clause: 'there is not output' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml -index fadb4c86..7df2e0cb 100644 +index 9583a47b..b68aa06b 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh -index 39769793..8b5bfffb 100644 +index c474fe55..d3ad208d 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel -+# platform = multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # First perform the remediation of the syscall rule + # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml -index 04c4ce92..d1c71c4c 100644 +index 6635fa92..53d1d152 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel7,rhel8,sle12,sle15,ubuntu2004 -+prodtype: rhel7,rhel8,almalinux8,sle12,sle15,ubuntu2004 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004 title: 'Record Events When Privileged Executables Are Run' -@@ -38,7 +38,7 @@ references: - nist: CM-5(1),AU-7(a),AU-7(b),AU-8(b),AU-12(3),AC-6(9) - srg: SRG-OS-000326-GPOS-00126,SRG-OS-000327-GPOS-00127,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000359-GPOS-00146,SRG-OS-000365-GPOS-00152 +@@ -41,7 +41,7 @@ references: + stigid@ol7: OL07-00-030360 + stigid@ol8: OL08-00-030000 stigid@rhel7: RHEL-07-030360 - stigid@rhel8: RHEL-08-030000 + stigid@almalinux8: RHEL-08-030000 @@ -10453,15 +11618,15 @@ index 04c4ce92..d1c71c4c 100644 stigid@sle15: SLES-15-030640 stigid@ubuntu2004: UBTU-20-010211 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh -index b6a4e7ef..31367467 100644 +index 3b1d4ede..420f5707 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle ++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' + {{{ bash_fix_audit_watch_rule("auditctl", "/etc/sudoers", "wa", "actions") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml index 5c99e72f..88c36f80 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml @@ -10474,29 +11639,29 @@ index 5c99e72f..88c36f80 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml -index bf283323..83356ccd 100644 +index 9f8dd579..7683678f 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019 -+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019 +-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019 ++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019 title: 'Shutdown System When Auditing Failures Occur' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh -index bb030985..53d33c43 100644 +index 39eac550..5d9c29be 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh @@ -1,4 +1,4 @@ -# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' + {{{ bash_fix_audit_watch_rule("auditctl", "/etc/group", "wa", "audit_rules_usergroup_modification") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml -index 11c8f823..62fe8fa3 100644 +index 6cb77454..8abc7409 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml @@ -1,6 +1,6 @@ @@ -10507,9 +11672,9 @@ index 11c8f823..62fe8fa3 100644 title: 'Record Events that Modify User/Group Information - /etc/group' -@@ -56,7 +56,7 @@ references: - srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,CCI-002884,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221 +@@ -59,7 +59,7 @@ references: stigid@ol7: OL07-00-030871 + stigid@ol8: OL08-00-030170 stigid@rhel7: RHEL-07-030871 - stigid@rhel8: RHEL-08-030170 + stigid@almalinux8: RHEL-08-030170 @@ -10517,7 +11682,7 @@ index 11c8f823..62fe8fa3 100644 stigid@sle15: SLES-15-030010 stigid@ubuntu2004: UBTU-20-010101 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml -index 8ccf265d..44bafe70 100644 +index 1bdaf0fe..11403df8 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml @@ -1,6 +1,6 @@ @@ -10528,9 +11693,9 @@ index 8ccf265d..44bafe70 100644 title: 'Record Events that Modify User/Group Information - /etc/gshadow' -@@ -56,7 +56,7 @@ references: - srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221 +@@ -59,7 +59,7 @@ references: stigid@ol7: OL07-00-030872 + stigid@ol8: OL08-00-030160 stigid@rhel7: RHEL-07-030872 - stigid@rhel8: RHEL-08-030160 + stigid@almalinux8: RHEL-08-030160 @@ -10538,7 +11703,7 @@ index 8ccf265d..44bafe70 100644 stigid@sle15: SLES-15-030040 stigid@ubuntu2004: UBTU-20-010103 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml -index b8e99f21..9b0b5353 100644 +index f039be50..0eaf7df5 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml @@ -1,6 +1,6 @@ @@ -10549,9 +11714,9 @@ index b8e99f21..9b0b5353 100644 title: 'Record Events that Modify User/Group Information - /etc/security/opasswd' -@@ -57,7 +57,7 @@ references: - srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000476-GPOS-00221,SRG-OS-000463-GPOS-00207 +@@ -60,7 +60,7 @@ references: stigid@ol7: OL07-00-030874 + stigid@ol8: OL08-00-030140 stigid@rhel7: RHEL-07-030874 - stigid@rhel8: RHEL-08-030140 + stigid@almalinux8: RHEL-08-030140 @@ -10559,7 +11724,7 @@ index b8e99f21..9b0b5353 100644 stigid@sle15: SLES-15-030030 stigid@ubuntu2004: UBTU-20-010104 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml -index aae128fe..a1d9ee19 100644 +index 188d28a7..47fb62ff 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml @@ -1,6 +1,6 @@ @@ -10570,9 +11735,9 @@ index aae128fe..a1d9ee19 100644 title: 'Record Events that Modify User/Group Information - /etc/passwd' -@@ -56,7 +56,7 @@ references: - srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-OS-000274-GPOS-00104,SRG-OS-000275-GPOS-00105,SRG-OS-000276-GPOS-00106,SRG-OS-000277-GPOS-00107 +@@ -59,7 +59,7 @@ references: stigid@ol7: OL07-00-030870 + stigid@ol8: OL08-00-030150 stigid@rhel7: RHEL-07-030870 - stigid@rhel8: RHEL-08-030150 + stigid@almalinux8: RHEL-08-030150 @@ -10580,7 +11745,7 @@ index aae128fe..a1d9ee19 100644 stigid@sle15: SLES-15-030000 stigid@ubuntu2004: UBTU-20-010100 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml -index d6cede0d..971dea81 100644 +index 7e2e181f..c87e8290 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml @@ -1,6 +1,6 @@ @@ -10591,9 +11756,9 @@ index d6cede0d..971dea81 100644 title: 'Record Events that Modify User/Group Information - /etc/shadow' -@@ -56,7 +56,7 @@ references: - srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221 +@@ -59,7 +59,7 @@ references: stigid@ol7: OL07-00-030873 + stigid@ol8: OL08-00-030130 stigid@rhel7: RHEL-07-030873 - stigid@rhel8: RHEL-08-030130 + stigid@almalinux8: RHEL-08-030130 @@ -10601,15 +11766,14 @@ index d6cede0d..971dea81 100644 stigid@sle15: SLES-15-030020 stigid@ubuntu2004: UBTU-20-010102 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh -index 1eeb41de..f0d60ef4 100644 +index e829590e..e72d090f 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +@@ -1,3 +1,3 @@ +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml index 3fbd4948..27378a92 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml @@ -10622,15 +11786,15 @@ index 3fbd4948..27378a92 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh -index 0d51b6b9..72a9ab19 100644 +index 1dd7cb10..9c43228d 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + # First perform the remediation of the syscall rule + # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml index 18bb2671..8f0bffdd 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml @@ -10643,15 +11807,14 @@ index 18bb2671..8f0bffdd 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh -index 1eeb41de..f0d60ef4 100644 +index e829590e..e72d090f 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +@@ -1,3 +1,3 @@ +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml index e2f2d649..bd5c2434 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml @@ -10664,15 +11827,14 @@ index e2f2d649..bd5c2434 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh -index 1eeb41de..f0d60ef4 100644 +index e829590e..e72d090f 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +@@ -1,3 +1,3 @@ +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions + {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml index 7ea72adf..28662fe8 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml @@ -10685,15 +11847,15 @@ index 7ea72adf..28662fe8 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh -index ed5ff647..09d8474f 100644 +index 742bbfc4..e9db1df7 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux - # Include source function library. - . /usr/share/scap-security-guide/remediation_functions +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle + # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' + {{{ bash_fix_audit_watch_rule("auditctl", "/etc/localtime", "wa", "audit_time_rules") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml index ac72267a..67ee8659 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml @@ -10716,145 +11878,145 @@ index ec17adf5..0ecb4079 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml -index 3915300c..ac1e9e88 100644 +index 95272cce..2daa232b 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8 -+prodtype: rhel8,almalinux8 +-prodtype: ol8,rhel8,rhel9 ++prodtype: ol8,rhel8,almalinux8,rhel9 title: 'System Audit Directories Must Be Group Owned By Root' -@@ -32,7 +32,7 @@ references: - nist-csf: DE.AE-3,DE.AE-5,PR.AC-4,PR.DS-5,PR.PT-1,RS.AN-1,RS.AN-4 +@@ -34,7 +34,7 @@ references: pcidss: Req-10.5.1 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084 + stigid@ol8: OL08-00-030110 - stigid@rhel8: RHEL-08-030110 + stigid@almalinux8: RHEL-08-030110 ocil: |- {{{ describe_file_group_owner(file="/var/log/audit", group="root") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml -index cd6c45e2..6b327227 100644 +index acec72a8..a7322a9c 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8 -+prodtype: rhel8,almalinux8 +-prodtype: ol8,rhel8,rhel9 ++prodtype: ol8,rhel8,almalinux8,rhel9 title: 'System Audit Directories Must Be Owned By Root' -@@ -30,7 +30,7 @@ references: - nist-csf: DE.AE-3,DE.AE-5,PR.AC-4,PR.DS-5,PR.PT-1,RS.AN-1,RS.AN-4 +@@ -32,7 +32,7 @@ references: pcidss: Req-10.5.1 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084 + stigid@ol8: OL08-00-030100 - stigid@rhel8: RHEL-08-030100 + stigid@almalinux8: RHEL-08-030100 ocil: |- {{{ describe_file_owner(file="/var/log/audit", owner="root") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh -index fb64c243..30e0c22f 100644 +index 8683b710..14f0fc0c 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu - if LC_ALL=C grep -m 1 -q ^log_group /etc/audit/auditd.conf; then - GROUP=$(awk -F "=" '/log_group/ {print $2}' /etc/audit/auditd.conf | tr -d ' ') + if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then + DIR=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ' | rev | cut -d"/" -f2- | rev) diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml -index fde4f452..372023ef 100644 +index 10d443b7..c42b97ad 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml -@@ -30,7 +30,7 @@ references: - nist: CM-6(a),AC-6(1),AU-9 +@@ -31,7 +31,7 @@ references: nist-csf: DE.AE-3,DE.AE-5,PR.AC-4,PR.DS-5,PR.PT-1,RS.AN-1,RS.AN-4 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029 + stigid@ol8: OL08-00-030120 - stigid@rhel8: RHEL-08-030120 + stigid@almalinux8: RHEL-08-030120 + stigid@ubuntu2004: UBTU-20-010128 ocil_clause: 'any are more permissive' - diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml -index 767c8c89..6b0b1074 100644 +index 2efc71f8..cfaf1e45 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8 -+prodtype: rhel8,almalinux8 +-prodtype: ol8,rhel8,rhel9,ubuntu2004 ++prodtype: ol8,rhel8,almalinux8,rhel9,ubuntu2004 title: 'System Audit Logs Must Be Group Owned By Root' -@@ -32,7 +32,7 @@ references: - nist-csf: DE.AE-3,DE.AE-5,PR.AC-4,PR.DS-5,PR.PT-1,RS.AN-1,RS.AN-4 +@@ -37,7 +37,7 @@ references: pcidss: Req-10.5.1 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084 + stigid@ol8: OL08-00-030090 - stigid@rhel8: RHEL-08-030090 + stigid@almalinux8: RHEL-08-030090 + stigid@ubuntu2004: UBTU-20-010124 ocil: |- - {{{ describe_file_group_owner(file="/var/log/audit/*", group="root") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml -index 7f895759..c6d2eb2d 100644 +index 60d46adc..048ecf8c 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: rhel8 -+prodtype: rhel8,almalinux8 +-prodtype: ol8,rhel8,rhel9,ubuntu2004 ++prodtype: ol8,rhel8,almalinux8,rhel9,ubuntu2004 title: 'System Audit Logs Must Be Owned By Root' -@@ -30,7 +30,7 @@ references: - nist-csf: DE.AE-3,DE.AE-5,PR.AC-4,PR.DS-5,PR.PT-1,RS.AN-1,RS.AN-4 +@@ -34,7 +34,7 @@ references: pcidss: Req-10.5.1 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084 + stigid@ol8: OL08-00-030080 - stigid@rhel8: RHEL-08-030080 + stigid@almalinux8: RHEL-08-030080 + stigid@ubuntu2004: UBTU-20-010123 ocil: |- - {{{ describe_file_owner(file="/var/log/audit/*", owner="root") }}} diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh -index d6c45867..17a30a70 100644 +index 2b146586..859d7317 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv +-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu - if LC_ALL=C grep -m 1 -q ^log_group /etc/audit/auditd.conf; then - GROUP=$(awk -F "=" '/log_group/ {print $2}' /etc/audit/auditd.conf | tr -d ' ') + if LC_ALL=C grep -iw log_file /etc/audit/auditd.conf; then + FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ') diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml -index 9a9d68be..c22dbf8a 100644 +index a7056eda..e84a3847 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true --prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4 +-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004 ++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004 title: 'System Audit Logs Must Have Mode 0640 or Less Permissive' -@@ -38,7 +38,7 @@ references: - srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084 +@@ -40,7 +40,7 @@ references: stigid@ol7: OL07-00-910055 + stigid@ol8: OL08-00-030070 stigid@rhel7: RHEL-07-910055 - stigid@rhel8: RHEL-08-030070 + stigid@almalinux8: RHEL-08-030070 + stigid@ubuntu2004: UBTU-20-010122 ocil_clause: 'any are more permissive' - diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml -index eb3fd508..6dec3bcd 100644 +index eb3fd508..132047e0 100644 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml @@ -1,11 +1,11 @@ @@ -10867,37 +12029,37 @@ index eb3fd508..6dec3bcd 100644 {{{ ansible_instantiate_variables("var_audispd_remote_server") }}} -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}} -+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] %}} ++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}} {{% set audisp_config_file_path = "/etc/audit/audisp-remote.conf" %}} {{% else %}} {{% set audisp_config_file_path = "/etc/audisp/audisp-remote.conf" %}} diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh -index 4d37c760..88367768 100644 +index cc85e4a2..b86f0ef4 100644 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh @@ -1,8 +1,8 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle - . /usr/share/scap-security-guide/remediation_functions +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle,multi_platform_ubuntu + {{{ bash_instantiate_variables("var_audispd_remote_server") }}} -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}} -+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] %}} ++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}} AUDITCONFIG=/etc/audit/audisp-remote.conf {{% else %}} AUDITCONFIG=/etc/audisp/audisp-remote.conf diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/oval/shared.xml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/oval/shared.xml -index 8fa77047..4faca2da 100644 +index a19f62d3..b9d78eb9 100644 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/oval/shared.xml +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/oval/shared.xml @@ -1,4 +1,4 @@ -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}} -+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] %}} ++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}} {{% set audisp_config_file_path = "/etc/audit/audisp-remote.conf" %}} {{% else %}} {{% set audisp_config_file_path = "/etc/audisp/audisp-remote.conf" %}} diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml -index 507f7d33..52943889 100644 +index 814f868f..797ced64 100644 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml @@ -1,6 +1,6 @@ @@ -10908,28 +12070,24 @@ index 507f7d33..52943889 100644 title: 'Configure audispd Plugin To Send Logs To Remote Server' -@@ -8,7 +8,7 @@ description: |- - Configure the audispd plugin to off-load audit records onto a different - system or media from the system being audited. +@@ -12,7 +12,7 @@ description: |- + 
/etc/audisp/plugins.d/au-remote.conf
+ {{% endif %}} Set the remote_server option in 
 -{{%- if product in ["rhel8", "fedora", "ol8", "rhv4"] -%}}
-+{{%- if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] -%}}
++{{%- if product in ["rhel8", "fedora", "almalinux8", "ol8", "rhv4"] -%}}
      /etc/audit/audisp-remote.conf
  {{%- else -%}}
      /etc/audisp/audisp-remote.conf
-@@ -48,11 +48,10 @@ ocil_clause: 'audispd is not sending logs to a remote system'
- ocil: |-
+@@ -59,7 +59,7 @@ ocil: |-
+ {{% endif %}}
      To verify the audispd plugin off-loads audit records onto a different system or
      media from the system being audited, run the following command:
 -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] %}}
++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
      
$ sudo grep -i remote_server /etc/audit/audisp-remote.conf

  {{% else %}}
      
$ sudo grep -i remote_server /etc/audisp/audisp-remote.conf

- {{% endif %}}
-     The output should return something similar to
-     
remote_server = {{{ xccdf_value("var_audispd_remote_server") }}}

--
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh
 index f3401af3..dc069b05 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/tests/audit_remote_server_hostname.pass.sh
@@ -10953,21 +12111,21 @@ index 29cf6015..61a9640e 100644
  . $SHARED/auditd_utils.sh
  prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
-index a7f7a069..e37cc11c 100644
+index 2426f830..316d0819 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel8,sle12,sle15,ubuntu2004
-+prodtype: rhel8,almalinux8,sle12,sle15,ubuntu2004
+-prodtype: ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
++prodtype: ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
  
  title: 'Configure a Sufficiently Large Partition for Audit Logs'
  
-@@ -43,7 +43,7 @@ references:
-     disa: CCI-001849
+@@ -45,7 +45,7 @@ references:
      nist@sle15: AU-4
      srg: SRG-OS-000341-GPOS-00132,SRG-OS-000342-GPOS-00133
+     stigid@ol8: OL08-00-030660
 -    stigid@rhel8: RHEL-08-030660
 +    stigid@almalinux8: RHEL-08-030660
      stigid@sle12: SLES-12-020020 
@@ -10986,27 +12144,26 @@ index e5c33838..b855ec67 100644
  title: 'Configure audispd''s Plugin disk_full_action When Disk Is Full'
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh
-index 344ff384..fda02e3f 100644
+index 536220c6..5be962ce 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh
-@@ -1,7 +1,7 @@
+@@ -1,6 +1,6 @@
  # platform = multi_platform_wrlinux,multi_platform_all
- . /usr/share/scap-security-guide/remediation_functions
  
 -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] %}}
++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
  AUDISP_REMOTE_CONFIG="/etc/audit/audisp-remote.conf"
  option="^transport"
  value="KRB5"
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml
-index 1e21e071..04f841d1 100644
+index 1e21e071..9d74788c 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml
 @@ -1,6 +1,6 @@
  
    
 -    {{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+    {{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] %}}
++    {{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
      {{{ oval_metadata("transport setting in /etc/audit/audisp-remote.conf is set to 'KRB5'") }}}
      {{% else %}}
      {{{ oval_metadata("enable_krb5 setting in /etc/audisp/audisp-remote.conf is set to 'yes'") }}}
@@ -11015,7 +12172,7 @@ index 1e21e071..04f841d1 100644
  
    
 -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] %}}
++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
      /etc/audit/audisp-remote.conf
  {{% else %}}
      /etc/audisp/audisp-remote.conf
@@ -11023,12 +12180,12 @@ index 1e21e071..04f841d1 100644
      
      
 -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] %}}
++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
      ^[ ]*transport[ ]+=[ ]+KRB5[ ]*$
  {{% else %}}
      ^[ ]*enable_krb5[ ]+=[ ]+yes[ ]*$
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
-index 9c3f34e2..cad24ae9 100644
+index 9c3f34e2..e62aaf08 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
 @@ -1,13 +1,13 @@
@@ -11043,7 +12200,7 @@ index 9c3f34e2..cad24ae9 100644
      Configure the operating system to encrypt the transfer of off-loaded audit
      records onto a different system or media from the system being audited.
 -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] %}}
++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
      Set the transport option in 
/etc/audit/audisp-remote.conf

      to KRB5.
  {{% else %}}
@@ -11052,15 +12209,10 @@ index 9c3f34e2..cad24ae9 100644
      To verify the audispd plugin encrypts audit records off-loaded onto a different
      system or media from the system being audited, run the following command:
 -{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] %}}
++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}}
      
$ sudo grep -i transport /etc/audit/audisp-remote.conf

      The output should return the following:
      
transport = KRB5

-@@ -53,4 +53,3 @@ ocil: |-
-     The output should return the following:
-     
enable_krb5 = yes

- {{% endif %}}
--
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh
 index 9b2f37fd..4f7164e3 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh
@@ -11118,40 +12270,40 @@ index 08d2794f..8e3bc55b 100644
  title: 'Configure audispd''s Plugin network_failure_action On Network Failure'
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/ansible/shared.yml
-index 56611725..5e7c5327 100644
+index 976c8104..f5cb4872 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/ansible/shared.yml
 @@ -6,7 +6,7 @@
  
  - name: enable syslog plugin
    lineinfile:
--    {{% if product in ["rhel8", "fedora", "ol8", "rhv4"] -%}}
-+    {{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] -%}}
+-    {{% if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] -%}}
++    {{% if product in ["rhel8", "almalinux8", "rhel9", "fedora", "ol8", "rhv4"] -%}}
      dest: /etc/audit/plugins.d/syslog.conf
      {{%- else -%}}
      dest: /etc/audisp/plugins.d/syslog.conf
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/bash/shared.sh
-index 6f2b49d4..7b0d6072 100644
+index 96de94d4..bc59bf9a 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/bash/shared.sh
-@@ -2,7 +2,7 @@
- . /usr/share/scap-security-guide/remediation_functions
+@@ -1,7 +1,7 @@
+ # platform = multi_platform_all
  var_syslog_active="yes"
  
--{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] %}}
+-{{% if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] %}}
++{{% if product in ["rhel8", "almalinux8", "rhel9", "fedora", "ol8", "rhv4"] %}}
  AUDISP_SYSLOGCONFIG=/etc/audit/plugins.d/syslog.conf
  {{% else %}}
  AUDISP_SYSLOGCONFIG=/etc/audisp/plugins.d/syslog.conf
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/oval/shared.xml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/oval/shared.xml
-index 834225ca..6c4ff9cd 100644
+index 7ab522e0..87d5c878 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/oval/shared.xml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/oval/shared.xml
 @@ -1,6 +1,6 @@
  
    
--    {{{ oval_metadata("active setting in " + ("/etc/audit/plugins.d/syslog.conf" if product in ["rhel8", "fedora", "ol8", "rhv4"] else "/etc/audisp/plugins.d/syslog.conf") + " is set to 'yes'") }}}
-+    {{{ oval_metadata("active setting in " + ("/etc/audit/plugins.d/syslog.conf" if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] else "/etc/audisp/plugins.d/syslog.conf") + " is set to 'yes'") }}}
+-    {{{ oval_metadata("active setting in " + ("/etc/audit/plugins.d/syslog.conf" if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] else "/etc/audisp/plugins.d/syslog.conf") + " is set to 'yes'") }}}
++    {{{ oval_metadata("active setting in " + ("/etc/audit/plugins.d/syslog.conf" if product in ["rhel8", "rhel9", "almalinux8", "fedora", "ol8", "rhv4"] else "/etc/audisp/plugins.d/syslog.conf") + " is set to 'yes'") }}}
  
      
          
@@ -11159,66 +12311,63 @@ index 834225ca..6c4ff9cd 100644
    
  
    
--{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
-+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] %}}
+-{{% if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] %}}
++{{% if product in ["rhel8", "almalinux8", "rhel9", "fedora", "ol8", "rhv4"] %}}
      /etc/audit/plugins.d/syslog.conf
  {{% else %}}
      /etc/audisp/plugins.d/syslog.conf
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml
-index dbea37d7..41dce950 100644
+index 4b37d016..162582f7 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml
 @@ -6,7 +6,7 @@ description: |-
      To configure the auditd service to use the
      syslog plug-in of the audispd audit event multiplexor, set
      the active line in 
--{{%- if product in ["rhel8", "fedora", "ol8", "rhv4"] -%}}
-+{{%- if product in ["rhel8", "fedora", "ol8", "rhv4", "almalinux8"] -%}}
+-{{%- if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] -%}}
++{{%- if product in ["rhel8", "rhel9", "almalinux8", "fedora", "ol8", "rhv4"] -%}}
      /etc/audit/plugins.d/syslog.conf
  {{%- else -%}}
      /etc/audisp/plugins.d/syslog.conf
-@@ -49,10 +49,9 @@ ocil_clause: 'it is not activated'
+@@ -50,7 +50,7 @@ ocil_clause: 'it is not activated'
  
  ocil: |-
      To verify the audispd's syslog plugin is active, run the following command:
--{{% if product in ["rhel8", "fedora", "rhv4"] %}}
-+{{% if product in ["rhel8", "fedora", "rhv4", "almalinux8"] %}}
+-{{% if product in ["rhel8", "rhel9", "fedora", "rhv4"] %}}
++{{% if product in ["rhel8", "almalinux8", "rhel9", "fedora", "rhv4"] %}}
      
$ sudo grep active /etc/audit/plugins.d/syslog.conf

  {{% else %}}
      
$ sudo grep active /etc/audisp/plugins.d/syslog.conf

- {{% endif %}}
-     If the plugin is active, the output will show yes.
--
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
-index e2df674c..d71a83db 100644
+index b1dd2333..3234308f 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = bash
  
  . $SHARED/auditd_utils.sh
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
-index b05ad85b..d03bbb3d 100644
+index 0755a9dd..cb85748f 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = bash
  
  . $SHARED/auditd_utils.sh
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
-index 151f2aff..3cb652bf 100644
+index 046c9ac9..83adb66c 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
  # remediation = bash
  
  . $SHARED/auditd_utils.sh
@@ -11233,13 +12382,13 @@ index 06f4a10c..ba788edb 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh
-index 2b17ddd8..bccaaab8 100644
+index 355c9210..d8e8305e 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux
- . /usr/share/scap-security-guide/remediation_functions
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ 
  {{{ bash_instantiate_variables("var_auditd_disk_error_action") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
@@ -11254,13 +12403,13 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
-index c5980c53..d84e6760 100644
+index dc335a66..516b3b76 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
-@@ -37,7 +37,7 @@ references:
-     nist: AU-5(b),AU-5(2),AU-5(1),AU-5(4),CM-6(a)
+@@ -38,7 +38,7 @@ references:
      nist-csf: DE.AE-3,DE.AE-5,PR.DS-4,PR.PT-1,RS.AN-1,RS.AN-4
      srg: SRG-OS-000047-GPOS-00023
+     stigid@ol8: OL08-00-030040
 -    stigid@rhel8: RHEL-08-030040
 +    stigid@almalinux8: RHEL-08-030040
  
@@ -11277,15 +12426,15 @@ index 61cc4751..7f66a5c1 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
-index b136cc1a..47d47eb7 100644
+index 8ab6e16a..11021155 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ 
+ {{{ bash_instantiate_variables("var_auditd_disk_full_action") }}}
  
- # Include source function library.
- . /usr/share/scap-security-guide/remediation_functions
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
 index c865ad76..f226ae34 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
@@ -11298,13 +12447,13 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
-index 8639563f..4add5423 100644
+index 286c4715..fc4a9e2b 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
-@@ -42,7 +42,7 @@ references:
-     nist-csf: DE.AE-3,DE.AE-5,PR.DS-4,PR.PT-1,RS.AN-1,RS.AN-4
+@@ -43,7 +43,7 @@ references:
      nist@sle12: AU-5(b),AU-5.1(iv)
      srg: SRG-OS-000047-GPOS-00023
+     stigid@ol8: OL08-00-030060
 -    stigid@rhel8: RHEL-08-030060
 +    stigid@almalinux8: RHEL-08-030060
      stigid@sle12: SLES-12-020060
@@ -11321,22 +12470,22 @@ index b82e6d17..717e52b9 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh
-index ac78fe87..5fcd1604 100644
+index 9633d4ff..9855bd95 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh
 @@ -1,4 +1,4 @@
 -# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle
 +# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle
- . /usr/share/scap-security-guide/remediation_functions
+ 
  {{{ bash_instantiate_variables("var_auditd_action_mail_acct") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
-index 938096ef..73e0e8cb 100644
+index 8e653594..d7fc8bed 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
-@@ -44,7 +44,7 @@ references:
-     srg: SRG-OS-000046-GPOS-00022,SRG-OS-000343-GPOS-00134
+@@ -47,7 +47,7 @@ references:
      stigid@ol7: OL07-00-030350
+     stigid@ol8: OL08-00-030020
      stigid@rhel7: RHEL-07-030350
 -    stigid@rhel8: RHEL-08-030020
 +    stigid@almalinux8: RHEL-08-030020
@@ -11344,25 +12493,25 @@ index 938096ef..73e0e8cb 100644
      stigid@sle15: SLES-15-030570
      stigid@ubuntu2004: UBTU-20-010117
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
-index 93d076fa..02b862b9 100644
+index 9efd2d5e..95c46c53 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
-index 0c23a906..4b96b471 100644
+index 0d7dff4c..129da2eb 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux
- . /usr/share/scap-security-guide/remediation_functions
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle
  
  {{{ bash_instantiate_variables("var_auditd_admin_space_left_action") }}}
+ 
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
 index c865ad76..f226ae34 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
@@ -11375,23 +12524,23 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
-index f909e5ec..72f7c8c4 100644
+index 9c8afcfa..53a6da7e 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh
-index efe151c6..88fb23c1 100644
+index d3a53c59..ac99ce76 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh
 @@ -1,4 +1,4 @@
 -# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
 +# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- . /usr/share/scap-security-guide/remediation_functions
+ 
  {{{ bash_instantiate_variables("var_auditd_flush") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
@@ -11406,14 +12555,14 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
-index 3fb448e5..d8217375 100644
+index c0d1894f..38884203 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Configure auditd flush priority'
  
@@ -11484,23 +12633,23 @@ index 9a930ab2..0b4e4944 100644
  # remediation = bash
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml
-index 65c77aa3..2440e259 100644
+index c70cd104..c97fbf56 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh
-index 9f405890..ceda723b 100644
+index 8ac93789..e8a6dab1 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- . /usr/share/scap-security-guide/remediation_functions
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ 
  {{{ bash_instantiate_variables("var_auditd_max_log_file") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
@@ -11515,23 +12664,23 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml
-index 595959e0..28abf5c2 100644
+index 69ae3cb8..f48f3656 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh
-index 42f987dd..8e13a71d 100644
+index 3a69df68..67d60999 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- . /usr/share/scap-security-guide/remediation_functions
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ 
  {{{ bash_instantiate_variables("var_auditd_max_log_file_action") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
@@ -11546,25 +12695,37 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/rule.yml
-index 15e21e45..be2d0fbb 100644
+index cc9e6c73..0aa28666 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/rule.yml
-@@ -49,7 +49,7 @@ references:
-     nist-csf: DE.AE-3,DE.AE-5,PR.DS-4,PR.PT-1,RS.AN-1,RS.AN-4
+@@ -54,7 +54,7 @@ references:
      pcidss: Req-10.7
      srg: SRG-OS-000047-GPOS-00023
+     stigid@ol8: OL08-00-030050
 -    stigid@rhel8: RHEL-08-030050
 +    stigid@almalinux8: RHEL-08-030050
  
  ocil_clause: 'the system has not been properly configured to rotate audit logs'
  
+diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/tests/max_log_file_action_stig.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/tests/max_log_file_action_stig.pass.sh
+index de16233b..38c22bf5 100644
+--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/tests/max_log_file_action_stig.pass.sh
++++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/tests/max_log_file_action_stig.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # profiles = xccdf_org.ssgproject.content_profile_stig
+-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, multi_platform_fedora
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9, multi_platform_fedora
+ 
+ . $SHARED/auditd_utils.sh
+ prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml
-index 6fe9e014..7b15c894 100644
+index 7deaa060..748a59d8 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
@@ -11590,13 +12751,13 @@ index ab0bea58..a6158699 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh
-index 9b79489b..1315f39b 100644
+index 62901056..5e8deca1 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle
- . /usr/share/scap-security-guide/remediation_functions
+-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+ 
  {{{ bash_instantiate_variables("var_auditd_space_left") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
@@ -11611,35 +12772,35 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
-index a652d15d..f88a86d9 100644
+index 04042fa1..82988db4 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux1019
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux1019
  
  title: 'Configure auditd space_left on Low Disk Space'
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
-index 04062e34..3b30d2ea 100644
+index 46560f89..123e5ef3 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
-index 1d2b211c..d7fdf9be 100644
+index 870f6619..a1dc8844 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- . /usr/share/scap-security-guide/remediation_functions
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+ 
  {{{ bash_instantiate_variables("var_auditd_space_left_action") }}}
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
@@ -11654,12 +12815,12 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
-index 7569a677..8069100c 100644
+index 1dc1f330..ac8d6ec7 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
-@@ -53,7 +53,7 @@ references:
-     srg: SRG-OS-000343-GPOS-00134
+@@ -57,7 +57,7 @@ references:
      stigid@ol7: OL07-00-030340
+     stigid@ol8: OL08-00-030731
      stigid@rhel7: RHEL-07-030340
 -    stigid@rhel8: RHEL-08-030731
 +    stigid@almalinux8: RHEL-08-030731
@@ -11667,26 +12828,26 @@ index 7569a677..8069100c 100644
      vmmsrg: SRG-OS-000343-VMM-001240
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
-index ea9d9fcc..4ad6fc13 100644
+index dff73762..5f066b7d 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype:  fedora,rhel7,rhel8,rhel9
-+prodtype:  fedora,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,rhel7,rhel8,rhel9,ubuntu2004
++prodtype: fedora,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2004
  
  title: 'Configure auditd space_left on Low Disk Space'
  
-@@ -35,7 +35,7 @@ references:
-     pcidss: Req-10.7
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000343-GPOS-00134
+     stigid@ol8: OL08-00-030730
      stigid@rhel7: RHEL-07-030330
 -    stigid@rhel8: RHEL-08-030730
 +    stigid@almalinux8: RHEL-08-030730
+     stigid@ubuntu2004: UBTU-20-010217
      vmmsrg: SRG-OS-000343-VMM-001240
  
- ocil_clause: 'the system is not configured with a specific percentage to notify administrators of an issue'
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
 index c865ad76..f226ae34 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
@@ -11710,13 +12871,13 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
-index 0eaf0d3e..28016ed4 100644
+index f4780b4a..8bc1f3d9 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
-@@ -23,7 +23,7 @@ references:
-     disa: CCI-000366
-     ospp: FAU_GEN.1.1.c
+@@ -25,7 +25,7 @@ references:
+     ospp: FAU_GEN.1
      srg: SRG-OS-000062-GPOS-00031,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-030061
 -    stigid@rhel8: RHEL-08-030061
 +    stigid@almalinux8: RHEL-08-030061
  
@@ -11734,13 +12895,13 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
-index 7113b0c6..4463bd2e 100644
+index b536a68c..ca2bf485 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
-@@ -24,7 +24,7 @@ references:
-     disa: CCI-000366
-     ospp: FAU_GEN.1
+@@ -26,7 +26,7 @@ references:
+     ospp: FAU_GEN.1.2
      srg: SRG-OS-000255-GPOS-00096,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-030063
 -    stigid@rhel8: RHEL-08-030063
 +    stigid@almalinux8: RHEL-08-030063
  
@@ -11758,46 +12919,46 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
-index b0bbf91f..aa24cbc0 100644
+index 8da90cd7..0c143a84 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
-@@ -26,7 +26,7 @@ references:
-     ospp: FAU_GEN.1
-     srg: SRG-OS-000039-GPOS-00017,SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
+@@ -29,7 +29,7 @@ references:
      stigid@ol7: OL07-00-030211
+     stigid@ol8: OL08-00-030062
+     stigid@rhel7: RHEL-07-030211
 -    stigid@rhel8: RHEL-08-030062
 +    stigid@almalinux8: RHEL-08-030062
  
  ocil_clause: name_format isn't set to hostname
  
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
-index e1569b22..2ff0cf3b 100644
+index 41fc224a..f92ab0a1 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh
-index b397c811..dc9f2eae 100644
+index 84cb1cc1..358aeb69 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
-index d41ca000..f9946de8 100644
+index 887c7885..90204db7 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
-@@ -21,7 +21,7 @@ references:
-     disa: CCI-001851
-     nist: AU-4(1)
-     srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
+@@ -32,7 +32,7 @@ references:
+     stigid@ol7: OL07-00-030210
+     stigid@ol8: OL08-00-030700
+     stigid@rhel7: RHEL-07-030210
 -    stigid@rhel8: RHEL-08-030700
 +    stigid@almalinux8: RHEL-08-030700
  
@@ -11815,7 +12976,7 @@ index c865ad76..f226ae34 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/var_audispd_remote_server.var b/linux_os/guide/system/auditing/configure_auditd_data_retention/var_audispd_remote_server.var
-index bcafc35b..9e8abe6c 100644
+index bcafc35b..1579dc90 100644
 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/var_audispd_remote_server.var
 +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/var_audispd_remote_server.var
 @@ -3,7 +3,7 @@ documentation_complete: true
@@ -11823,43 +12984,31 @@ index bcafc35b..9e8abe6c 100644
  
  description: |-
 -{{% if product in ["rhel8", "fedora"] %}}
-+{{% if product in ["rhel8", "fedora", "almalinux8"] %}}
++{{% if product in ["rhel8", "almalinux8", "fedora"] %}}
      The setting for remote_server in /etc/audit/audisp-remote.conf
  {{% else %}}
      The setting for remote_server in /etc/audisp/audisp-remote.conf
 diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
-index 73317286..8047c909 100644
+index 4f5abc19..3a6580b6 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
 +++ b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Enable Auditing for Processes Which Start Prior to the Audit Daemon'
  
-@@ -47,7 +47,7 @@ references:
-     nist-csf: DE.AE-3,DE.AE-5,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4
+@@ -44,7 +44,7 @@ references:
      pcidss: Req-10.3
      srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000254-GPOS-00095
+     stigid@ol8: OL08-00-030601
 -    stigid@rhel8: RHEL-08-030601
 +    stigid@almalinux8: RHEL-08-030601
      stigid@ubuntu2004: UBTU-20-010198
      vmmsrg: SRG-OS-000254-VMM-000880
  
-@@ -100,9 +100,9 @@ warnings:
-         
~]# grub2-mkconfig -o {{{ grub2_boot_path }}}/grub.cfg

-         
  • On UEFI-based machines, issue the following command as root:
- {{% if product in ["rhel7", "ol7", "rhel8", "ol8"] %}}
--        
    ~]# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
    • 
-+        
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% else %}}
--        
    ~]# grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
    
-+        
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% endif %}}
-         
- 
 diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/tests/arg_not_there_rhel8.fail.sh b/linux_os/guide/system/auditing/grub2_audit_argument/tests/arg_not_there_rhel8.fail.sh
 index dfffe3a7..1526a372 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_argument/tests/arg_not_there_rhel8.fail.sh
@@ -11872,6 +13021,18 @@ index dfffe3a7..1526a372 100644
  
  # Removes audit argument from kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
+diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh b/linux_os/guide/system/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh
+index 956c8ac7..006899d7 100644
+--- a/linux_os/guide/system/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh
++++ b/linux_os/guide/system/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-# platform = Red Hat Enterprise Linux 8
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+ # remediation = none
+ 
+ # Removes audit argument from kernel command line in /boot/grub2/grubenv
 diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/tests/correct_grubenv.pass.sh b/linux_os/guide/system/auditing/grub2_audit_argument/tests/correct_grubenv.pass.sh
 index 9823b08d..4522a4c6 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_argument/tests/correct_grubenv.pass.sh
@@ -11905,38 +13066,26 @@ index 59f1ed22..e9cac86b 100644
  # Break the audit argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
-index 93348c40..d62294e0 100644
+index efbc3dae..a24d7031 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
 +++ b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
  
  title: 'Extend Audit Backlog Limit for the Audit Daemon'
  
-@@ -31,7 +31,7 @@ references:
-     disa: CCI-001849
-     nist: CM-6(a)
+@@ -34,7 +34,7 @@ references:
+     ospp: FAU_STG.1,FAU_STG.3
      srg: SRG-OS-000254-GPOS-00095,SRG-OS-000341-GPOS-00132
+     stigid@ol8: OL08-00-030602
 -    stigid@rhel8: RHEL-08-030602
 +    stigid@almalinux8: RHEL-08-030602
  
  ocil_clause: 'audit backlog limit is not configured'
  
-@@ -58,9 +58,9 @@ warnings:
-         
    ~]# grub2-mkconfig -o {{{ grub2_boot_path }}}/grub.cfg
    
-         
  • On UEFI-based machines, issue the following command as root:
- {{% if product in ["rhel7", "rhel8", "ol7", "ol8"] %}}
--        
    ~]# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
    • 
-+        
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% else %}}
--        
    ~]# grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
    
-+        
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% endif %}}
-         
- 
 diff --git a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
 index 3648f215..1db7652a 100644
 --- a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
@@ -11971,13 +13120,13 @@ index 864e508b..7c9d8a3f 100644
  title: 'Install audispd-plugins Package'
  
 diff --git a/linux_os/guide/system/auditing/package_audit_installed/rule.yml b/linux_os/guide/system/auditing/package_audit_installed/rule.yml
-index cfac7564..8525cdb5 100644
+index 795089c8..4f170680 100644
 --- a/linux_os/guide/system/auditing/package_audit_installed/rule.yml
 +++ b/linux_os/guide/system/auditing/package_audit_installed/rule.yml
-@@ -26,7 +26,7 @@ references:
-     nist: AC-7(a),AU-7(1),AU-7(2),AU-14,AU-12(2),AU-2(a),CM-6(a)
-     nist@sle12: AU-7(a),AU-7(b),AU-8(b),AU-12.1(iv),AU-12(3),AU-12(c),CM-5(1)
+@@ -30,7 +30,7 @@ references:
+     ospp: FAU_GEN.1
      srg: SRG-OS-000122-GPOS-00063,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000359-GPOS-00146,SRG-OS-000365-GPOS-00152,SRG-OS-000474-GPOS-00219,SRG-OS-000475-GPOS-00220,SRG-OS-000480-GPOS-00227,SRG-OS-000062-GPOS-00031
+     stigid@ol8: OL08-00-030180
 -    stigid@rhel8: RHEL-08-030180
 +    stigid@almalinux8: RHEL-08-030180
      stigid@sle12: SLES-12-020000
@@ -11995,7 +13144,7 @@ index e3314050..603abfb9 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml
-index 5750df30..081f341f 100644
+index 26c7eea7..19b4493a 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml
 @@ -1,6 +1,6 @@
@@ -12006,6 +13155,16 @@ index 5750df30..081f341f 100644
  
  title: 'Configure auditing of unsuccessful file accesses'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/tests/rules_from_audit_package.pass.sh
+index 5d19cb09..a554e489 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42-3-access-failed.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
 index 41329308..3f8c50a3 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
@@ -12018,7 +13177,7 @@ index 41329308..3f8c50a3 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml
-index 828ddf24..774bfe3b 100644
+index 262cf290..e0794c38 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml
 @@ -1,6 +1,6 @@
@@ -12029,6 +13188,16 @@ index 828ddf24..774bfe3b 100644
  
  title: 'Configure auditing of successful file accesses'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_access_success/tests/rules_from_audit_package.pass.sh
+index 411fdc41..5d82a353 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_access_success/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42-3-access-success.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
 index f6242690..bd3ddd10 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
@@ -12041,7 +13210,7 @@ index f6242690..bd3ddd10 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml
-index 874c3d8b..89662c9a 100644
+index 19dc3320..b96d469a 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml
 @@ -1,6 +1,6 @@
@@ -12052,6 +13221,16 @@ index 874c3d8b..89662c9a 100644
  
  title: 'Configure basic parameters of Audit system'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/tests/rules_from_audit_package.pass.sh
+index 23e5e84c..018f4056 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/10-base-config.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml
 index 981a0c86..ab7d657c 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml
@@ -12064,7 +13243,7 @@ index 981a0c86..ab7d657c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml
-index 9da4d3b6..1a2380ac 100644
+index d23651be..8762d394 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml
 @@ -1,6 +1,6 @@
@@ -12075,8 +13254,18 @@ index 9da4d3b6..1a2380ac 100644
  
  title: 'Configure auditing of unsuccessful file creations'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/tests/rules_from_audit_package.pass.sh
+index a4918944..ffa84daf 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42-1-create-failed.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml
-index dd3a8729..694f9d4e 100644
+index 60be6eb1..9d1e0063 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml
 @@ -1,6 +1,6 @@
@@ -12087,6 +13276,16 @@ index dd3a8729..694f9d4e 100644
  
  title: 'Configure auditing of successful file creations'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_success/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_create_success/tests/rules_from_audit_package.pass.sh
+index 83e8dec1..63bb706d 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_create_success/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_create_success/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42-1-create-success.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
 index 023388b6..655883af 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
@@ -12099,7 +13298,7 @@ index 023388b6..655883af 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml
-index 25446601..9e62b155 100644
+index 286b0ff8..3c0e01cf 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml
 @@ -1,6 +1,6 @@
@@ -12110,6 +13309,16 @@ index 25446601..9e62b155 100644
  
  title: 'Configure auditing of unsuccessful file deletions'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/tests/rules_from_audit_package.pass.sh
+index bf661297..32b34abe 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42-4-delete-failed.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
 index 6c42b726..1da7bb5f 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
@@ -12122,7 +13331,7 @@ index 6c42b726..1da7bb5f 100644
  {{% set file_contents = """## Successful file delete
  -a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=1000 -F auid!=unset -F key=successful-delete
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml
-index 21e06846..cd3106a8 100644
+index 2f7c9f05..f7c6b6c1 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml
 @@ -1,6 +1,6 @@
@@ -12133,6 +13342,16 @@ index 21e06846..cd3106a8 100644
  
  title: 'Configure auditing of successful file deletions'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/tests/rules_from_audit_package.pass.sh
+index fc77e6b3..b17a5bff 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42-4-delete-success.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
 index 4b611673..42e1c3da 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
@@ -12145,7 +13364,7 @@ index 4b611673..42e1c3da 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
-index 261dc184..fa34df2d 100644
+index 70357c15..4fd0cfe7 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
 @@ -1,6 +1,6 @@
@@ -12156,15 +13375,25 @@ index 261dc184..fa34df2d 100644
  
  title: 'Configure immutable Audit login UIDs'
  
-@@ -39,7 +39,7 @@ references:
-     nist: AU-2(a)
-     ospp: FAU_GEN.1.1.c
+@@ -40,7 +40,7 @@ references:
+     ospp: FAU_GEN.1.2
      srg: SRG-OS-000462-GPOS-00206,SRG-OS-000475-GPOS-00220,SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029
+     stigid@ol8: OL08-00-030122
 -    stigid@rhel8: RHEL-08-030122
 +    stigid@almalinux8: RHEL-08-030122
  
  ocil_clause: 'the file does not exist or the content differs'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/tests/rules_from_audit_package.pass.sh
+index 2f236b0e..27e58829 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/11-loginuid.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
 index 2d927984..ec647737 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
@@ -12177,7 +13406,7 @@ index 2d927984..ec647737 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml
-index 0f5b9e71..348ffd3c 100644
+index 8e8361a6..c0ac95aa 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml
 @@ -1,6 +1,6 @@
@@ -12188,6 +13417,16 @@ index 0f5b9e71..348ffd3c 100644
  
  title: 'Configure auditing of unsuccessful file modifications'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/tests/rules_from_audit_package.pass.sh
+index 2bae4b7d..ebe19e45 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42-2-modify-failed.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
 index c6f79696..7a6e545c 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
@@ -12200,7 +13439,7 @@ index c6f79696..7a6e545c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml
-index 4e9f89e2..1e21d871 100644
+index ab542a2c..83c9b8df 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml
 @@ -1,6 +1,6 @@
@@ -12211,6 +13450,16 @@ index 4e9f89e2..1e21d871 100644
  
  title: 'Configure auditing of successful file modifications'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/tests/rules_from_audit_package.pass.sh
+index 7a59c265..dccc2bd8 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42-2-modify-success.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
 index f8cd8b73..090554c0 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
@@ -12223,7 +13472,7 @@ index f8cd8b73..090554c0 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml
-index 47b5571f..25d54199 100644
+index 519ffbc8..cb015616 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml
 @@ -1,6 +1,6 @@
@@ -12234,6 +13483,16 @@ index 47b5571f..25d54199 100644
  
  title: 'Configure auditing of loading and unloading of kernel modules'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_module_load/tests/rules_from_audit_package.pass.sh
+index 84826498..86cf7576 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_module_load/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_module_load/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/43-module-load.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
 index a93771e8..22e9b17b 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
@@ -12246,7 +13505,7 @@ index a93771e8..22e9b17b 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml
-index c0e19ac1..9e4fac45 100644
+index bdc59faa..ac97fec2 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml
 @@ -1,6 +1,6 @@
@@ -12257,8 +13516,27 @@ index c0e19ac1..9e4fac45 100644
  
  title: 'Perform general configuration of Audit for OSPP'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/correct_rules.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/correct_rules.pass.sh
+index c59e7e5e..72a131b6 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/correct_rules.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/correct_rules.pass.sh
+@@ -1,3 +1,3 @@
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp $SHARED/audit/30-ospp-v42.rules /etc/audit/rules.d/
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/rules_from_audit_package.pass.sh
+index acfdc7d1..1f352b57 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml
-index 16dbfe6d..2ad71622 100644
+index c1035b0f..9599aa99 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml
 @@ -1,6 +1,6 @@
@@ -12269,8 +13547,18 @@ index 16dbfe6d..2ad71622 100644
  
  title: 'Configure auditing of unsuccessful ownership changes'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/tests/rules_from_audit_package.pass.sh
+index 593f3ed8..26afdea1 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42-6-owner-change-failed.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml
-index a4db8e4b..44c40cc6 100644
+index 85998273..0cebc1fa 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml
 @@ -1,6 +1,6 @@
@@ -12281,8 +13569,18 @@ index a4db8e4b..44c40cc6 100644
  
  title: 'Configure auditing of successful ownership changes'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/tests/rules_from_audit_package.pass.sh
+index e7f61fd6..31fabb01 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42-6-owner-change-success.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml
-index fcead862..353d4970 100644
+index ba60b921..bc3a6b83 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml
 @@ -1,6 +1,6 @@
@@ -12293,8 +13591,18 @@ index fcead862..353d4970 100644
  
  title: 'Configure auditing of unsuccessful permission changes'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/tests/rules_from_audit_package.pass.sh
+index ee58a47c..271e05fa 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42-5-perm-change-failed.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml
-index 75fa61ad..bb9504db 100644
+index 10790eb5..a78af617 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml
 +++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml
 @@ -1,6 +1,6 @@
@@ -12305,6 +13613,16 @@ index 75fa61ad..bb9504db 100644
  
  title: 'Configure auditing of successful permission changes'
  
+diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/tests/rules_from_audit_package.pass.sh b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/tests/rules_from_audit_package.pass.sh
+index bf26da4b..5c633722 100644
+--- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/tests/rules_from_audit_package.pass.sh
++++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/tests/rules_from_audit_package.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ cp /usr/share/audit/sample-rules/30-ospp-v42-5-perm-change-success.rules /etc/audit/rules.d/
 diff --git a/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml
 index d460ded7..5f1f0142 100644
 --- a/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml
@@ -12329,20 +13647,20 @@ index 0d05bd46..ea629355 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml b/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml
-index c7ce75e8..6b99bd3e 100644
+index 99edca3e..20e4e867 100644
 --- a/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml
 +++ b/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml
-@@ -55,7 +55,7 @@ references:
+@@ -56,7 +56,7 @@ references:
+     stigid@ol7: OL07-00-030000
+     stigid@ol8: OL08-00-030181
+     stigid@rhel7: RHEL-07-030000
+-    stigid@rhel8: RHEL-08-030181
++    stigid@almalinux8: RHEL-08-030181
      stigid@sle12: SLES-12-020010
      stigid@sle15: SLES-15-030050
-     nist@sle12: AU-3,AU-3(1),AU-3(1).1(ii),AU-3.1,AU-6(4),AU-6(4).1,AU-7(1),AU-7(1).1,AU-7(a),AU-14(1),AU-14(1).1,CM-6(b),CM-6.1(iv),MA-4(1)(a)
--    stigid@rhel8: RHEL-08-030381
-+    stigid@almalinux8: RHEL-08-030381
- 
- ocil: |-
-     {{{ ocil_service_enabled(service="auditd") }}}
+     vmmsrg: SRG-OS-000037-VMM-000150,SRG-OS-000063-VMM-000310,SRG-OS-000038-VMM-000160,SRG-OS-000039-VMM-000170,SRG-OS-000040-VMM-000180,SRG-OS-000041-VMM-000190
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml
-index 308ae9cb..514343ac 100644
+index d6bfc02f..98c11ac6 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml
 @@ -1,6 +1,6 @@
@@ -12353,8 +13671,84 @@ index 308ae9cb..514343ac 100644
  
  title: 'Configure kernel to trust the CPU random number generator'
  
+diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
+index 091ac6fa..dbef772c 100644
+--- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
++++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # Based on shared/templates/grub2_bootloader_argument/tests/arg_not_there.fail.sh
+-# platform = Red Hat Enterprise Linux 8
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+ 
+ # Removes audit argument from kernel command line in /boot/grub2/grubenv
+ file="/boot/grub2/grubenv"
+diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_etcdefaultgrub.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_etcdefaultgrub.fail.sh
+index b7e25f38..a6a2fe32 100644
+--- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_etcdefaultgrub.fail.sh
++++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there_etcdefaultgrub.fail.sh
+@@ -4,7 +4,7 @@ if grep -q CONFIG_RANDOM_TRUST_CPU /boot/config-`uname -r`; then
+     sed -Ei 's/(.*)CONFIG_RANDOM_TRUST_CPU=.(.*)/\1CONFIG_RANDOM_TRUST_CPU=N\2/' /boot/config-`uname -r`
+ fi
+ 
+-{{% if product == "rhel8" %}}
++{{% if product == "rhel8" or product == "almalinux8" %}}
+ file="/boot/grub2/grubenv"
+ if grep -q '^.*random.trust_cpu=.*'  "$file" ; then
+ 	sed -i 's/\(^.*\)random.trust_cpu=[^[:space:]]*\(.*\)/\1 \2/'  "$file"
+diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/boot_parameter.pass.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/boot_parameter.pass.sh
+index 4ee60679..b2c0535a 100644
+--- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/boot_parameter.pass.sh
++++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/boot_parameter.pass.sh
+@@ -5,7 +5,7 @@ if grep -q CONFIG_RANDOM_TRUST_CPU /boot/config-`uname -r`; then
+     sed -Ei 's/(.*)CONFIG_RANDOM_TRUST_CPU=.(.*)/\1CONFIG_RANDOM_TRUST_CPU=N\2/' /boot/config-`uname -r`
+ fi
+ 
+-{{% if product == "rhel8" %}}
++{{% if product == "rhel8" or product == "almalinux8" %}}
+ grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) random.trust_cpu=on"
+ {{% else %}}
+ grubby --update-kernel=ALL --args="random.trust_cpu=on"
+diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_but_overridden.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_but_overridden.fail.sh
+index 13a89d0f..8d0b0acc 100644
+--- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_but_overridden.fail.sh
++++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_but_overridden.fail.sh
+@@ -1,7 +1,7 @@
+ #!/bin/bash
+ 
+ # make sure that the option is overridden through boot parameter
+-{{% if product == "rhel8" %}}
++{{% if product == "rhel8" or product == "almalinux8" %}}
+ grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) random.trust_cpu=off"
+ {{% else %}}
+ grubby --update-kernel=ALL --args="random.trust_cpu=off"
+diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_uppercase.pass.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_uppercase.pass.sh
+index b28cd6e3..608ee59d 100644
+--- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_uppercase.pass.sh
++++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/compiled_uppercase.pass.sh
+@@ -1,7 +1,7 @@
+ #!/bin/bash
+ 
+ # make sure that the option is not configured through boot parameter
+-{{% if product == "rhel8" %}}
++{{% if product == "rhel8" or product == "almalinux8" %}}
+ file="/boot/grub2/grubenv"
+ if grep -q '^.*random.trust_cpu=.*'  "$file" ; then
+ 	sed -i 's/\(^.*\)random.trust_cpu=[^[:space:]]*\(.*\)/\1 \2/'  "$file"
+diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value.fail.sh
+index b3d9ab27..ef22e767 100644
+--- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value.fail.sh
++++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # Based on shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh
+-# platform = Red Hat Enterprise Linux 8
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+ 
+ # Break the argument in kernel command line in /boot/grub2/grubenv
+ file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
-index 6201af25..49aa91dc 100644
+index 52a308e3..8097b24c 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
 @@ -1,6 +1,6 @@
@@ -12366,26 +13760,14 @@ index 6201af25..49aa91dc 100644
  title: 'Enable Kernel Page-Table Isolation (KPTI)'
  
 @@ -27,7 +27,7 @@ references:
-     disa: CCI-000381
      nist: SI-16
      srg: SRG-OS-000433-GPOS-00193,SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040004
 -    stigid@rhel8: RHEL-08-040004
 +    stigid@almalinux8: RHEL-08-040004
  
  ocil_clause: 'Kernel page-table isolation is not enabled'
  
-@@ -54,9 +54,9 @@ warnings:
-         
    ~]# grub2-mkconfig -o {{{ grub2_boot_path }}}/grub.cfg
    
-         
  • On UEFI-based machines, issue the following command as root:
- {{% if product in ["rhel8", "ol8"] %}}
--        
    ~]# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
    • 
-+        
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% else %}}
--        
    ~]# grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
    
-+        
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% endif %}}
-         
- 
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/arg_not_there.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/arg_not_there.fail.sh
 index f9b42970..2f0e238f 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/tests/arg_not_there.fail.sh
@@ -12420,7 +13802,7 @@ index b4dd962b..c4092a2d 100644
  # Break the pti argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
-index 6e020eb0..9e9156b8 100644
+index 93eb31da..897d39fa 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
 @@ -1,6 +1,6 @@
@@ -12431,65 +13813,53 @@ index 6e020eb0..9e9156b8 100644
  
  title: 'Disable vsyscalls'
  
-@@ -26,7 +26,7 @@ references:
-     disa: CCI-001084
-     nist: CM-7(a)
+@@ -27,7 +27,7 @@ references:
+     ospp: FPT_ASLR_EXT.1
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
+     stigid@ol8: OL08-00-010422
 -    stigid@rhel8: RHEL-08-010422
 +    stigid@almalinux8: RHEL-08-010422
  
  ocil_clause: 'vsyscalls are enabled'
  
-@@ -53,9 +53,9 @@ warnings:
-         
    ~]# grub2-mkconfig -o {{{ grub2_boot_path }}}/grub.cfg
    
-         
  • On UEFI-based machines, issue the following command as root:
- {{% if product in ["rhel7", "rhel8", "ol7", "ol8"] %}}
--        
    ~]# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
    • 
-+        
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% else %}}
--        
    ~]# grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
    
-+        
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% endif %}}
-         
- 
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
-index ac36a68b..0979c2a8 100644
+index a40f068c..08a9ba85 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Verify {{{ grub2_boot_path }}}/grub.cfg Group Ownership'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
-index 520d00ec..ecf99a1b 100644
+index 5457cebe..a6012704 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Verify {{{ grub2_boot_path }}}/grub.cfg User Ownership'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
-index 9df7baf2..9943577a 100644
+index 58c73139..e6a8a658 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Verify {{{ grub2_boot_path }}}/grub.cfg Permissions'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
-index bb2f1bae..728adcca 100644
+index 85e953f9..2a845e73 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
 @@ -1,6 +1,6 @@
@@ -12500,10 +13870,10 @@ index bb2f1bae..728adcca 100644
  
  title: 'Set the Boot Loader Admin Username to a Non-Default Value'
  
-@@ -49,7 +49,7 @@ references:
-     srg: SRG-OS-000080-GPOS-00048
-     stigid@ol7: OL07-00-010480
-     stigid@rhel7: RHEL-07-010480
+@@ -50,7 +50,7 @@ references:
+     stigid@ol7: OL07-00-010483
+     stigid@ol8: OL08-00-010149
+     stigid@rhel7: RHEL-07-010483
 -    stigid@rhel8: RHEL-08-010149
 +    stigid@almalinux8: RHEL-08-010149
  
@@ -12522,7 +13892,7 @@ index c2b738aa..4bbff3f3 100644
  title: 'Boot Loader Is Not Installed On Removeable Media'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
-index 9936aaa6..a7af891e 100644
+index ad515a65..2fd91d45 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
 @@ -1,6 +1,6 @@
@@ -12533,9 +13903,9 @@ index 9936aaa6..a7af891e 100644
  
  title: 'Set Boot Loader Password in grub2'
  
-@@ -66,7 +66,7 @@ references:
-     srg: SRG-OS-000080-GPOS-00048
+@@ -72,7 +72,7 @@ references:
      stigid@ol7: OL07-00-010482
+     stigid@ol8: OL08-00-010150
      stigid@rhel7: RHEL-07-010482
 -    stigid@rhel8: RHEL-08-010150
 +    stigid@almalinux8: RHEL-08-010150
@@ -12663,7 +14033,7 @@ index a9468d00..b4ee87fe 100644
 +        filepath@fedora: /boot/efi/EFI/almalinux/grub.cfg
          fileuid: '0'
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
-index bc4fdcc7..75c8c2c2 100644
+index d9c0be8c..97c0ff73 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
 @@ -1,16 +1,16 @@
@@ -12688,7 +14058,7 @@ index bc4fdcc7..75c8c2c2 100644
  {{%- endif %}}
  
  rationale: |-
-@@ -40,11 +40,11 @@ ocil_clause: 'it does not'
+@@ -41,11 +41,11 @@ ocil_clause: 'it does not'
  
  ocil: |-
  {{%- if product == "fedora" %}}
@@ -12704,7 +14074,7 @@ index bc4fdcc7..75c8c2c2 100644
  {{%- endif %}}
      If properly configured, the output should indicate the following
      permissions: -rwx------
-@@ -54,6 +54,6 @@ platform: machine
+@@ -55,6 +55,6 @@ platform: machine
  template:
      name: file_permissions
      vars:
@@ -12713,22 +14083,8 @@ index bc4fdcc7..75c8c2c2 100644
 +        filepath: /boot/efi/EFI/almalinux/grub.cfg
 +        filepath@fedora: /boot/efi/EFI/almalinux/grub.cfg
          filemode: '0700'
-diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/oval/shared.xml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/oval/shared.xml
-index 8545e8ab..9583e7fe 100644
---- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/oval/shared.xml
-+++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/oval/shared.xml
-@@ -1,7 +1,7 @@
- {{% if product == "fedora" %}}
--{{% set grub_cfg_prefix = "/boot/efi/EFI/fedora" %}}
-+{{% set grub_cfg_prefix = "/boot/efi/EFI/almalinux" %}}
- {{% else %}}
--{{% set grub_cfg_prefix = "/boot/efi/EFI/redhat" %}}
-+{{% set grub_cfg_prefix = "/boot/efi/EFI/almalinux" %}}
- {{% endif %}}
- 
- 
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
-index 8a98cbdc..6b4af975 100644
+index 56e93d41..d4197f17 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
 @@ -1,6 +1,6 @@
@@ -12739,39 +14095,20 @@ index 8a98cbdc..6b4af975 100644
  
  title: 'Set the UEFI Boot Loader Admin Username to a Non-Default Value'
  
-@@ -20,7 +20,7 @@ description: |-
-     Once the superuser account has been added,
-     update the
-     grub.cfg file by running:
--    
    grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
    
-+    
    grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- 
- rationale: |-
-     Having a non-default grub superuser username makes password-guessing attacks less effective.
-@@ -56,7 +56,7 @@ references:
-     srg: SRG-OS-000080-GPOS-00048
-     stigid@ol7: OL07-00-010490
-     stigid@rhel7: RHEL-07-010490
+@@ -57,7 +57,7 @@ references:
+     stigid@ol7: OL07-00-010492
+     stigid@ol8: OL08-00-010141
+     stigid@rhel7: RHEL-07-010492
 -    stigid@rhel8: RHEL-08-010141
 +    stigid@almalinux8: RHEL-08-010141
  
  ocil_clause: 'it does not'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/oval/shared.xml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/oval/shared.xml
-index 230aab73..5c728f6b 100644
+index 8fc73653..5850545c 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/oval/shared.xml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/oval/shared.xml
-@@ -1,7 +1,7 @@
- {{% if product == "fedora" %}}
--{{% set grub_cfg_prefix = "/boot/efi/EFI/fedora" %}}
-+{{% set grub_cfg_prefix = "/boot/efi/EFI/almalinux" %}}
- {{% else %}}
--{{% set grub_cfg_prefix = "/boot/efi/EFI/redhat" %}}
-+{{% set grub_cfg_prefix = "/boot/efi/EFI/almalinux" %}}
- {{% endif %}}
- 
- 
-@@ -31,7 +31,7 @@
+@@ -25,7 +25,7 @@
      1
        
  
@@ -12780,7 +14117,7 @@ index 230aab73..5c728f6b 100644
      
    
    
-@@ -40,7 +40,7 @@
+@@ -34,7 +34,7 @@
      1
    
  
@@ -12790,7 +14127,7 @@ index 230aab73..5c728f6b 100644
    
    
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
-index cb0d60c3..bda0208e 100644
+index 4579b1ff..33407d60 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
 @@ -1,6 +1,6 @@
@@ -12801,47 +14138,15 @@ index cb0d60c3..bda0208e 100644
  
  title: 'Set the UEFI Boot Loader Password'
  
-@@ -34,7 +34,7 @@ description: |-
-     {{% elif product in ["sle12", "sle15"] %}}
-     
    grub2-mkconfig -o /boot/efi/EFI/sles/grub.cfg
    
-     {{% else %}}
--    
    grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
    
-+    
    grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
-     {{% endif %}}
- 
- rationale: |-
-@@ -71,7 +71,7 @@ references:
-     srg: SRG-OS-000080-GPOS-00048
+@@ -72,7 +72,7 @@ references:
      stigid@ol7: OL07-00-010491
+     stigid@ol8: OL08-00-010140
      stigid@rhel7: RHEL-07-010491
 -    stigid@rhel8: RHEL-08-010140
 +    stigid@almalinux8: RHEL-08-010140
      stigid@sle12: SLES-12-010440
      stigid@sle15: SLES-15-010200
      stigid@ubuntu2004: UBTU-20-010009
-@@ -102,7 +102,7 @@ ocil: |-
-     The output should contain something similar to:
-     
    password_pbkdf2 root grub.pbkdf2.sha512.10000.MFU48934NJA87HF8NSD34493GDHF84NG
    
-     {{% else %}}
--    
    sudo cat /boot/efi/EFI/redhat/user.cfg
    
-+    
    sudo cat /boot/efi/EFI/almalinux/user.cfg
    
-     The output should be similar to:
-     
    GRUB2_PASSWORD=grub.pbkdf2.sha512.10000.C4E08AC72FBFF7E837FD267BFAD7AEB3D42DDC
-     2C99F2A94DD5E2E75C2DC331B719FE55D9411745F82D1B6CFD9E927D61925F9BBDD1CFAA0080E0
-diff --git a/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/oval/shared.xml b/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/oval/shared.xml
-index 72872d90..57b77cc8 100644
---- a/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/oval/shared.xml
-+++ b/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/oval/shared.xml
-@@ -1,7 +1,7 @@
- {{% if product == "fedora" %}}
--{{% set grub_cfg_prefix = "/boot/efi/EFI/fedora" %}}
-+{{% set grub_cfg_prefix = "/boot/efi/EFI/almalinux" %}}
- {{% else %}}
--{{% set grub_cfg_prefix = "/boot/efi/EFI/redhat" %}}
-+{{% set grub_cfg_prefix = "/boot/efi/EFI/almalinux" %}}
- {{% endif %}}
- 
- 
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml
 index 051dd5b5..f7b08d5b 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/uefi_no_removeable_media/rule.yml
@@ -12909,7 +14214,7 @@ index 5650cc0a..1ee37320 100644
  # Remove audit=1 from all boot entries
  sed -Ei 's/(^options.*\s)audit=1(.*?)$/\1\2/' /boot/loader/entries/*
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml
-index 6d76e896..05d75257 100644
+index 7396b916..7ee2f6fb 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml
 @@ -1,6 +1,6 @@
@@ -13021,6 +14326,39 @@ index a763429f..a0e5a7ba 100644
  
  title: 'Ensure SELinux Not Disabled in zIPL'
  
+diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
+index 50cf1b78..33cd2971 100644
+--- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
++++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ 
+ # Make sure boot loader entries contain init_on_alloc=1
+ for file in /boot/loader/entries/*.conf
+diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
+index 7c0d9154..f8fd73ed 100644
+--- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
++++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ 
+ # Make sure boot loader entries contain init_on_alloc=1
+ for file in /boot/loader/entries/*.conf
+diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
+index 9d330c91..62547cbb 100644
+--- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
++++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9
+ 
+ # Remove init_on_alloc=1 from all boot entries
+ sed -Ei 's/(^options.*\s)init_on_alloc=1(.*?)$/\1\2/' /boot/loader/entries/*
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml
 index 0cd61ae2..0d87202c 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml
@@ -13046,7 +14384,7 @@ index df0f6c3e..0f1501c9 100644
  title: 'Enable SLUB/SLAB allocator poisoning in zIPL'
  
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml
-index 52b192ff..7a10e35b 100644
+index 9d645c88..9ef0b3fe 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml
 @@ -1,6 +1,6 @@
@@ -13094,7 +14432,7 @@ index 245b9fa8..60ad4244 100644
  title: 'Disable Logwatch on Clients if a Logserver Exists'
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
-index bae2c025..e279577c 100644
+index f9cbce52..61ea43f5 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -13104,7 +14442,7 @@ index bae2c025..e279577c 100644
  if ! grep -s "^\s*cron\.\*\s*/var/log/cron$" /etc/rsyslog.conf /etc/rsyslog.d/*.conf; then
  	mkdir -p /etc/rsyslog.d
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
-index c627f52f..7cbe53cb 100644
+index 076bda66..4deb40f8 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
 @@ -1,6 +1,6 @@
@@ -13115,9 +14453,9 @@ index c627f52f..7cbe53cb 100644
  
  title: 'Ensure cron Is Logging To Rsyslog'
  
-@@ -37,7 +37,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -38,7 +38,7 @@ references:
      stigid@ol7: OL07-00-021100
+     stigid@ol8: OL08-00-030010
      stigid@rhel7: RHEL-07-021100
 -    stigid@rhel8: RHEL-08-030010
 +    stigid@almalinux8: RHEL-08-030010
@@ -13125,322 +14463,300 @@ index c627f52f..7cbe53cb 100644
  ocil_clause: 'cron is not logging to rsyslog'
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
-index 637f9000..5adf93ef 100644
+index 4e321fec..2818c4ca 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
-index 71d312f3..6005c2ed 100644
+index e6cb34fc..004c2b45 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
-index beaf8ce9..d8a4b01d 100644
+index 61dadb78..4b2ba43f 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
-@@ -25,7 +25,7 @@ references:
-     disa: CCI-001851
+@@ -27,7 +27,7 @@ references:
      nist: AU-4(1)
      srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
+     stigid@ol8: OL08-00-030720
 -    stigid@rhel8: RHEL-08-030720
 +    stigid@almalinux8: RHEL-08-030720
  
  
  ocil_clause: '$ActionSendStreamDriverAuthMode in /etc/rsyslog.conf is not set to x509/name'
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/ansible/shared.yml
-index bbd27a00..f8d1d6d5 100644
+index 80eddf0c..3e8323a5 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/ansible/shared.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # reboot = false
  # strategy = configure
  # complexity = low
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/bash/shared.sh
-index 36853d17..6d6132ec 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/bash/shared.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/bash/shared.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- 
- {{{ set_config_file(path="/etc/rsyslog.d/encrypt.conf",
-              parameter="\$ActionSendStreamDriverMode", value="1", create=true, separator=" ", separator_regex=" ")
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
-index 1bcc3392..cdc0c221 100644
+index 52ff2bd0..7f5aaf29 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
-@@ -25,7 +25,7 @@ references:
-     disa: CCI-001851
+@@ -27,7 +27,7 @@ references:
      nist: AU-4(1)
      srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
+     stigid@ol8: OL08-00-030710
 -    stigid@rhel8: RHEL-08-030710
 +    stigid@almalinux8: RHEL-08-030710
  
  ocil_clause: 'rsyslogd ActionSendStreamDriverMode not set to 1'
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/ansible/shared.yml
-index b215daae..457d0150 100644
+index c0497e88..9d3f9c08 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/ansible/shared.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # reboot = false
  # strategy = configure
  # complexity = low
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/bash/shared.sh
-index 3955346c..b41b8619 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/bash/shared.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/bash/shared.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- {{{ set_config_file(path="/etc/rsyslog.d/encrypt.conf",
-                     parameter="\$DefaultNetstreamDriver", value="gtls", create=true, separator=" ", separator_regex=" ")
- }}}
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
-index eff85d3f..a64f17da 100644
+index 7abebfef..83df23c4 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
-@@ -25,7 +25,7 @@ references:
-     disa: CCI-001851
+@@ -27,7 +27,7 @@ references:
      nist: AU-4(1)
      srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
+     stigid@ol8: OL08-00-030710
 -    stigid@rhel8: RHEL-08-030710
 +    stigid@almalinux8: RHEL-08-030710
  
  ocil_clause: 'rsyslogd DefaultNetstreamDriver not set to gtls'
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_other.fail.sh
-index 9e3dd5bc..4f352cd4 100755
+index 575530ef..d6d0b31c 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_other.fail.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_other.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  
  # Check rsyslog.conf with root group-owner log from rules and
  # non root group-owner log from $IncludeConfig fails.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_root.pass.sh
-index 5954bffe..fa931512 100755
+index 39efc1a4..2c9d68d8 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_root.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/IncludeConfig_is_root.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  
  # Check rsyslog.conf with root group-owner log from rules and
  # root group-owner log from $IncludeConfig passes.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_other.fail.sh
-index d45aa949..16e65401 100755
+index c0db7056..6b10e5d4 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_other.fail.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_other.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
  
  # Check rsyslog.conf with root group-owner log from rules and
  # non root group-owner log from include() fails.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root.pass.sh
-index 8d401167..33d41ce2 100755
+index 1feaf762..d468b4a4 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
  
  # Check rsyslog.conf with root group-owner log from rules and
  # root group-owner log from include() passes.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_other.fail.sh
-index 29c36cd9..2a51f6b6 100755
+index 9747e0b2..2b4205d6 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_other.fail.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_other.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
  
  # Check rsyslog.conf with root group-owner log from rules and
  # non root group-owner log from include() fails.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_root.pass.sh
-index 786a0497..8edd25b1 100755
+index 05dd50ed..705c7a9f 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_root.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_is_root_IncludeConfig_is_root.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
  
  # Check rsyslog.conf with root group-owner log from rules and
  # root group-owner log from include() passes.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_multiline_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_multiline_is_root.pass.sh
-index dd8dbf4d..dcbbc80f 100755
+index 5a357d02..b130db62 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_multiline_is_root.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/include_multiline_is_root.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
  
  # Check rsyslog.conf with root group-owner log from rules and
  # root group-owner log from multiline include() passes.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_other.fail.sh
-index 85d125d6..9871fd3b 100755
+index c7c01132..43deebea 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_other.fail.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_other.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  
  # Check if log file with non root group-owner in rsyslog.conf fails.
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_root.pass.sh
-index 233bf313..1b1fd744 100755
+index 0ecbb35b..b67836e3 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_root.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/tests/is_root.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  
  # Check if log file with root group-owner in rsyslog.conf passes.
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_other.fail.sh
-index c7aba8d3..d748f0c3 100755
+index 6c82a194..a28595e7 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_other.fail.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_other.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  
  # Check rsyslog.conf with root user log from rules and
  # non root user log from $IncludeConfig fails.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_root.pass.sh
-index c2d09af9..22f71719 100755
+index b24e5e16..8bc9b6cc 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_root.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/IncludeConfig_is_root.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  
  # Check rsyslog.conf with root user log from rules and
  # root user log from $IncludeConfig passes.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_other.fail.sh
-index cee56549..8e6d8185 100755
+index 18f43c69..b3ce3fa8 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_other.fail.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_other.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
  
  # Check rsyslog.conf with root user log from rules and
  # non root user log from include() fails.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root.pass.sh
-index 6d0efc3b..ae232ac2 100755
+index 69dead51..1233e8a0 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
  
  # Check rsyslog.conf with root user log from rules and
  # root user log from include() passes.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_other.fail.sh
-index 713abe75..999d0b0f 100755
+index e725fb4d..84cc72c8 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_other.fail.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_other.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
  
  # Check rsyslog.conf with root user log from rules and
  # non root user log from include() fails.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_root.pass.sh
-index 8facc53b..796fe420 100755
+index ca47d453..3dc1eb21 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_root.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_is_root_IncludeConfig_is_root.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
  
  # Check rsyslog.conf with root user log from rules and
  # root user log from include() passes.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_multiline_is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_multiline_is_root.pass.sh
-index c3a74aa2..7a1a743c 100755
+index d68cc2e6..08526e66 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_multiline_is_root.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/include_multiline_is_root.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
  
  # Check rsyslog.conf with root user log from rules and
  # root user log from multiline include() passes.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_other.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_other.fail.sh
-index c9768fc1..2d94ac8d 100755
+index 7edbb17e..bcd74022 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_other.fail.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_other.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  
  # Check if log file with non root user in rsyslog.conf fails.
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_root.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_root.pass.sh
-index f61f9f63..dd6504a7 100755
+index e0e518bc..0586491a 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_root.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/tests/is_root.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  
  # Check if log file with root user in rsyslog.conf passes.
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/bash/shared.sh
-index d9c2f79e..be4b4adc 100644
+index 8846bc9a..ef07b0a1 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/bash/shared.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  
  # List of log file paths to be inspected for correct permissions
  # * Primarily inspect log file paths listed in /etc/rsyslog.conf
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/IncludeConfig_perms_0600.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/IncludeConfig_perms_0600.pass.sh
-index 3bb5818d..ffc31bc3 100755
+index a6ff6a11..22503b19 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/IncludeConfig_perms_0600.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/IncludeConfig_perms_0600.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  
  # Check rsyslog.conf with log file permissions 0600 from rules and
  # log file permissions 0600 from $IncludeConfig passes.
@@ -13456,24 +14772,24 @@ index 2ae5c89a..f4133e40 100755
  # Check rsyslog.conf with log file permissions 0600 from rules and
  # log file permissions 0601 from $IncludeConfig fails.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_multiline_perms_0600.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_multiline_perms_0600.pass.sh
-index 358789c7..ff2e6ce4 100755
+index eabcb219..3af66e64 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_multiline_perms_0600.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_multiline_perms_0600.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
  
  # Check rsyslog.conf with log file permissions 0600 from rules and
  # log file permissions 0600 from multiline include() passes.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600.pass.sh
-index 0bd8212e..29c34e67 100755
+index 32cd4c33..23ec3d88 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/include_perms_0600.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,multi_platform_sle
  
  # Check rsyslog.conf with log file permissions 0600 from rules and
  # log file permissions 0600 from include() passes.
@@ -13511,112 +14827,138 @@ index fd3f9e92..3b31950c 100755
  # Check rsyslog.conf with log file permissions 0600 from rules and
  # log file permissions 0601 from include() fails.
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0600.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0600.pass.sh
-index e5111873..a2ea391f 100755
+index fbdcd18f..10dac763 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0600.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0600.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  
  # Check if log file with permissions 0600 in rsyslog.conf passes.
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0601.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0601.fail.sh
-index 89d1e26c..7141e0da 100755
+index 75e9558c..ce301226 100755
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0601.fail.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/tests/perms_0601.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  
  # Check if log file with permissions 0601 in rsyslog.conf fails.
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/ansible/shared.yml
-index e0fa3b85..b8e50afb 100644
+index 770ce1a0..de8531c3 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/ansible/shared.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # reboot = false
  # strategy = configure
  # complexity = low
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/bash/shared.sh
-index 5bf1641d..1de75c44 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/bash/shared.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- 
- declare -A REMOTE_METHODS=( ['auth.*']='^.*auth\.\*.*$' ['authpriv.*']='^.*authpriv\.\*.*$' ['daemon.*']='^.*daemon\.\*.*$' )
- 
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
-index 82d8ba5b..478e6e46 100644
+index 86c55b65..427491bb 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel8,ubuntu2004
-+prodtype: fedora,rhel8,almalinux8,ubuntu2004
+-prodtype: fedora,ol8,rhel8,rhel9,ubuntu2004
++prodtype: fedora,ol8,rhel8,almalinux8,rhel9,ubuntu2004
  
  title: 'Ensure remote access methods are monitored in Rsyslog'
  
-@@ -30,7 +30,7 @@ references:
-     disa: CCI-000067
+@@ -32,7 +32,7 @@ references:
      nist: AC-17(1)
      srg: SRG-OS-000032-GPOS-00013
+     stigid@ol8: OL08-00-010070
 -    stigid@rhel8: RHEL-08-010070
 +    stigid@almalinux8: RHEL-08-010070
      stigid@ubuntu2004: UBTU-20-010403
  
  ocil_clause: 'remote access methods are not logging to rsyslog'
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/no_remote_methods.fail.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/no_remote_methods.fail.sh
-index aa1c190f..ddcd133c 100644
+index 271b2feb..f04e53d4 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/no_remote_methods.fail.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/no_remote_methods.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
  
  declare -A REMOTE_METHODS=( ['auth.*']='^.*auth\.\*.*$' ['authpriv.*']='^.*authpriv\.\*.*$' ['daemon.*']='^.*daemon\.\*.*$' )
  RSYSLOG_CONF='/etc/rsyslog.conf'
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_multiple_configs.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_multiple_configs.pass.sh
-index e36e21ad..71903c8b 100644
+index 76927895..0c57f7e6 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_multiple_configs.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_multiple_configs.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
  
  declare -A REMOTE_METHODS=( ['auth.*']='^.*auth\.\*.*$' ['authpriv.*']='^.*authpriv\.\*.*$' ['daemon.*']='^.*daemon\.\*.*$' )
  RSYSLOG_CONF='/etc/rsyslog.conf'
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_conf.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_conf.pass.sh
-index 86371c46..2e418bfe 100644
+index 8042172b..ffdd945e 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_conf.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_conf.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
  
  declare -A REMOTE_METHODS=( ['auth.*']='^.*auth\.\*.*$' ['authpriv.*']='^.*authpriv\.\*.*$' ['daemon.*']='^.*daemon\.\*.*$' )
  RSYSLOG_CONF='/etc/rsyslog.conf'
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_d.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_d.pass.sh
-index 46ea1de0..4aa7b2d6 100644
+index 38bdf916..1b8201ef 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_d.pass.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/tests/remote_method_set_rsyslog_d.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ubuntu
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ubuntu
  
  declare -A REMOTE_METHODS=( ['auth.*']='^.*auth\.\*.*$' ['authpriv.*']='^.*authpriv\.\*.*$' ['daemon.*']='^.*daemon\.\*.*$' )
  RSYSLOG_CONF='/etc/rsyslog.conf'
+diff --git a/linux_os/guide/system/logging/journald/journald_compress/rule.yml b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
+index c2dd21da..09516d55 100644
+--- a/linux_os/guide/system/logging/journald/journald_compress/rule.yml
++++ b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel7,rhel8,rhel9,sle15
++prodtype: rhel7,rhel8,almalinux8,rhel9,sle15
+ 
+ title: Ensure journald is configured to compress large log files
+ 
+diff --git a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
+index 56d9a5d5..c387ce3e 100644
+--- a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
++++ b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel7,rhel8,rhel9
++prodtype: rhel7,rhel8,almalinux8,rhel9
+ 
+ title: Ensure journald is configured to send logs to rsyslog
+ 
+diff --git a/linux_os/guide/system/logging/journald/journald_storage/rule.yml b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
+index eb814ac1..381fdb2e 100644
+--- a/linux_os/guide/system/logging/journald/journald_storage/rule.yml
++++ b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: rhel7,rhel8,rhel9,sle15
++prodtype: rhel7,rhel8,almalinux8,rhel9,sle15
+ 
+ title: Ensure journald is configured to write log files to persistent disk
+ 
 diff --git a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
 index 859ea93e..9b9ea07f 100644
 --- a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
@@ -13629,48 +14971,48 @@ index 859ea93e..9b9ea07f 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
-index 14559afc..b4a65f7e 100644
+index 81ae57a9..2d5cb49a 100644
 --- a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
 +++ b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,rhel7,rhel8,rhel9
++prodtype: fedora,ol8,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Ensure rsyslog-gnutls is installed'
  
-@@ -23,7 +23,7 @@ references:
-     disa: CCI-000366
+@@ -25,7 +25,7 @@ references:
      ospp: FTP_ITC_EXT.1.1
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000120-GPOS-00061
+     stigid@ol8: OL08-00-030680
 -    stigid@rhel8: RHEL-08-030680
 +    stigid@almalinux8: RHEL-08-030680
  
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
-index cd66059c..59cfba27 100644
+index 7968d903..5b3ab2da 100644
 --- a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
 +++ b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
-@@ -30,7 +30,7 @@ references:
-     nist: CM-6(a)
-     nist-csf: PR.PT-1
+@@ -34,7 +34,7 @@ references:
+     ospp: FTP_ITC_EXT.1.1
      srg: SRG-OS-000479-GPOS-00224,SRG-OS-000051-GPOS-00024,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-030670
 -    stigid@rhel8: RHEL-08-030670
 +    stigid@almalinux8: RHEL-08-030670
  
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
-index 2a9e1a9f..de765d95 100644
+index c73b2fb0..2427ee70 100644
 --- a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
 +++ b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,wrlinux1019
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,wrlinux1019
  
  title: 'Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server'
  
@@ -13685,22 +15027,22 @@ index 74270442..8e8c6fdb 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
-index 836f0af2..78aba4d8 100644
+index f34bc83e..f7c79cd3 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
 +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle
  
- . /usr/share/scap-security-guide/remediation_functions
+ {{{ bash_instantiate_variables("rsyslog_remote_loghost_address") }}}
  
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
-index 5290a921..5852f5c5 100644
+index 3239b7ac..02191114 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
 +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
-@@ -62,7 +62,7 @@ references:
-     srg: SRG-OS-000479-GPOS-00224,SRG-OS-000480-GPOS-00227,SRG-OS-000342-GPOS-00133
+@@ -65,7 +65,7 @@ references:
      stigid@ol7: OL07-00-031000
+     stigid@ol8: OL08-00-030690
      stigid@rhel7: RHEL-07-031000
 -    stigid@rhel8: RHEL-08-030690
 +    stigid@almalinux8: RHEL-08-030690
@@ -13708,44 +15050,44 @@ index 5290a921..5852f5c5 100644
      stigid@sle15: SLES-15-010580
      vmmsrg: SRG-OS-000032-VMM-000130
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml
-index 9f30722a..349e61a8 100644
+index 83c6d933..073d8b24 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml
 +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,rhel7,rhel8,rhel9
++prodtype: fedora,ol8,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Configure TLS for rsyslog remote logging'
  
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml
-index 0765a5db..ea7e8f37 100644
+index 818f2471..8beaebea 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml
 +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhel8,rhel9
-+prodtype: fedora,ol8,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol8,rhel7,rhel8,rhel9
++prodtype: fedora,ol8,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Configure CA certificate for rsyslog remote logging'
  
 diff --git a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
-index 04349e68..ab481838 100644
+index 105c7dec..b21caee7 100644
 --- a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
 +++ b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
-@@ -32,7 +32,7 @@ references:
-     nist: CM-6(a),AU-4(1)
+@@ -35,7 +35,7 @@ references:
      nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.DS-4,PR.PT-1
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010561
 -    stigid@rhel8: RHEL-08-010561
 +    stigid@almalinux8: RHEL-08-010561
      stigid@ubuntu2004: UBTU-20-010432
  
  ocil: |-
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
-index 25c930f8..9408fd6a 100644
+index 2fc0d19e..9e9fe3d2 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -13756,17 +15098,17 @@ index 25c930f8..9408fd6a 100644
  
  title: 'Install firewalld Package'
  
-@@ -26,7 +26,7 @@ references:
-     nist: CM-6(a)
+@@ -27,7 +27,7 @@ references:
      nist@sle15: CM-7,CM-7.1(iii),CM-7(b),AC-17(1)
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115,SRG-OS-000298-GPOS-00116,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00232
+     stigid@ol8: OL08-00-040100
 -    stigid@rhel8: RHEL-08-040100
 +    stigid@almalinux8: RHEL-08-040100
      stigid@sle15:  SLES-15-010220
  
  ocil_clause: 'the package is not installed'
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
-index 42849bdd..36ccd8b3 100644
+index ff0f33b4..0a9a47c5 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -13777,27 +15119,17 @@ index 42849bdd..36ccd8b3 100644
  
  title: 'Verify firewalld Enabled'
  
-@@ -40,7 +40,7 @@ references:
-     srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00231,SRG-OS-000480-GPOS-00232
+@@ -41,7 +41,7 @@ references:
      stigid@ol7: OL07-00-040520
+     stigid@ol8: OL08-00-040101
      stigid@rhel7: RHEL-07-040520
 -    stigid@rhel8: RHEL-08-040101
 +    stigid@almalinux8: RHEL-08-040101
      stigid@sle15: SLES-15-010220
  
  ocil: |-
-diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/bash/shared.sh b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/bash/shared.sh
-index 0a698d3c..951e20e6 100644
---- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/bash/shared.sh
-+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_wrlinux,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_wrlinux,multi_platform_ol
- # reboot = false
- # complexity = low
- # strategy = configure
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
-index 8e49a685..47fb488d 100644
+index cbd36322..868d8994 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
 @@ -1,6 +1,6 @@
@@ -13808,9 +15140,9 @@ index 8e49a685..47fb488d 100644
  
  title: 'Configure the Firewalld Ports'
  
-@@ -53,7 +53,7 @@ references:
-     srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115
+@@ -54,7 +54,7 @@ references:
      stigid@ol7: OL07-00-040100
+     stigid@ol8: OL08-00-040030
      stigid@rhel7: RHEL-07-040100
 -    stigid@rhel8: RHEL-08-040030
 +    stigid@almalinux8: RHEL-08-040030
@@ -13840,38 +15172,38 @@ index f4d78fb7..41f0d78d 100644
  title: 'Set Default firewalld Zone for Incoming Packets'
  
 diff --git a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
-index 8d93bae8..08c7a78e 100644
+index 275ae401..401629d2 100644
 --- a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
 +++ b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Verify Any Configured IPSec Tunnel Connections'
  
 diff --git a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
-index e89f9e0a..c9984c96 100644
+index 3bf641e4..6e7ad928 100644
 --- a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
 +++ b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Install libreswan Package'
  
 diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/rule.yml b/linux_os/guide/system/network/network-iptables/package_iptables_installed/rule.yml
-index 9f0b8595..970f04af 100644
+index bd6fc70c..fc82cb6a 100644
 --- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/rule.yml
 +++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Install iptables Package'
  
@@ -13933,21 +15265,21 @@ index 87306fed..88e2884b 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
-index 25b5c181..cfed7838 100644
+index 9a3dad87..d688c1fb 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Configure Accepting Router Advertisements on All IPv6 Interfaces'
  
-@@ -31,7 +31,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a)
+@@ -33,7 +33,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040261
 -    stigid@rhel8: RHEL-08-040261
 +    stigid@almalinux8: RHEL-08-040261
  
@@ -14001,7 +15333,7 @@ index 8792fc66..2c7c4b02 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
-index a00665a2..86192222 100644
+index a52041c9..cf42fdd5 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
 @@ -1,6 +1,6 @@
@@ -14012,10 +15344,10 @@ index a00665a2..86192222 100644
  
  title: 'Disable Accepting ICMP Redirects for All IPv6 Interfaces'
  
-@@ -33,7 +33,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),CM-6(b),CM-6.1(iv)
+@@ -36,7 +36,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040280
 -    stigid@rhel8: RHEL-08-040280
 +    stigid@almalinux8: RHEL-08-040280
      stigid@sle12: SLES-12-030363
@@ -14033,7 +15365,7 @@ index e222b1c8..85b92ce9 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
-index dd6762af..a712db98 100644
+index f93fa581..89bb2c23 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
 @@ -1,6 +1,6 @@
@@ -14044,9 +15376,9 @@ index dd6762af..a712db98 100644
  
  title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces'
  
-@@ -43,7 +43,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-040830
+     stigid@ol8: OL08-00-040240
      stigid@rhel7: RHEL-07-040830
 -    stigid@rhel8: RHEL-08-040240
 +    stigid@almalinux8: RHEL-08-040240
@@ -14066,7 +15398,7 @@ index d0b011dd..4716dde4 100644
  title: Configure Auto Configuration on All IPv6 Interfaces
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
-index 0ec0a894..8de42a0d 100644
+index b09b2b53..8354888d 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
 @@ -1,6 +1,6 @@
@@ -14113,21 +15445,21 @@ index 4ed2c480..f59b6d7c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
-index 987a5964..56027dac 100644
+index 48f6daf6..31c41ceb 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Disable Accepting Router Advertisements on all IPv6 Interfaces by Default'
  
-@@ -31,7 +31,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a)
+@@ -33,7 +33,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040262
 -    stigid@rhel8: RHEL-08-040262
 +    stigid@almalinux8: RHEL-08-040262
  
@@ -14181,7 +15513,7 @@ index 845b013e..063776b8 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
-index cbab4262..90921aca 100644
+index c1173b53..6785d617 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
 @@ -1,6 +1,6 @@
@@ -14192,10 +15524,10 @@ index cbab4262..90921aca 100644
  
  title: 'Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces'
  
-@@ -35,7 +35,7 @@ references:
-     nist@sle12: CM-6(b),CM-6.1(iv)
+@@ -38,7 +38,7 @@ references:
      nist@sle15: CM-6(b),CM-6.1(iv)
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040210
 -    stigid@rhel8: RHEL-08-040210
 +    stigid@almalinux8: RHEL-08-040210
      stigid@sle12: SLES-12-030401
@@ -14213,7 +15545,7 @@ index e2951d84..0335df12 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
-index 4cf3114d..73e9ff4a 100644
+index e2d14e3a..fc382f08 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
 @@ -1,6 +1,6 @@
@@ -14224,10 +15556,10 @@ index 4cf3114d..73e9ff4a 100644
  
  title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default'
  
-@@ -41,7 +41,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),CM-6(b),CM-6.1(iv)
+@@ -44,7 +44,7 @@ references:
      nist-csf: DE.AE-1,ID.AM-3,PR.AC-5,PR.DS-5,PR.PT-4
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040250
 -    stigid@rhel8: RHEL-08-040250
 +    stigid@almalinux8: RHEL-08-040250
      stigid@sle12: SLES-12-030362
@@ -14270,29 +15602,17 @@ index d4eeebf7..16f3c9b5 100644
  title: 'Configure Denying Router Solicitations on All IPv6 Interfaces By Default'
  
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml
-index dae640f3..f3856b72 100644
+index 9e1ca48e..676e2f27 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,ol7,ol8,rhel7,rhel8,rhv4,sle15
-+prodtype: fedora,rhcos4,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle15
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Ensure IPv6 is disabled through kernel boot parameter'
  
-@@ -81,9 +81,9 @@ warnings:
-         
    sudo grub2-mkconfig -o {{{ grub2_boot_path }}}/grub.cfg
    
-         
  • On UEFI-based machines, issue the following command:
- {{% if product in ["rhel7", "ol7", "rhel8", "ol8"] %}}
--        
    sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
    • 
-+        
    sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% else %}}
--        
    sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
    
-+        
    sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% endif %}}
-         
- 
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh
 index 5d8daaa6..604dc02c 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel8.fail.sh
@@ -14371,7 +15691,7 @@ index 6bb6de13..1f0664a0 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
-index 72604219..8de28223 100644
+index 9393044b..07a07b2c 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
 @@ -1,6 +1,6 @@
@@ -14382,13 +15702,13 @@ index 72604219..8de28223 100644
  
  title: 'Disable Accepting ICMP Redirects for All IPv4 Interfaces'
  
-@@ -44,7 +44,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-040641
+     stigid@ol8: OL08-00-040279
      stigid@rhel7: RHEL-07-040641
 -    stigid@rhel8: RHEL-08-040279
 +    stigid@almalinux8: RHEL-08-040279
-     stigid@sle12: SLES-12-030390 
+     stigid@sle12: SLES-12-030390
      stigid@sle15: SLES-15-040330
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
@@ -14403,7 +15723,7 @@ index b3d72bb4..b89b8a35 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
-index f92772eb..b9d6c47f 100644
+index e0dae613..545db8bf 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
 @@ -1,6 +1,6 @@
@@ -14414,9 +15734,9 @@ index f92772eb..b9d6c47f 100644
  
  title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces'
  
-@@ -45,7 +45,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -47,7 +47,7 @@ references:
      stigid@ol7: OL07-00-040610
+     stigid@ol8: OL08-00-040239
      stigid@rhel7: RHEL-07-040610
 -    stigid@rhel8: RHEL-08-040239
 +    stigid@almalinux8: RHEL-08-040239
@@ -14435,14 +15755,14 @@ index 70e767cc..fbe1a27a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
-index 9e12c3be..04a02b4b 100644
+index 14c868df..5c2a453c 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces'
  
@@ -14458,20 +15778,20 @@ index c64da37a..08535e5a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
-index 65475174..c76045ae 100644
+index b183e3d2..7c197e6f 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces'
  
-@@ -39,7 +39,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -41,7 +41,7 @@ references:
      stigid@ol7: OL07-00-040611
+     stigid@ol8: OL08-00-040285
      stigid@rhel7: RHEL-07-040611
 -    stigid@rhel8: RHEL-08-040285
 +    stigid@almalinux8: RHEL-08-040285
@@ -14490,14 +15810,14 @@ index 8b075d55..0dd17a34 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
-index 848212c7..e3f75c97 100644
+index abb8ab51..8175b793 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces'
  
@@ -14513,7 +15833,7 @@ index 2bfbd9e4..8ea37100 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
-index bee6c117..da0c1f33 100644
+index 8942b0eb..1afc98bf 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
 @@ -1,6 +1,6 @@
@@ -14524,9 +15844,9 @@ index bee6c117..da0c1f33 100644
  
  title: 'Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces'
  
-@@ -43,7 +43,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -45,7 +45,7 @@ references:
      stigid@ol7: OL07-00-040640
+     stigid@ol8: OL08-00-040209
      stigid@rhel7: RHEL-07-040640
 -    stigid@rhel8: RHEL-08-040209
 +    stigid@almalinux8: RHEL-08-040209
@@ -14545,7 +15865,7 @@ index aa7d1562..08668d03 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
-index b1e7f247..85712b15 100644
+index 3fab05c8..42196cd9 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
 @@ -1,6 +1,6 @@
@@ -14556,9 +15876,9 @@ index b1e7f247..85712b15 100644
  
  title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default'
  
-@@ -46,7 +46,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-040620
+     stigid@ol8: OL08-00-040249
      stigid@rhel7: RHEL-07-040620
 -    stigid@rhel8: RHEL-08-040249
 +    stigid@almalinux8: RHEL-08-040249
@@ -14577,14 +15897,14 @@ index 3a60ab17..728ddb81 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
-index 178da20d..9aab00f9 100644
+index c717e0eb..47d9ae27 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Enable Kernel Paremeter to Log Martian Packets on all IPv4 Interfaces by Default'
  
@@ -14600,14 +15920,14 @@ index b6e53de3..0b652c7c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
-index 27d83ac0..b8f91445 100644
+index 6a0a6a27..d22fdcf0 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default'
  
@@ -14623,14 +15943,14 @@ index aeb67c4e..f47a8ab6 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
-index 3adb5b6f..1a97fded 100644
+index d8c39e65..369a83e9 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Configure Kernel Parameter for Accepting Secure Redirects By Default'
  
@@ -14646,7 +15966,7 @@ index 52d74441..08c8c256 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
-index 3a998d31..ee20d599 100644
+index f6dcc9c2..a2564588 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
 @@ -1,6 +1,6 @@
@@ -14657,13 +15977,13 @@ index 3a998d31..ee20d599 100644
  
  title: 'Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces'
  
-@@ -41,7 +41,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -43,7 +43,7 @@ references:
      stigid@ol7: OL07-00-040630
+     stigid@ol8: OL08-00-040230
      stigid@rhel7: RHEL-07-040630
 -    stigid@rhel8: RHEL-08-040230
 +    stigid@almalinux8: RHEL-08-040230
-     stigid@sle12: SLES-12-030380  
+     stigid@sle12: SLES-12-030380
  
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="net.ipv4.icmp_echo_ignore_broadcasts", value="1") }}}
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
@@ -14678,14 +15998,14 @@ index 9e3a85af..d4f4d31c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
-index f7f5d3c4..0107424b 100644
+index e90a6a19..215c9f65 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces'
  
@@ -14702,7 +16022,7 @@ index 84bb9162..293a5c85 100644
  title: 'Set Kernel Parameter to Increase Local Port Range'
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml
-index 552b2138..f30fc8cb 100644
+index 3da863c6..07f01e52 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml
 @@ -1,6 +1,6 @@
@@ -14737,7 +16057,7 @@ index 0c8dae78..a26df0c5 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
-index 8f557dce..bd4cb580 100644
+index b3d1d3c6..25af3587 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
 @@ -1,6 +1,6 @@
@@ -14760,7 +16080,7 @@ index ea1db12f..5d8b19f6 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
-index 96be007c..03895e9b 100644
+index 59f736c0..09c939c2 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
 @@ -1,6 +1,6 @@
@@ -14771,13 +16091,13 @@ index 96be007c..03895e9b 100644
  
  title: 'Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces'
  
-@@ -43,7 +43,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -45,7 +45,7 @@ references:
      stigid@ol7: OL07-00-040660
+     stigid@ol8: OL08-00-040220
      stigid@rhel7: RHEL-07-040660
 -    stigid@rhel8: RHEL-08-040220
 +    stigid@almalinux8: RHEL-08-040220
-     stigid@sle12: SLES-12-030420 
+     stigid@sle12: SLES-12-030420
      stigid@sle15: SLES-15-040370
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
@@ -14792,7 +16112,7 @@ index b54e3d12..125464d7 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
-index bc666de8..03751ecb 100644
+index 0936f826..d3ac1743 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
 @@ -1,6 +1,6 @@
@@ -14803,17 +16123,17 @@ index bc666de8..03751ecb 100644
  
  title: 'Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default'
  
-@@ -43,7 +43,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -45,7 +45,7 @@ references:
      stigid@ol7: OL07-00-040650
+     stigid@ol8: OL08-00-040270
      stigid@rhel7: RHEL-07-040650
 -    stigid@rhel8: RHEL-08-040270
 +    stigid@almalinux8: RHEL-08-040270
-     stigid@sle12: SLES-12-030410 
+     stigid@sle12: SLES-12-030410
      stigid@sle15: SLES-15-040360
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
-index 950c2ebe..a916d46b 100644
+index 0e696ec5..272b8bd2 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
 @@ -1,6 +1,6 @@
@@ -14824,13 +16144,13 @@ index 950c2ebe..a916d46b 100644
  
  title: 'Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces'
  
-@@ -41,7 +41,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -43,7 +43,7 @@ references:
      stigid@ol7: OL07-00-040740
+     stigid@ol8: OL08-00-040260
      stigid@rhel7: RHEL-07-040740
 -    stigid@rhel8: RHEL-08-040260
 +    stigid@almalinux8: RHEL-08-040260
-     stigid@sle12: SLES-12-030430 
+     stigid@sle12: SLES-12-030430
      stigid@sle15: SLES-15-040380
  
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/kubernetes/shared.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/kubernetes/shared.yml
@@ -14845,7 +16165,7 @@ index 7d08edf8..f83779e3 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
-index 5c077bb3..3001d34a 100644
+index 0fe216f1..8d32519c 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -14856,10 +16176,10 @@ index 5c077bb3..3001d34a 100644
  
  title: 'Disable ATM Support'
  
-@@ -26,7 +26,7 @@ references:
-     disa: CCI-000381
+@@ -28,7 +28,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040021
 -    stigid@rhel8: RHEL-08-040021
 +    stigid@almalinux8: RHEL-08-040021
  
@@ -14877,7 +16197,7 @@ index 6f5805e5..0ca4ab3b 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
-index f4d9e23b..df5e95d5 100644
+index 68a88a42..8b45a3fc 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -14888,24 +16208,24 @@ index f4d9e23b..df5e95d5 100644
  
  title: 'Disable CAN Support'
  
-@@ -26,7 +26,7 @@ references:
-     disa: CCI-000381
+@@ -28,7 +28,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040022
 -    stigid@rhel8: RHEL-08-040022
 +    stigid@almalinux8: RHEL-08-040022
  
  {{{ complete_ocil_entry_module_disable(module="can") }}}
  
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
-index 64f8d808..19109457 100644
+index 8d4b21be..20522980 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
  
  title: 'Disable DCCP Support'
  
@@ -14921,7 +16241,7 @@ index 61aed859..03f41b72 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
-index fb29a467..0d9f26fa 100644
+index 3534ddc9..c9e7236f 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -14932,10 +16252,10 @@ index fb29a467..0d9f26fa 100644
  
  title: 'Disable IEEE 1394 (FireWire) Support'
  
-@@ -25,7 +25,7 @@ references:
-     disa: CCI-000381
+@@ -27,7 +27,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040026
 -    stigid@rhel8: RHEL-08-040026
 +    stigid@almalinux8: RHEL-08-040026
  
@@ -14953,21 +16273,21 @@ index 28b8952d..6e3e064a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
-index ddcb6c2a..95093c78 100644
+index 3dc9ce2b..316cbd9c 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004
  
  title: 'Disable SCTP Support'
  
-@@ -38,7 +38,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a)
+@@ -41,7 +41,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040023
 -    stigid@rhel8: RHEL-08-040023
 +    stigid@almalinux8: RHEL-08-040023
  
@@ -14985,13 +16305,13 @@ index 9761ea78..b98652b4 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
-index 18e56df4..153d5de7 100644
+index 76bd1d52..36bd856f 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
-@@ -41,7 +41,7 @@ references:
-     nist-csf: PR.IP-1,PR.PT-3
+@@ -42,7 +42,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040024
 -    stigid@rhel8: RHEL-08-040024
 +    stigid@almalinux8: RHEL-08-040024
  
@@ -15009,7 +16329,7 @@ index 5aaafd12..9d05d0c5 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
-index d277db69..6e6f73db 100644
+index e5efa8df..11a5b7f8 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -15020,24 +16340,24 @@ index d277db69..6e6f73db 100644
  
  title: 'Disable Bluetooth Kernel Module'
  
-@@ -36,7 +36,7 @@ references:
-     nist: AC-18(a),AC-18(3),CM-7(a),CM-7(b),CM-6(a),MP-7
+@@ -37,7 +37,7 @@ references:
      nist-csf: PR.AC-3,PR.IP-1,PR.PT-3,PR.PT-4
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000300-GPOS-00118
+     stigid@ol8: OL08-00-040111
 -    stigid@rhel8: RHEL-08-040111
 +    stigid@almalinux8: RHEL-08-040111
  
  {{{ complete_ocil_entry_module_disable(module="bluetooth") }}}
  
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/service_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/service_bluetooth_disabled/rule.yml
-index c7f84c6b..d9482708 100644
+index fea6ec50..b90ede6f 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/service_bluetooth_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/service_bluetooth_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel7,rhel8,rhv4,rhcos4
-+prodtype: fedora,rhel7,rhel8,almalinux8,rhv4,rhcos4
+-prodtype: fedora,rhcos4,rhel7,rhel8,rhv4
++prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhv4
  
  title: 'Disable Bluetooth Service'
  
@@ -15054,7 +16374,7 @@ index 6a541594..8c47fed5 100644
  title: 'Disable WiFi or Bluetooth in BIOS'
  
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
-index df5d92d8..559288dd 100644
+index 2104d3ea..60f11694 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
 @@ -1,6 +1,6 @@
@@ -15065,9 +16385,9 @@ index df5d92d8..559288dd 100644
  
  title: 'Deactivate Wireless Network Interfaces'
  
-@@ -60,7 +60,7 @@ references:
-     srg: SRG-OS-000299-GPOS-00117,SRG-OS-000300-GPOS-00118,SRG-OS-000424-GPOS-00188,SRG-OS-000481-GPOS-000481
+@@ -62,7 +62,7 @@ references:
      stigid@ol7: OL07-00-041010
+     stigid@ol8: OL08-00-040110
      stigid@rhel7: RHEL-07-041010
 -    stigid@rhel8: RHEL-08-040110
 +    stigid@almalinux8: RHEL-08-040110
@@ -15075,20 +16395,20 @@ index df5d92d8..559288dd 100644
      stigid@sle15: SLES-15-010380
      stigid@ubuntu2004: UBTU-20-010455
 diff --git a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
-index d3f2eda7..0e99012d 100644
+index 9a583e8d..3590b4a2 100644
 --- a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
 +++ b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
  
  title: 'Configure Multiple DNS Servers in /etc/resolv.conf'
  
-@@ -39,7 +39,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -41,7 +41,7 @@ references:
      stigid@ol7: OL07-00-040600
+     stigid@ol8: OL08-00-010680
      stigid@rhel7: RHEL-07-040600
 -    stigid@rhel8: RHEL-08-010680
 +    stigid@almalinux8: RHEL-08-010680
@@ -15133,22 +16453,12 @@ index 3f497dc7..f85aac04 100644
 +++ b/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
 @@ -1,4 +1,4 @@
 -# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_rhv,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_rhv,multi_platform_fedora
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/network/network_nmcli_permissions/bash/shared.sh b/linux_os/guide/system/network/network_nmcli_permissions/bash/shared.sh
-index c3b0b981..cd447e5f 100644
---- a/linux_os/guide/system/network/network_nmcli_permissions/bash/shared.sh
-+++ b/linux_os/guide/system/network/network_nmcli_permissions/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_rhv,multi_platform_fedora
 +# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_rhv,multi_platform_fedora
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/network/network_nmcli_permissions/rule.yml b/linux_os/guide/system/network/network_nmcli_permissions/rule.yml
-index 1f0fde55..328daa0d 100644
+index 63fa589f..587a266a 100644
 --- a/linux_os/guide/system/network/network_nmcli_permissions/rule.yml
 +++ b/linux_os/guide/system/network/network_nmcli_permissions/rule.yml
 @@ -1,6 +1,6 @@
@@ -15160,7 +16470,7 @@ index 1f0fde55..328daa0d 100644
  title: 'Prevent non-Privileged Users from Modifying Network Interfaces using nmcli'
  
 diff --git a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
-index 70136627..6ba1a58b 100644
+index 66d67584..5a31e197 100644
 --- a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -15171,9 +16481,9 @@ index 70136627..6ba1a58b 100644
  
  title: 'Ensure System is Not Acting as a Network Sniffer'
  
-@@ -46,7 +46,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -47,7 +47,7 @@ references:
      stigid@ol7: OL07-00-040670
+     stigid@ol8: OL08-00-040330
      stigid@rhel7: RHEL-07-040670
 -    stigid@rhel8: RHEL-08-040330
 +    stigid@almalinux8: RHEL-08-040330
@@ -15191,7 +16501,7 @@ index b49e8cd0..bbbdb90b 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
-index 65e4607a..2e44fecf 100644
+index 33834759..efe72aa4 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
 @@ -1,6 +1,6 @@
@@ -15202,43 +16512,43 @@ index 65e4607a..2e44fecf 100644
  
  title: 'Ensure All World-Writable Directories Are Owned by root user'
  
-@@ -27,7 +27,7 @@ references:
-     anssi: BP28(R40)
+@@ -28,7 +28,7 @@ references:
      disa: CCI-000366
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010700
 -    stigid@rhel8: RHEL-08-010700
 +    stigid@almalinux8: RHEL-08-010700
  
  ocil_clause: 'there is output'
  
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
-index 92ad8c23..526a66e2 100644
+index e807cbfe..79482556 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
-index e49942d1..426dc99c 100644
+index b3395bea..56ff803b 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  df --local -P | awk '{if (NR!=1) print $6}' \
  | xargs -I '{}' find '{}' -xdev -type d \
  \( -perm -0002 -a ! -perm -1000 \) 2>/dev/null \
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
-index 7a65dde8..1d97b2c8 100644
+index e6a01c6b..a913ea9c 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
-@@ -55,7 +55,7 @@ references:
-     nist: CM-6(a),AC-6(1)
+@@ -57,7 +57,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000138-GPOS-00069
+     stigid@ol8: OL08-00-010190
 -    stigid@rhel8: RHEL-08-010190
 +    stigid@almalinux8: RHEL-08-010190
      stigid@sle12: SLES-12-010460
@@ -15257,61 +16567,61 @@ index 62c58d80..66a531b3 100644
  title: 'Ensure All World-Writable Directories Are Owned by a System Account'
  
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
-index 21023ce9..b90dc018 100644
+index e16d3315..30f891a1 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019,sle12,sle15
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,wrlinux1019,sle12,sle15
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15,wrlinux1019
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15,wrlinux1019
  
  title: 'Ensure All World-Writable Directories Are Group Owned by a System Account'
  
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
-index 1cde3ded..83ff7bc6 100644
+index 18adf450..83a12d56 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel8
-+prodtype: fedora,rhel8,almalinux8
+-prodtype: fedora,ol8,rhel8,rhel9,ubuntu2004
++prodtype: fedora,ol8,rhel8,almalinux8,rhel9,ubuntu2004
  
  title: 'Verify Permissions on /etc/audit/auditd.conf'
  
-@@ -25,7 +25,7 @@ references:
-     disa: CCI-000171
+@@ -27,7 +27,7 @@ references:
      nist: AU-12(b)
      srg: SRG-OS-000063-GPOS-00032
+     stigid@ol8: OL08-00-030610
 -    stigid@rhel8: RHEL-08-030610
 +    stigid@almalinux8: RHEL-08-030610
+     stigid@ubuntu2004: UBTU-20-010133
  
  template:
-     name: file_permissions
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
-index 34e1f303..7aa433ce 100644
+index 4fcc2f5a..decdeadc 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel8
-+prodtype: fedora,rhel8,almalinux8
+-prodtype: fedora,ol8,rhel8,rhel9,ubuntu2004
++prodtype: fedora,ol8,rhel8,almalinux8,rhel9,ubuntu2004
  
  title: 'Verify Permissions on /etc/audit/rules.d/*.rules'
  
-@@ -25,7 +25,7 @@ references:
-     disa: CCI-000171
+@@ -27,7 +27,7 @@ references:
      nist: AU-12(b)
      srg: SRG-OS-000063-GPOS-00032
+     stigid@ol8: OL08-00-030610
 -    stigid@rhel8: RHEL-08-030610
 +    stigid@almalinux8: RHEL-08-030610
+     stigid@ubuntu2004: UBTU-20-010133
  
  template:
-     name: file_permissions
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
-index 7b2eb120..281ebad9 100644
+index b3609fce..e2e48e3a 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
 @@ -2,7 +2,7 @@ documentation_complete: true
@@ -15324,7 +16634,7 @@ index 7b2eb120..281ebad9 100644
  description: |-
      The SGID (set group id) bit should be set only on files that were
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
-index 28fce50f..fc4289b4 100644
+index 5e1b37ea..49191c31 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
 @@ -2,7 +2,7 @@ documentation_complete: true
@@ -15337,7 +16647,7 @@ index 28fce50f..fc4289b4 100644
  description: |-
      The SUID (set user id) bit should be set only on files that were
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
-index 5cabb944..734bc3e7 100644
+index 2dab2757..ce9d67a3 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
 @@ -1,6 +1,6 @@
@@ -15348,9 +16658,9 @@ index 5cabb944..734bc3e7 100644
  
  title: 'Ensure All Files Are Owned by a Group'
  
-@@ -48,7 +48,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -50,7 +50,7 @@ references:
      stigid@ol7: OL07-00-020330
+     stigid@ol8: OL08-00-010790
      stigid@rhel7: RHEL-07-020330
 -    stigid@rhel8: RHEL-08-010790
 +    stigid@almalinux8: RHEL-08-010790
@@ -15358,7 +16668,7 @@ index 5cabb944..734bc3e7 100644
      stigid@sle15: SLES-15-040410
  
 diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
-index c090e80f..8845a095 100644
+index 92351d16..a6b33200 100644
 --- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
 +++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
 @@ -1,6 +1,6 @@
@@ -15369,9 +16679,9 @@ index c090e80f..8845a095 100644
  
  title: 'Ensure All Files Are Owned by a User'
  
-@@ -49,7 +49,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -51,7 +51,7 @@ references:
      stigid@ol7: OL07-00-020320
+     stigid@ol8: OL08-00-010780
      stigid@rhel7: RHEL-07-020320
 -    stigid@rhel8: RHEL-08-010780
 +    stigid@almalinux8: RHEL-08-010780
@@ -15379,180 +16689,276 @@ index c090e80f..8845a095 100644
      stigid@sle15: SLES-15-040400
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
-index 5ddaf9f7..9d227a68 100644
+index 927d08d0..ebc327b2 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
-@@ -18,7 +18,7 @@ identifiers:
- references:
+@@ -26,7 +26,7 @@ references:
      disa: CCI-001314
      srg: SRG-OS-000206-GPOS-00084
+     stigid@ol8: OL08-00-010260
 -    stigid@rhel8: RHEL-08-010260
 +    stigid@almalinux8: RHEL-08-010260
      stigid@ubuntu2004: UBTU-20-010417
  
- ocil_clause: '{{{ ocil_clause_file_group_owner(file="/var/log", group="root") }}}'
+ ocil_clause: '{{{ ocil_clause_file_group_owner(file="/var/log", group=gid) }}}'
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
-index 7fa97853..aab0c6f9 100644
+index f561000e..1df9dd2e 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
-@@ -17,7 +17,7 @@ identifiers:
- references:
+@@ -18,7 +18,7 @@ references:
      disa: CCI-001314
      srg: SRG-OS-000206-GPOS-00084
+     stigid@ol8: OL08-00-010230
 -    stigid@rhel8: RHEL-08-010230
 +    stigid@almalinux8: RHEL-08-010230
  
  ocil_clause: '{{{ ocil_clause_file_group_owner(file="/var/log/messages", group="root") }}}'
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
-index b689df56..1062dd69 100644
+index 364ddd3c..51808f3d 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
-@@ -18,7 +18,7 @@ identifiers:
- references:
+@@ -19,7 +19,7 @@ references:
      disa: CCI-001314
      srg: SRG-OS-000206-GPOS-00084
+     stigid@ol8: OL08-00-010250
 -    stigid@rhel8: RHEL-08-010250
 +    stigid@almalinux8: RHEL-08-010250
      stigid@ubuntu2004: UBTU-20-010418
  
  ocil_clause: '{{{ ocil_clause_file_owner(file="/var/log", owner="root") }}}'
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
-index 786cdaaf..c0ee431a 100644
+index 1face69c..f8d10128 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
-@@ -17,7 +17,7 @@ identifiers:
- references:
+@@ -18,7 +18,7 @@ references:
      disa: CCI-001314
      srg: SRG-OS-000206-GPOS-00084
+     stigid@ol8: OL08-00-010220
 -    stigid@rhel8: RHEL-08-010220
 +    stigid@almalinux8: RHEL-08-010220
  
  ocil_clause: '{{{ ocil_clause_file_owner(file="/var/log/messages", owner="root") }}}'
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
-index e1933b47..ffafbca1 100644
+index 5c826250..bb7ce6a4 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
-@@ -19,7 +19,7 @@ identifiers:
- references:
+@@ -20,7 +20,7 @@ references:
      disa: CCI-001314
      srg: SRG-OS-000206-GPOS-00084
+     stigid@ol8: OL08-00-010240
 -    stigid@rhel8: RHEL-08-010240
 +    stigid@almalinux8: RHEL-08-010240
      stigid@ubuntu2004: UBTU-20-010419
  
  ocil_clause: '{{{ ocil_clause_file_permissions(file="/var/log", perms="drwxr-xr-x") }}}'
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
-index cdd89a98..47650e30 100644
+index a1faf8be..178d7f8b 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
-@@ -18,7 +18,7 @@ identifiers:
- references:
+@@ -19,7 +19,7 @@ references:
      disa: CCI-001314
      srg: SRG-OS-000206-GPOS-00084
+     stigid@ol8: OL08-00-010210
 -    stigid@rhel8: RHEL-08-010210
 +    stigid@almalinux8: RHEL-08-010210
  
  ocil_clause: '{{{ ocil_clause_file_permissions(file="/var/log/messages", perms="-rw-r-----") }}}'
  
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/ansible/shared.yml
-index f6f2ab48..62306146 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = multi_platform_sle,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # reboot = false
- # strategy = restrict
- # complexity = medium
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/bash/shared.sh
-index 365b9833..80b141d1 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = multi_platform_sle,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- 
- find /lib \
- /lib64 \
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
-index 8c0acc0e..569f6be4 100644
+index 3a6167a5..d8a687b5 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: sle12,sle15,rhel8,fedora
-+prodtype: sle12,sle15,rhel8,almalinux8,fedora
+-prodtype: fedora,ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
++prodtype: fedora,ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
  
  title: 'Verify that Shared Library Directories Have Root Group Ownership'
  
-@@ -37,7 +37,7 @@ references:
-     disa: CCI-001499
+@@ -39,7 +39,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
--    stigid@rhel8: RHEL-08-010350
-+    stigid@almalinux8: RHEL-08-010350
+     stigid@ol8: OL08-00-010350
+-    stigid@rhel8: RHEL-08-010351
++    stigid@almalinux8: RHEL-08-010351
      stigid@sle12: SLES-12-010876
      stigid@sle15: SLES-15-010356
- 
+     stigid@ubuntu2004: UBTU-20-010431
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/all_dirs_ok.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/all_dirs_ok.pass.sh
-index 50fdb17b..ceca9549 100644
+index 6a05a2b8..ba70bf50 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/all_dirs_ok.pass.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/all_dirs_ok.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = multi_platform_sle,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ 
+ DIRS="/lib /lib64 /usr/lib /usr/lib64"
+ for dirPath in $DIRS; do
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/correct_groupowner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/correct_groupowner.pass.sh
+index 6a05a2b8..ba70bf50 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/correct_groupowner.pass.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/correct_groupowner.pass.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ 
+ DIRS="/lib /lib64 /usr/lib /usr/lib64"
+ for dirPath in $DIRS; do
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner.fail.sh
+index 36461f5e..d3ab88b9 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner.fail.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ 
+ DIRS="/lib /lib64 /usr/lib /usr/lib64"
+ for dirPath in $DIRS; do
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner_2.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner_2.fail.sh
+index 3f09e3dd..9d78a30e 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner_2.fail.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/incorrect_groupowner_2.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
  DIRS="/lib /lib64 /usr/lib /usr/lib64"
  for dirPath in $DIRS; do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/nobody_group_owned_dir_on_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/nobody_group_owned_dir_on_lib.fail.sh
-index 043ad6b2..fed1cb70 100644
+index 36461f5e..d3ab88b9 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/nobody_group_owned_dir_on_lib.fail.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/tests/nobody_group_owned_dir_on_lib.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = multi_platform_sle,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
  DIRS="/lib /lib64 /usr/lib /usr/lib64"
  for dirPath in $DIRS; do
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
+index f0781b30..bee598ce 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
+@@ -36,7 +36,7 @@ references:
+     disa: CCI-001499
+     nist: CM-5(6),CM-5(6).1
+     srg: SRG-OS-000259-GPOS-00100
+-    stigid@rhel8: RHEL-08-010341
++    stigid@almalinux8: RHEL-08-010341
+     stigid@sle12: SLES-12-010874
+     stigid@sle15: SLES-15-010354
+     stigid@ubuntu2004: UBTU-20-010429
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
+index a0d49905..396f228e 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_sle,multi_platform_rhel
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
+ DIRS="/lib /lib64 /usr/lib /usr/lib64"
+ for dirPath in $DIRS; do
+ 	find "$dirPath" -type d -exec chown root '{}' \;
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
+index f366c2d7..e8291c26 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_sle,multi_platform_rhel
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
+ groupadd nogroup
+ DIRS="/lib /lib64"
+ for dirPath in $DIRS; do
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
+index 6e62e8c6..f26b4350 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
+@@ -43,7 +43,7 @@ references:
+     nerc-cip: CIP-003-8 R6
+     nist: CM-5,CM-5(6),CM-5(6).1
+     srg: SRG-OS-000259-GPOS-00100
+-    stigid@rhel8: RHEL-08-010331
++    stigid@almalinux8: RHEL-08-010331
+     stigid@sle12: SLES-12-010872
+     stigid@sle15: SLES-15-010352
+     stigid@ubuntu2004: UBTU-20-010427
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
+index 6e957c30..3743441b 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel
++# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
+ DIRS="/lib /lib64 /usr/lib /usr/lib64"
+ for dirPath in $DIRS; do
+ 	find "$dirPath" -perm /022 -type d -exec chmod go-w '{}' \;
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
+index 55ff9ceb..93e11a14 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel
++# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
+ DIRS="/lib /lib64 /usr/lib /usr/lib64"
+ for dirPath in $DIRS; do
+     chmod -R 755 "$dirPath"
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
+index c2b5b6bf..c6d40fa0 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel
++# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
+ DIRS="/lib /lib64"
+ for dirPath in $DIRS; do
+ 	mkdir -p "$dirPath/testme" && chmod 777  "$dirPath/testme"
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
+index 40e6c42c..8634e33c 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel
++# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
+ DIRS="/usr/lib /usr/lib64"
+ for dirPath in $DIRS; do
+ 	mkdir -p "$dirPath/testme" && chmod 777 "$dirPath/testme"
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
-index 71682881..f63a3dc2 100644
+index eec7485f..698722f7 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = multi_platform_sle,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = multi_platform_sle,Oracle Linux 8,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_sle,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # reboot = false
  # strategy = restrict
  # complexity = medium
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
-index 5598e471..05ac5394 100644
+index e352dd34..dc8fa8b2 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = multi_platform_sle,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = multi_platform_sle,Oracle Linux 8,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
++# platform = multi_platform_sle,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
  
  for SYSCMDFILES in /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin
  do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
-index cd605363..1717f42c 100644
+index 8fc75390..e0f73c01 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel8,sle12,sle15,ubuntu2004
-+prodtype: fedora,rhel8,almalinux8,sle12,sle15,ubuntu2004
+-prodtype: fedora,ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
++prodtype: fedora,ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
  
  title: 'Verify that system commands files are group owned by root '
  
-@@ -41,7 +41,7 @@ references:
-     disa: CCI-001499
+@@ -43,7 +43,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
+     stigid@ol8: OL08-00-010320
 -    stigid@rhel8: RHEL-08-010320
 +    stigid@almalinux8: RHEL-08-010320
      stigid@sle12: SLES-12-010882
@@ -15579,51 +16985,51 @@ index 5471f360..1a2c2a9f 100644
  /usr/bin/ \
  /usr/local/bin/ \
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
-index 1a13a200..a3d8185c 100644
+index b0006b2c..cc3bad25 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
-@@ -42,7 +42,7 @@ references:
-     nist: CM-5(6),CM-5(6).1,CM-6(a),AC-6(1)
+@@ -43,7 +43,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000259-GPOS-00100
+     stigid@ol8: OL08-00-010310
 -    stigid@rhel8: RHEL-08-010310
 +    stigid@almalinux8: RHEL-08-010310
      stigid@sle12: SLES-15-010879
      stigid@sle15: SLES-15-010359
      stigid@ubuntu2004: UBTU-20-010457
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/ansible/shared.yml
-index de81a370..9f2d834d 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = medium
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/bash/shared.sh
-index c75167d2..dee705ea 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
- for LIBDIR in /usr/lib /usr/lib64 /lib /lib64
- do
-   if [ -d $LIBDIR ]
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
-index dfedd255..8a349c9d 100644
+index b6bc18e8..6630189c 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
-@@ -43,7 +43,7 @@ references:
-     nist: CM-5(6),CM-5(6).1,CM-6(a),AC-6(1)
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000259-GPOS-00100
+     stigid@ol8: OL08-00-010340
 -    stigid@rhel8: RHEL-08-010340
 +    stigid@almalinux8: RHEL-08-010340
      stigid@sle12: SLES-12-010873
      stigid@sle15: SLES-15-010353
      stigid@ubuntu2004: UBTU-20-010428
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
+index 92c6a088..f5601ebd 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
+ 
+ for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
+ do
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
+index 84da71f4..f52ddfbb 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
+ 
+ useradd user_test
+ for TESTFILE in /lib/test_me /lib64/test_me /usr/lib/test_me /usr/lib64/test_me
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
 index 33196965..b0572f9d 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
@@ -15635,112 +17041,82 @@ index 33196965..b0572f9d 100644
  # strategy = restrict
  # complexity = medium
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
-index 5d95c987..6ff7b18a 100644
+index ab89b277..f4a7c33a 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
  DIRS="/bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin /usr/libexec"
  for dirPath in $DIRS; do
  	find "$dirPath" -perm /022 -exec chmod go-w '{}' \;
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
-index 80ab758b..aa5f3528 100644
+index 43ba90a6..8ff566c5 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
-@@ -42,7 +42,7 @@ references:
-     nist: CM-5(6),CM-5(6).1,CM-6(a),AC-6(1)
+@@ -43,7 +43,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000259-GPOS-00100
+     stigid@ol8: OL08-00-010300
 -    stigid@rhel8: RHEL-08-010300
 +    stigid@almalinux8: RHEL-08-010300
      stigid@sle12: SLES-12-010878
      stigid@sle15: SLES-15-010358
      stigid@ubuntu2004: UBTU-20-010456
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/ansible/shared.yml
-index cf9eebac..8571c19b 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = high
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
-index 902d8b5f..b41692d5 100644
+index 5a708cf7..0301d7b2 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
-@@ -43,7 +43,7 @@ references:
-     nist: CM-6(a),CM-5(6),CM-5(6).1,AC-6(1)
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000259-GPOS-00100
+     stigid@ol8: OL08-00-010330
 -    stigid@rhel8: RHEL-08-010330
 +    stigid@almalinux8: RHEL-08-010330
      stigid@sle12: SLES-12-010871
      stigid@sle15: SLES-15-010351
      stigid@ubuntu2004: UBTU-20-010426
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/ansible/shared.yml
-index ab3e85c4..83e1fe32 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = multi_platform_sle,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # reboot = false
- # strategy = restrict
- # complexity = high
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/bash/shared.sh
-index d5fb8948..da0fb11b 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = multi_platform_sle,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- 
- find /lib \
- /lib64 \
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
-index 83371b8b..2d6f6b25 100644
+index ec135b52..1bd33e47 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: sle12,sle15,rhel8,fedora
-+prodtype: sle12,sle15,rhel8,almalinux8,fedora
+-prodtype: fedora,ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
++prodtype: fedora,ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
  
  title: |-
      Verify the system-wide library files in directories
-@@ -41,7 +41,7 @@ references:
-     disa: CCI-001499
+@@ -43,7 +43,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
+     stigid@ol8: OL08-00-010350
 -    stigid@rhel8: RHEL-08-010350
 +    stigid@almalinux8: RHEL-08-010350
      stigid@sle12: SLES-12-010875
      stigid@sle15: SLES-15-010355
- 
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_group.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_group.pass.sh
-index a4ae2854..5fc20346 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_group.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_group.pass.sh
+     stigid@ubuntu2004: UBTU-20-01430
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
+index 5356d374..a85c8800 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = multi_platform_sle,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
  
  for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
  do
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_group.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_group.fail.sh
-index c96f65b9..2461e35f 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_group.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_group.fail.sh
+diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
+index 7352b60a..fc84e065 100644
+--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
++++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = multi_platform_sle,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
  
+ groupadd group_test
  for TESTFILE in /lib/test_me /lib64/test_me /usr/lib/test_me /usr/lib64/test_me
- do
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
 index b0d59400..4a71eccd 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
@@ -15753,13 +17129,13 @@ index b0d59400..4a71eccd 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
-index b8dcf3a2..4f5d09c8 100644
+index 12c48f27..d184e3e7 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
 +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
-@@ -24,7 +24,7 @@ references:
-     nerc-cip: CIP-003-3 R5.1.1,CIP-003-3 R5.3,CIP-004-3 R2.3,CIP-007-3 R2.1,CIP-007-3 R2.2,CIP-007-3 R2.3,CIP-007-3 R5.1,CIP-007-3 R5.1.1,CIP-007-3 R5.1.2
+@@ -25,7 +25,7 @@ references:
      nist: CM-6(a),AC-6(1)
      srg: SRG-OS-000324-GPOS-00125
+     stigid@ol8: OL08-00-010374
 -    stigid@rhel8: RHEL-08-010374
 +    stigid@almalinux8: RHEL-08-010374
  
@@ -15777,13 +17153,13 @@ index 5ce0decb..b7a4243e 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
-index b283776e..72e7595c 100644
+index 32ab388f..0273088d 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
 +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
-@@ -26,7 +26,7 @@ references:
-     nerc-cip: CIP-003-3 R5.1.1,CIP-003-3 R5.3,CIP-004-3 R2.3,CIP-007-3 R2.1,CIP-007-3 R2.2,CIP-007-3 R2.3,CIP-007-3 R5.1,CIP-007-3 R5.1.1,CIP-007-3 R5.1.2
+@@ -27,7 +27,7 @@ references:
      nist: CM-6(a),AC-6(1)
      srg: SRG-OS-000324-GPOS-00125
+     stigid@ol8: OL08-00-010373
 -    stigid@rhel8: RHEL-08-010373
 +    stigid@almalinux8: RHEL-08-010373
  
@@ -15837,7 +17213,7 @@ index 44c5bffe..2eb544c7 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
-index a21b044b..543160de 100644
+index a6e1bec4..fe2889b5 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -15848,10 +17224,10 @@ index a21b044b..543160de 100644
  
  title: 'Disable Mounting of cramfs'
  
-@@ -43,7 +43,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a)
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040025
 -    stigid@rhel8: RHEL-08-040025
 +    stigid@almalinux8: RHEL-08-040025
  
@@ -15961,14 +17337,14 @@ index be4526c5..febc07d2 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
-index f78dbb60..a29fa86f 100644
+index 3380c193..459c2f31 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Disable Mounting of squashfs'
  
@@ -15984,14 +17360,14 @@ index ba69e9bf..615e5db4 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml
-index 7cdf27b4..b6c8f181 100644
+index ba9f91f4..0c2db132 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu1804,ubuntu2004
-+prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu1804,ubuntu2004
+-prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004
++prodtype: fedora,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004
  
  title: 'Disable Mounting of udf'
  
@@ -16007,7 +17383,7 @@ index 32e39f20..a00da355 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
-index c8366334..737e8cf5 100644
+index bd560d77..47fb22d8 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -16018,9 +17394,9 @@ index c8366334..737e8cf5 100644
  
  title: 'Disable Modprobe Loading of USB Storage Driver'
  
-@@ -44,7 +44,7 @@ references:
-     srg: SRG-OS-000114-GPOS-00059,SRG-OS-000378-GPOS-00163,SRG-OS-000480-GPOS-00227
+@@ -45,7 +45,7 @@ references:
      stigid@ol7: OL07-00-020100
+     stigid@ol8: OL08-00-040080
      stigid@rhel7: RHEL-07-020100
 -    stigid@rhel8: RHEL-08-040080
 +    stigid@almalinux8: RHEL-08-040080
@@ -16062,7 +17438,7 @@ index 41352695..8b69802a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
-index 2214eb95..d38bc2ee 100644
+index 2035b36d..bbcd052a 100644
 --- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -16073,9 +17449,9 @@ index 2214eb95..d38bc2ee 100644
  
  title: 'Disable the Automounter'
  
-@@ -51,7 +51,7 @@ references:
-     srg: SRG-OS-000114-GPOS-00059,SRG-OS-000378-GPOS-00163,SRG-OS-000480-GPOS-00227
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-020110
+     stigid@ol8: OL08-00-040070
      stigid@rhel7: RHEL-07-020110
 -    stigid@rhel8: RHEL-08-040070
 +    stigid@almalinux8: RHEL-08-040070
@@ -16095,7 +17471,7 @@ index da7833ee..47c3af4c 100644
  title: 'Add noauto Option to /boot'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
-index f9eebd38..767fe30a 100644
+index da96d7e5..1c278823 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
 @@ -1,6 +1,6 @@
@@ -16119,7 +17495,7 @@ index e6f8d284..d35ad835 100644
  title: 'Add noexec Option to /boot'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
-index cfb5a158..5dcf3a0d 100644
+index 8f8c2fd5..cb1400e1 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
 @@ -1,6 +1,6 @@
@@ -16130,22 +17506,22 @@ index cfb5a158..5dcf3a0d 100644
  
  title: 'Add nosuid Option to /boot'
  
-@@ -30,7 +30,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -31,7 +31,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010571
 -    stigid@rhel8: RHEL-08-010571
 +    stigid@almalinux8: RHEL-08-010571
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
-index 77699486..d09652d4 100644
+index 304b2c32..b5b9afd6 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
-@@ -40,7 +40,7 @@ references:
-     srg: SRG-OS-000368-GPOS-00154
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-021022
+     stigid@ol8: OL08-00-040120
      stigid@rhel7: RHEL-07-021022
 -    stigid@rhel8: RHEL-08-040120
 +    stigid@almalinux8: RHEL-08-040120
@@ -16153,20 +17529,20 @@ index 77699486..d09652d4 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
-index 0405c4a2..e30bb475 100644
+index d99aa5f8..85ce4e1e 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu1804,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu1804,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004
  
  title: 'Add noexec Option to /dev/shm'
  
-@@ -43,7 +43,7 @@ references:
-     srg: SRG-OS-000368-GPOS-00154
+@@ -45,7 +45,7 @@ references:
      stigid@ol7: OL07-00-021024
+     stigid@ol8: OL08-00-040122
      stigid@rhel7: RHEL-07-021024
 -    stigid@rhel8: RHEL-08-040122
 +    stigid@almalinux8: RHEL-08-040122
@@ -16174,12 +17550,12 @@ index 0405c4a2..e30bb475 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
-index 54c05d6f..202fb4a1 100644
+index 29d43609..8498dd16 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
-@@ -40,7 +40,7 @@ references:
-     srg: SRG-OS-000368-GPOS-00154
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-021023
+     stigid@ol8: OL08-00-040121
      stigid@rhel7: RHEL-07-021023
 -    stigid@rhel8: RHEL-08-040121
 +    stigid@almalinux8: RHEL-08-040121
@@ -16187,19 +17563,19 @@ index 54c05d6f..202fb4a1 100644
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
-index 07013b2e..b5fa4bfc 100644
+index ad7a6cb0..9ca0d640 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu1804
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu1804
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804
  
  title: 'Add nodev Option to /home'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
-index e2372df0..611b66ab 100644
+index 17fd0250..c47cd692 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
 @@ -1,6 +1,6 @@
@@ -16210,17 +17586,17 @@ index e2372df0..611b66ab 100644
  
  title: 'Add noexec Option to /home'
  
-@@ -28,7 +28,7 @@ references:
-     disa: CCI-000366
+@@ -29,7 +29,7 @@ references:
      nist: CM-6(b)
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010590
 -    stigid@rhel8: RHEL-08-010590
 +    stigid@almalinux8: RHEL-08-010590
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
-index 7809a961..40fc536b 100644
+index efcf8b6b..3be724a5 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
 @@ -1,6 +1,6 @@
@@ -16231,9 +17607,9 @@ index 7809a961..40fc536b 100644
  
  title: 'Add nosuid Option to /home'
  
-@@ -39,7 +39,7 @@ references:
-     srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
+@@ -40,7 +40,7 @@ references:
      stigid@ol7: OL07-00-021000
+     stigid@ol8: OL08-00-010570
      stigid@rhel7: RHEL-07-021000
 -    stigid@rhel8: RHEL-08-010570
 +    stigid@almalinux8: RHEL-08-010570
@@ -16241,7 +17617,7 @@ index 7809a961..40fc536b 100644
      stigid@sle15: SLES-15-040140
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
-index c79dcb7d..e747cc4f 100644
+index 16d7fc54..c020eca2 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
 @@ -1,6 +1,6 @@
@@ -16252,58 +17628,58 @@ index c79dcb7d..e747cc4f 100644
  
  title: 'Add nodev Option to Non-Root Local Partitions'
  
-@@ -44,6 +44,6 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -45,6 +45,6 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010580
 -    stigid@rhel8: RHEL-08-010580
 +    stigid@almalinux8: RHEL-08-010580
  
  platform: machine
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
-index 49ad5091..b5ba8048 100644
+index 01adc4dd..2c2a8634 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804
  
  title: 'Add nodev Option to Removable Media Partitions'
  
-@@ -41,7 +41,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -43,7 +43,7 @@ references:
      nist-csf: PR.AC-3,PR.AC-6,PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010600
 -    stigid@rhel8: RHEL-08-010600
 +    stigid@almalinux8: RHEL-08-010600
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
-index f92f32e8..8b1dc171 100644
+index cb8b510e..40ec8601 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu1804
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1804
  
  title: 'Add noexec Option to Removable Media Partitions'
  
-@@ -38,7 +38,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -40,7 +40,7 @@ references:
      nist-csf: PR.AC-3,PR.AC-6,PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010610
 -    stigid@rhel8: RHEL-08-010610
 +    stigid@almalinux8: RHEL-08-010610
  
  ocil_clause: 'removable media partitions are present'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
-index 4efb84dc..98bf2aaa 100644
+index aacc7fc8..a824cca5 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
 @@ -1,6 +1,6 @@
@@ -16314,9 +17690,9 @@ index 4efb84dc..98bf2aaa 100644
  
  title: 'Add nosuid Option to Removable Media Partitions'
  
-@@ -44,7 +44,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -46,7 +46,7 @@ references:
      stigid@ol7: OL07-00-021010
+     stigid@ol8: OL08-00-010620
      stigid@rhel7: RHEL-07-021010
 -    stigid@rhel8: RHEL-08-010620
 +    stigid@almalinux8: RHEL-08-010620
@@ -16348,70 +17724,70 @@ index 022dee6d..50d8fc14 100644
  title: 'Add nosuid Option to /srv'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
-index e50df715..99b0c132 100644
+index 91d2e4b1..445580c3 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu1804
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu1804
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804
  
  title: 'Add nodev Option to /tmp'
  
-@@ -39,7 +39,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -41,7 +41,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
+     stigid@ol8: OL08-00-040123
 -    stigid@rhel8: RHEL-08-040123
 +    stigid@almalinux8: RHEL-08-040123
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
-index 7585cc6e..6f9aa511 100644
+index d256935d..aeae4648 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'Add noexec Option to /tmp'
  
-@@ -38,7 +38,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -40,7 +40,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
+     stigid@ol8: OL08-00-040125
 -    stigid@rhel8: RHEL-08-040125
 +    stigid@almalinux8: RHEL-08-040125
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
-index b8c3b7d7..3ec7f8d5 100644
+index 20a28c3e..495398f3 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu1804
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu1804
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804
  
  title: 'Add nosuid Option to /tmp'
  
-@@ -39,7 +39,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -41,7 +41,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
+     stigid@ol8: OL08-00-040124
 -    stigid@rhel8: RHEL-08-040124
 +    stigid@almalinux8: RHEL-08-040124
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
-index 983b0734..a8694cce 100644
+index ed5fb24d..bbfcb20d 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
 @@ -1,6 +1,6 @@
@@ -16422,17 +17798,17 @@ index 983b0734..a8694cce 100644
  
  title: 'Add nodev Option to /var/log/audit'
  
-@@ -31,7 +31,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -32,7 +32,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
+     stigid@ol8: OL08-00-040129
 -    stigid@rhel8: RHEL-08-040129
 +    stigid@almalinux8: RHEL-08-040129
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
-index e63c8a89..78d1fec7 100644
+index afbb7621..b68aaa18 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
 @@ -1,6 +1,6 @@
@@ -16443,17 +17819,17 @@ index e63c8a89..78d1fec7 100644
  
  title: 'Add noexec Option to /var/log/audit'
  
-@@ -29,7 +29,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -30,7 +30,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
+     stigid@ol8: OL08-00-040131
 -    stigid@rhel8: RHEL-08-040131
 +    stigid@almalinux8: RHEL-08-040131
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
-index 5de65902..fb6512c5 100644
+index 69cdfe29..51352833 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
 @@ -1,6 +1,6 @@
@@ -16464,17 +17840,17 @@ index 5de65902..fb6512c5 100644
  
  title: 'Add nosuid Option to /var/log/audit'
  
-@@ -30,7 +30,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -31,7 +31,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
+     stigid@ol8: OL08-00-040130
 -    stigid@rhel8: RHEL-08-040130
 +    stigid@almalinux8: RHEL-08-040130
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
-index c0a186c7..9b9847eb 100644
+index eacb16c9..1bbcda2d 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
 @@ -1,6 +1,6 @@
@@ -16485,17 +17861,17 @@ index c0a186c7..9b9847eb 100644
  
  title: 'Add nodev Option to /var/log'
  
-@@ -31,7 +31,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -32,7 +32,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
+     stigid@ol8: OL08-00-040126
 -    stigid@rhel8: RHEL-08-040126
 +    stigid@almalinux8: RHEL-08-040126
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
-index 53f51f64..d356c2e5 100644
+index 95af813f..35c4dd04 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
 @@ -1,6 +1,6 @@
@@ -16506,17 +17882,17 @@ index 53f51f64..d356c2e5 100644
  
  title: 'Add noexec Option to /var/log'
  
-@@ -30,7 +30,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -31,7 +31,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
+     stigid@ol8: OL08-00-040128
 -    stigid@rhel8: RHEL-08-040128
 +    stigid@almalinux8: RHEL-08-040128
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
-index a78026c9..2ad8ea6f 100644
+index cb3ea8a7..b3dfafe8 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
 @@ -1,6 +1,6 @@
@@ -16527,17 +17903,17 @@ index a78026c9..2ad8ea6f 100644
  
  title: 'Add nosuid Option to /var/log'
  
-@@ -31,7 +31,7 @@ references:
-     nist: CM-7(a),CM-7(b),CM-6(a),AC-6,AC-6(1),MP-7
+@@ -32,7 +32,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
+     stigid@ol8: OL08-00-040127
 -    stigid@rhel8: RHEL-08-040127
 +    stigid@almalinux8: RHEL-08-040127
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
-index ced6ad1d..fd4c21f5 100644
+index fc144ac6..df807e2b 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
 @@ -1,6 +1,6 @@
@@ -16573,15 +17949,15 @@ index ca3e15f3..a16ad330 100644
  title: 'Add nosuid Option to /var'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
-index 1466eff5..b49afe45 100644
+index 59e39270..5c154d33 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
 @@ -1,4 +1,4 @@
 -# platform = multi_platform_rhel,multi_platform_fedora
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
- . /usr/share/scap-security-guide/remediation_functions
- 
+ # Delete particular /etc/fstab's row if /var/tmp is already configured to
+ # represent a mount point (for some device or filesystem other than /tmp)
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml
 index 133e7727..0ec19fa7 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml
@@ -16595,63 +17971,63 @@ index 133e7727..0ec19fa7 100644
  title: 'Bind Mount /var/tmp To /tmp'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
-index bb044207..722d7a53 100644
+index 4fc4e4ef..071873cb 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu1804
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu1804
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804
  
  title: 'Add nodev Option to /var/tmp'
  
-@@ -32,7 +32,7 @@ references:
-     cis@ubuntu1804: 1.1.7
+@@ -34,7 +34,7 @@ references:
      disa: CCI-001764
      srg: SRG-OS-000368-GPOS-00154
+     stigid@ol8: OL08-00-040132
 -    stigid@rhel8: RHEL-08-040132
 +    stigid@almalinux8: RHEL-08-040132
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
-index 657ccaa5..c604f7ec 100644
+index b499ccb8..99d3ce64 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu1804
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu1804
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804
  
  title: 'Add noexec Option to /var/tmp'
  
-@@ -32,7 +32,7 @@ references:
-     cis@ubuntu1804: 1.1.9
+@@ -34,7 +34,7 @@ references:
      disa: CCI-001764
      srg: SRG-OS-000368-GPOS-00154
+     stigid@ol8: OL08-00-040134
 -    stigid@rhel8: RHEL-08-040134
 +    stigid@almalinux8: RHEL-08-040134
  
  platform: machine
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
-index d5686e4d..54531e18 100644
+index e0f00b5f..50e848be 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu1804
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu1804
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804
  
  title: 'Add nosuid Option to /var/tmp'
  
-@@ -32,7 +32,7 @@ references:
-     cis@ubuntu1804: 1.1.8
+@@ -34,7 +34,7 @@ references:
      disa: CCI-001764
      srg: SRG-OS-000368-GPOS-00154
+     stigid@ol8: OL08-00-040133
 -    stigid@rhel8: RHEL-08-040133
 +    stigid@almalinux8: RHEL-08-040133
  
@@ -16669,13 +18045,13 @@ index d9480227..554e34e0 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
-index 29bd63b8..b61ada5d 100644
+index cb2a8972..edef6641 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
-@@ -34,7 +34,7 @@ references:
-     disa: CCI-000366
+@@ -38,7 +38,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010675
 -    stigid@rhel8: RHEL-08-010675
 +    stigid@almalinux8: RHEL-08-010675
  
@@ -16693,13 +18069,13 @@ index d9480227..554e34e0 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
-index fc23ce0a..538f7f37 100644
+index ede0cc9e..9ad57977 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
-@@ -30,7 +30,7 @@ references:
-     disa: CCI-000366
+@@ -34,7 +34,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010674
 -    stigid@rhel8: RHEL-08-010674
 +    stigid@almalinux8: RHEL-08-010674
  
@@ -16727,28 +18103,28 @@ index 41cbd119..481afa58 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
-index 09ad7d43..b5418dc6 100644
+index f61b48fc..3916b7cd 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu2004
-+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu2004
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
  
  title: 'Disable Core Dumps for All Users'
  
-@@ -34,7 +34,7 @@ references:
-     iso27001-2013: A.12.1.3,A.17.2.1
+@@ -38,7 +38,7 @@ references:
      nist-csf: DE.CM-1,PR.DS-4
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010673
 -    stigid@rhel8: RHEL-08-010673
 +    stigid@almalinux8: RHEL-08-010673
  
  ocil_clause: 'it is not'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
-index 9524302e..c384e918 100644
+index 1dfdc3d2..00805dfe 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -16759,23 +18135,23 @@ index 9524302e..c384e918 100644
  
  title: 'Disable acquiring, saving, and processing core dumps'
  
-@@ -27,7 +27,7 @@ references:
-     disa: CCI-000366
+@@ -29,7 +29,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010672
 -    stigid@rhel8: RHEL-08-010672
 +    stigid@almalinux8: RHEL-08-010672
  
  ocil_clause: unit systemd-coredump.socket is not masked or running
  
 diff --git a/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/bash/shared.sh b/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/bash/shared.sh
-index f689f4b2..34430b60 100644
+index a51038bb..13f289b8 100644
 --- a/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/bash/shared.sh
 @@ -1,4 +1,4 @@
 -# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
 +# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
- . /usr/share/scap-security-guide/remediation_functions
+ 
  {{{ bash_instantiate_variables("var_umask_for_daemons") }}}
  
 diff --git a/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/rule.yml b/linux_os/guide/system/permissions/restrictions/daemon_umask/umask_for_daemons/rule.yml
@@ -16814,13 +18190,13 @@ index 415b0486..02b1e991 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
-index bb3cf0ba..53b0c98a 100644
+index 0bc8511f..6f33bcaa 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
-@@ -27,7 +27,7 @@ references:
-     nerc-cip: CIP-002-3 R1.1,CIP-002-3 R1.2,CIP-003-3 R5.1.1,CIP-003-3 R5.3,CIP-004-3 4.1,CIP-004-3 4.2,CIP-004-3 R2.2.3,CIP-004-3 R2.2.4,CIP-004-3 R2.3,CIP-004-3 R4,CIP-005-3a R1,CIP-005-3a R1.1,CIP-005-3a R1.2,CIP-007-3 R3,CIP-007-3 R3.1,CIP-007-3 R5.1,CIP-007-3 R5.1.2,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3,CIP-007-3 R8.4,CIP-009-3 R.1.1,CIP-009-3 R4
+@@ -28,7 +28,7 @@ references:
      nist: SC-30,SC-30(2),SC-30(5),CM-6(a)
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000433-GPOS-00192,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040283
 -    stigid@rhel8: RHEL-08-040283
 +    stigid@almalinux8: RHEL-08-040283
      stigid@sle12: SLES-12-030320
@@ -16838,12 +18214,12 @@ index 7a4c107b..22e20912 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
-index 852c9023..11e13949 100644
+index 805bf34b..c7ebb832 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
-@@ -34,7 +34,7 @@ references:
-     srg: SRG-OS-000433-GPOS-00193,SRG-OS-000480-GPOS-00227
+@@ -37,7 +37,7 @@ references:
      stigid@ol7: OL07-00-040201
+     stigid@ol8: OL08-00-010430
      stigid@rhel7: RHEL-07-040201
 -    stigid@rhel8: RHEL-08-010430
 +    stigid@almalinux8: RHEL-08-010430
@@ -16851,39 +18227,62 @@ index 852c9023..11e13949 100644
      stigid@sle15: SLES-15-010550
      stigid@ubuntu2004: UBTU-20-010448
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
-index 2176a0bb..12fde141 100644
+index fabf9f88..7834d0ea 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
  
  title: 'Enable NX or XD Support in the BIOS'
  
-@@ -32,6 +32,6 @@ references:
-     nist: SC-39,CM-6(a)
+@@ -37,7 +37,7 @@ references:
      nist-csf: PR.IP-1
      srg: SRG-OS-000433-GPOS-00192
+     stigid@ol8: OL08-00-010420
 -    stigid@rhel8: RHEL-08-010420
 +    stigid@almalinux8: RHEL-08-010420
+     stigid@ubuntu2004: UBTU-20-010447
  
  platform: machine
+diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
+index 2df5dfbe..bfb97daf 100755
+--- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
++++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ # remediation = none
+ 
+ cp /proc/cpuinfo /tmp/cpuinfo
+diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
+index 37f4870f..1d82fec3 100755
+--- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
++++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ # remediation = none
+ 
+ cp /proc/cpuinfo /tmp/cpuinfo
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/install_PAE_kernel_on_x86-32/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_nx/install_PAE_kernel_on_x86-32/rule.yml
-index 48e4b420..2c608f53 100644
+index 88ffe875..e0f80820 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_nx/install_PAE_kernel_on_x86-32/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_nx/install_PAE_kernel_on_x86-32/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
  
  title: 'Install PAE Kernel on Supported 32-bit x86 Systems'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
-index 66899c63..82e5f8bb 100644
+index 1ad6c6b3..25b0ffd9 100644
 --- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
 @@ -1,6 +1,6 @@
@@ -16895,28 +18294,16 @@ index 66899c63..82e5f8bb 100644
  title: 'Enable page allocator poisoning'
  
 @@ -29,7 +29,7 @@ references:
-     disa: CCI-001084
      nist: CM-6(a)
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
+     stigid@ol8: OL08-00-010421
 -    stigid@rhel8: RHEL-08-010421
 +    stigid@almalinux8: RHEL-08-010421
  
  ocil_clause: 'page allocator poisoning is not enabled'
  
-@@ -56,9 +56,9 @@ warnings:
-         
    ~]# grub2-mkconfig -o {{{ grub2_boot_path }}}/grub.cfg
    
-         
  • On UEFI-based machines, issue the following command as root:
- {{% if product in ["rhel7", "rhel8", "ol7", "ol8"] %}}
--        
    ~]# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
    • 
-+        
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% else %}}
--        
    ~]# grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
    
-+        
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% endif %}}
-         
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
-index 9d90eaa5..61bdf449 100644
+index e40f5377..9c93f7d0 100644
 --- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
 @@ -1,6 +1,6 @@
@@ -16928,26 +18315,14 @@ index 9d90eaa5..61bdf449 100644
  title: 'Enable SLUB/SLAB allocator poisoning'
  
 @@ -29,7 +29,7 @@ references:
-     disa: CCI-001084
      nist: CM-6(a)
      srg: SRG-OS-000433-GPOS-00192,SRG-OS-000134-GPOS-00068
+     stigid@ol8: OL08-00-010423
 -    stigid@rhel8: RHEL-08-010423
 +    stigid@almalinux8: RHEL-08-010423
  
  ocil_clause: 'SLUB/SLAB poisoning is not enabled'
  
-@@ -56,9 +56,9 @@ warnings:
-         
    ~]# grub2-mkconfig -o {{{ grub2_boot_path }}}/grub.cfg
    
-         
  • On UEFI-based machines, issue the following command as root:
- {{% if product in ["rhel7", "rhel8", "ol7", "ol8"] %}}
--        
    ~]# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
    • 
-+        
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% else %}}
--        
    ~]# grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
    
-+        
    ~]# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
    
- {{% endif %}}
-         
- 
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
 index 88c68344..fa9b2020 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
@@ -16960,7 +18335,7 @@ index 88c68344..fa9b2020 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-index 4a8bf79e..ed7b7927 100644
+index efbcaa13..f9ba918e 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
 @@ -1,6 +1,6 @@
@@ -16971,10 +18346,10 @@ index 4a8bf79e..ed7b7927 100644
  
  title: 'Disable storing core dumps'
  
-@@ -22,7 +22,7 @@ references:
-     disa: CCI-000366
+@@ -24,7 +24,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010671
 -    stigid@rhel8: RHEL-08-010671
 +    stigid@almalinux8: RHEL-08-010671
  
@@ -16992,7 +18367,7 @@ index 36e025cc..e97acde1 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
-index 434a87a1..8b1daa2f 100644
+index e21ace56..9305a888 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
 @@ -1,6 +1,6 @@
@@ -17003,10 +18378,10 @@ index 434a87a1..8b1daa2f 100644
  
  title: 'Restrict Access to Kernel Message Buffer'
  
-@@ -25,7 +25,7 @@ references:
-     hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3),164.308(a)(4),164.310(b),164.310(c),164.312(a),164.312(e)
+@@ -27,7 +27,7 @@ references:
      nist: SI-11(a),SI-11(b)
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069
+     stigid@ol8: OL08-00-010375
 -    stigid@rhel8: RHEL-08-010375
 +    stigid@almalinux8: RHEL-08-010375
  
@@ -17024,7 +18399,7 @@ index 505b3c12..cdf18e6d 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
-index d677fd62..42b854b0 100644
+index 1fb1ef38..cc928d9d 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -17035,10 +18410,10 @@ index d677fd62..42b854b0 100644
  
  title: 'Disable Kernel Image Loading'
  
-@@ -21,7 +21,7 @@ identifiers:
- references:
-     disa: CCI-001749
+@@ -23,7 +23,7 @@ references:
+     nist: CM-6
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000366-GPOS-00153
+     stigid@ol8: OL08-00-010372
 -    stigid@rhel8: RHEL-08-010372
 +    stigid@almalinux8: RHEL-08-010372
  
@@ -17092,7 +18467,7 @@ index 0541e59a..50020c28 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
-index 77eeb2e7..acfac8ca 100644
+index 136f3b39..a49ce809 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
 @@ -1,6 +1,6 @@
@@ -17103,10 +18478,10 @@ index 77eeb2e7..acfac8ca 100644
  
  title: 'Disallow kernel profiling by unprivileged users'
  
-@@ -22,7 +22,7 @@ references:
-     disa: CCI-001090
+@@ -24,7 +24,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069
+     stigid@ol8: OL08-00-010376
 -    stigid@rhel8: RHEL-08-010376
 +    stigid@almalinux8: RHEL-08-010376
  
@@ -17148,7 +18523,7 @@ index 2e24d921..7b706bb3 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
-index 6e5576ed..8dc759a4 100644
+index e45cfd16..2958b708 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -17159,10 +18534,10 @@ index 6e5576ed..8dc759a4 100644
  
  title: 'Disable Access to Network bpf() Syscall From Unprivileged Processes'
  
-@@ -22,7 +22,7 @@ references:
-     disa: CCI-000366
+@@ -24,7 +24,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040281
 -    stigid@rhel8: RHEL-08-040281
 +    stigid@almalinux8: RHEL-08-040281
  
@@ -17180,7 +18555,7 @@ index ceafd483..7006e206 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
-index 7ef5b5ed..7e6a20b0 100644
+index 6b3f295e..d39a9e6f 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
 @@ -1,6 +1,6 @@
@@ -17191,10 +18566,10 @@ index 7ef5b5ed..7e6a20b0 100644
  
  title: 'Restrict usage of ptrace to descendant processes'
  
-@@ -24,7 +24,7 @@ references:
-     anssi: BP28(R25)
-     disa: CCI-000366
+@@ -26,7 +26,7 @@ references:
+     nist: SC-7(10)
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040282
 -    stigid@rhel8: RHEL-08-040282
 +    stigid@almalinux8: RHEL-08-040282
  
@@ -17212,7 +18587,7 @@ index 7519b774..af6c30ab 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
-index 31b7183b..755c1b4d 100644
+index 173e8678..25cfa284 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
 @@ -1,6 +1,6 @@
@@ -17223,10 +18598,10 @@ index 31b7183b..755c1b4d 100644
  
  title: 'Harden the operation of the BPF just-in-time compiler'
  
-@@ -23,7 +23,7 @@ references:
-     nist: CM-6b
+@@ -24,7 +24,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040286
 -    stigid@rhel8: RHEL-08-040286
 +    stigid@almalinux8: RHEL-08-040286
  
@@ -17244,7 +18619,7 @@ index fdd4fb83..3274d5b3 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
-index 2e11533e..856045df 100644
+index 7671cca5..bf75a83b 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
 @@ -1,6 +1,6 @@
@@ -17255,10 +18630,10 @@ index 2e11533e..856045df 100644
  
  title: 'Disable the use of user namespaces'
  
-@@ -31,7 +31,7 @@ references:
-     nist: SC-39,CM-6(a)
+@@ -32,7 +32,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040284
 -    stigid@rhel8: RHEL-08-040284
 +    stigid@almalinux8: RHEL-08-040284
  
@@ -17277,7 +18652,7 @@ index 93a11ee5..61e87801 100644
  title: 'Prevent applications from mapping low portion of virtual memory'
  
 diff --git a/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml b/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml
-index 297512e4..32f67ae3 100644
+index 352e1c4e..5b4baa10 100644
 --- a/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml
 +++ b/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml
 @@ -1,6 +1,6 @@
@@ -17309,7 +18684,7 @@ index 735354a2..0c13b196 100644
  sed -i --follow-symlinks "s/selinux=0//gI" /etc/default/grub /etc/grub2.cfg /etc/grub.d/*
  sed -i --follow-symlinks "s/enforcing=0//gI" /etc/default/grub /etc/grub2.cfg /etc/grub.d/*
 diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml b/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
-index a313831b..e1532946 100644
+index 27903c9e..0bb95ceb 100644
 --- a/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
 +++ b/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
 @@ -1,6 +1,6 @@
@@ -17332,6 +18707,28 @@ index d38f1829..c6e06cb7 100644
  
  title: 'Install libselinux Package'
  
+diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-installed-removed.fail.sh b/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-installed-removed.fail.sh
+index ea0437f5..8759a6ce 100644
+--- a/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-installed-removed.fail.sh
++++ b/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-installed-removed.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ 
+ # Package libselinux cannot be uninstalled normally
+ # as it would cause removal of sudo package which is
+diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-removed.fail.sh b/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-removed.fail.sh
+index ea0437f5..8759a6ce 100644
+--- a/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-removed.fail.sh
++++ b/linux_os/guide/system/selinux/package_libselinux_installed/tests/package-removed.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ 
+ # Package libselinux cannot be uninstalled normally
+ # as it would cause removal of sudo package which is
 diff --git a/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml b/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
 index 81f72105..f5fa640c 100644
 --- a/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
@@ -17357,7 +18754,7 @@ index 74c92194..4bf954c8 100644
  title: 'Install policycoreutils-python-utils package'
  
 diff --git a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
-index 759f453f..b73935e5 100644
+index f16a8ebe..e41c2c37 100644
 --- a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
 +++ b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -17368,10 +18765,10 @@ index 759f453f..b73935e5 100644
  
  title: 'Install policycoreutils Package'
  
-@@ -31,7 +31,7 @@ identifiers:
- references:
+@@ -32,7 +32,7 @@ references:
      disa: CCI-001084
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010171
 -    stigid@rhel8: RHEL-08-010171
 +    stigid@almalinux8: RHEL-08-010171
  
@@ -17414,38 +18811,38 @@ index 8992283a..f6cabc95 100644
  title: 'Uninstall setroubleshoot Package'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_anon_write/rule.yml
-index 90434f6a..83e9bad0 100644
+index 8cf0b59e..d09e423c 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_anon_write/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: rhel7,rhel8,rhv4
++prodtype: rhel7,rhel8,almalinux8,rhv4
  
  title: 'Disable the abrt_anon_write SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_handle_event/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_handle_event/rule.yml
-index 6f00cc5d..56f78524 100644
+index 96a33aa5..0446f71e 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_handle_event/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_handle_event/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: rhel7,rhel8,rhv4
++prodtype: rhel7,rhel8,almalinux8,rhv4
  
  title: 'Disable the abrt_handle_event SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_upload_watch_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_upload_watch_anon_write/rule.yml
-index 6aedbd4b..7fc72b46 100644
+index 8bb491c3..6bea1884 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_upload_watch_anon_write/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_abrt_upload_watch_anon_write/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8,rhel9,rhv4
-+prodtype: rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: rhel7,rhel8,rhv4
++prodtype: rhel7,rhel8,almalinux8,rhv4
  
  title: 'Disable the abrt_upload_watch_anon_write SELinux Boolean'
  
@@ -19958,38 +21355,38 @@ index d9918450..702adbee 100644
  title: 'Configure the selinuxuser_direct_dri_enabled SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
-index 79a5c0ec..d21be051 100644
+index dd87bfe5..313e4ef6 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Disable the selinuxuser_execheap SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
-index f90ef118..bb0a2d7a 100644
+index 26617b23..85eef9d2 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Enable the selinuxuser_execmod SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
-index 7ae9bd9d..c8718a3b 100644
+index 4a78c892..13b80855 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'disable the selinuxuser_execstack SELinux Boolean'
  
@@ -20210,7 +21607,7 @@ index 5ab6b17e..ac0457bf 100644
  title: 'Disable the ssh_keysign SELinux Boolean'
  
 diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
-index f4b47393..96a9c991 100644
+index d54bcf54..e44a05c6 100644
 --- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
 @@ -1,6 +1,6 @@
@@ -20978,7 +22375,7 @@ index 50bd7f11..32b95cf4 100644
  title: 'Ensure No Device Files are Unlabeled by SELinux'
  
 diff --git a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
-index 6fb4c686..317b0949 100644
+index e71e50c8..12868974 100644
 --- a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
 @@ -1,6 +1,6 @@
@@ -21000,7 +22397,7 @@ index 73e6ec7c..def4c28a 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh b/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
-index d84c8acc..c4fec2c4 100644
+index 3b546bd8..2daf4ad9 100644
 --- a/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
 +++ b/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -21010,7 +22407,7 @@ index d84c8acc..c4fec2c4 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
-index cb717027..a5327538 100644
+index e3400c0b..87490406 100644
 --- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
 @@ -1,6 +1,6 @@
@@ -21021,9 +22418,9 @@ index cb717027..a5327538 100644
  
  title: 'Configure SELinux Policy'
  
-@@ -51,7 +51,7 @@ references:
-     srg: SRG-OS-000445-GPOS-00199
+@@ -53,7 +53,7 @@ references:
      stigid@ol7: OL07-00-020220
+     stigid@ol8: OL08-00-010450
      stigid@rhel7: RHEL-07-020220
 -    stigid@rhel8: RHEL-08-010450
 +    stigid@almalinux8: RHEL-08-010450
@@ -21041,7 +22438,7 @@ index 1c1560a8..fc86b614 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_state/bash/shared.sh b/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
-index 5286da83..9edb7521 100644
+index 32baf94a..87ff017b 100644
 --- a/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
 +++ b/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -21051,12 +22448,12 @@ index 5286da83..9edb7521 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_state/rule.yml b/linux_os/guide/system/selinux/selinux_state/rule.yml
-index 94c21d9f..9ac4232a 100644
+index 5fada777..60201297 100644
 --- a/linux_os/guide/system/selinux/selinux_state/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_state/rule.yml
-@@ -43,7 +43,7 @@ references:
-     srg: SRG-OS-000445-GPOS-00199
+@@ -45,7 +45,7 @@ references:
      stigid@ol7: OL07-00-020210
+     stigid@ol8: OL08-00-010170
      stigid@rhel7: RHEL-07-020210
 -    stigid@rhel8: RHEL-08-010170
 +    stigid@almalinux8: RHEL-08-010170
@@ -21076,7 +22473,7 @@ index 8cf3c25c..0e9cad5e 100644
  title: 'Map System Users To The Appropriate SELinux Role'
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
-index cd07fb4c..c1a61ece 100644
+index 13231dc2..1e424769 100644
 --- a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
 @@ -1,6 +1,6 @@
@@ -21087,17 +22484,17 @@ index cd07fb4c..c1a61ece 100644
  
  title: 'Encrypt Partitions'
  
-@@ -71,7 +71,7 @@ references:
-     nist@sle12: SC-28,SC-28.1
+@@ -72,7 +72,7 @@ references:
      nist@sle15: SC-28,SC-28.1
      srg: SRG-OS-000405-GPOS-00184,SRG-OS-000185-GPOS-00079,SRG-OS-000404-GPOS-00183
+     stigid@ol8: OL08-00-010030
 -    stigid@rhel8: RHEL-08-010030
 +    stigid@almalinux8: RHEL-08-010030
      stigid@sle12: SLES-12-010450
      stigid@sle15: SLES-15-010330
      stigid@ubuntu2004: UBTU-20-010414
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml
-index ab0fcaab..d4b587a3 100644
+index 92f8f073..aa67ffb9 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_boot/rule.yml
 @@ -1,6 +1,6 @@
@@ -21109,12 +22506,12 @@ index ab0fcaab..d4b587a3 100644
  title: 'Ensure /boot Located On Separate Partition'
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
-index 6c85e419..65562069 100644
+index 24b86b58..0260413c 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
-@@ -41,7 +41,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -43,7 +43,7 @@ references:
      stigid@ol7: OL07-00-021310
+     stigid@ol8: OL08-00-010800
      stigid@rhel7: RHEL-07-021310
 -    stigid@rhel8: RHEL-08-010800
 +    stigid@almalinux8: RHEL-08-010800
@@ -21122,7 +22519,7 @@ index 6c85e419..65562069 100644
      stigid@sle15: SLES-15-040200
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml
-index 2c0e346b..f6f7f74c 100644
+index 44c81100..975c95c1 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_opt/rule.yml
 @@ -1,6 +1,6 @@
@@ -21134,12 +22531,12 @@ index 2c0e346b..f6f7f74c 100644
  title: 'Ensure /opt Located On Separate Partition'
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
-index 9689439f..27779714 100644
+index c4951c5a..b26d26ef 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
-@@ -36,7 +36,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -38,7 +38,7 @@ references:
      stigid@ol7: OL07-00-021340
+     stigid@ol8: OL08-00-010543
      stigid@rhel7: RHEL-07-021340
 -    stigid@rhel8: RHEL-08-010543
 +    stigid@almalinux8: RHEL-08-010543
@@ -21147,7 +22544,7 @@ index 9689439f..27779714 100644
  {{{ complete_ocil_entry_separate_partition(part="/tmp") }}}
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml
-index 0956cb88..26784d02 100644
+index 4620f4be..9d08de15 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_usr/rule.yml
 @@ -1,6 +1,6 @@
@@ -21159,12 +22556,12 @@ index 0956cb88..26784d02 100644
  title: 'Ensure /usr Located On Separate Partition'
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
-index 882d5138..1ec35261 100644
+index 69928762..17f62056 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
-@@ -40,7 +40,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -42,7 +42,7 @@ references:
      stigid@ol7: OL07-00-021320
+     stigid@ol8: OL08-00-010540
      stigid@rhel7: RHEL-07-021320
 -    stigid@rhel8: RHEL-08-010540
 +    stigid@almalinux8: RHEL-08-010540
@@ -21172,25 +22569,25 @@ index 882d5138..1ec35261 100644
      stigid@sle15: SLES-15-040210
      vmmsrg: SRG-OS-000341-VMM-001220
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
-index d2d9ce90..a47b87b8 100644
+index dcdacb63..06acac74 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
-@@ -37,7 +37,7 @@ references:
-     nist: CM-6(a),AU-4,SC-5(2)
+@@ -38,7 +38,7 @@ references:
      nist-csf: PR.PT-1,PR.PT-4
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010541
 -    stigid@rhel8: RHEL-08-010541
 +    stigid@almalinux8: RHEL-08-010541
  
  {{{ complete_ocil_entry_separate_partition(part="/var/log") }}}
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
-index cd6d83c8..d46302a3 100644
+index 6f71a8b6..7d0b7b8d 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
-@@ -45,7 +45,7 @@ references:
-     srg: SRG-OS-000341-GPOS-00132,SRG-OS-000480-GPOS-00227
+@@ -47,7 +47,7 @@ references:
      stigid@ol7: OL07-00-021330
+     stigid@ol8: OL08-00-010542
      stigid@rhel7: RHEL-07-021330
 -    stigid@rhel8: RHEL-08-010542
 +    stigid@almalinux8: RHEL-08-010542
@@ -21198,21 +22595,21 @@ index cd6d83c8..d46302a3 100644
      stigid@sle15: SLES-15-030810
      vmmsrg: SRG-OS-000341-VMM-001220
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
-index d57c0f0c..1fe7a6d5 100644
+index dbacf978..07d434ef 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu1804,ubuntu2004
-+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle15,ubuntu1804,ubuntu2004
+-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004
++prodtype: ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004
  
  title: 'Ensure /var/tmp Located On Separate Partition'
  
-@@ -30,7 +30,7 @@ references:
-     cis@ubuntu1804: 1.1.6
+@@ -32,7 +32,7 @@ references:
      cis@ubuntu2004: 1.1.11
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010544
 -    stigid@rhel8: RHEL-08-010544
 +    stigid@almalinux8: RHEL-08-010544
  
@@ -21228,7 +22625,7 @@ index d24ad613..78e4f65c 100644
  
  dconf update
 diff --git a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
-index 2f0ab6a9..8b64b916 100644
+index dae8d1ca..3f63eddb 100644
 --- a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
 +++ b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
 @@ -1,6 +1,6 @@
@@ -21318,7 +22715,7 @@ index ce44e98c..1f66017c 100644
  title: 'Enable the GNOME3 Login Smartcard Authentication'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
-index 4b5b1f9e..3a89e3fa 100644
+index 79e90887..921cfd53 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
 @@ -1,6 +1,6 @@
@@ -21329,10 +22726,10 @@ index 4b5b1f9e..3a89e3fa 100644
  
  title: 'Enable the GNOME3 Screen Locking On Smartcard Removal'
  
-@@ -32,7 +32,7 @@ identifiers:
- references:
+@@ -33,7 +33,7 @@ references:
      disa: CCI-000056
      srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
+     stigid@ol8: OL08-00-020050
 -    stigid@rhel8: RHEL-08-020050
 +    stigid@almalinux8: RHEL-08-020050
  
@@ -21361,46 +22758,36 @@ index baf8f8a1..6bede2b8 100644
  title: 'Set the GNOME3 Login Number of Failures'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
-index 189dace9..312c3526 100644
+index 6b19c813..1f656f5a 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/bash/shared.sh
-index 63faca98..b6bf6e6e 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol
- 
- if rpm --quiet -q gdm
- then
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
-index 98d000a2..f9b9a04d 100644
+index 3aa2491e..0dfb7988 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Disable GDM Automatic Login'
  
 @@ -39,7 +39,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00229
      stigid@ol7: OL07-00-010440
+     stigid@ol8: OL08-00-010820
      stigid@rhel7: RHEL-07-010440
 -    stigid@rhel8: RHEL-08-010820
 +    stigid@almalinux8: RHEL-08-010820
-     stigid@sle12: SLES-12-010380
  
  ocil_clause: 'GDM allows users to automatically login'
+ 
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
 index ef2933c5..0d72f6f6 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
@@ -21453,16 +22840,6 @@ index 60417ff4..0af05e79 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/bash/shared.sh
-index 140c1cfc..9ba03ca1 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol
- 
- 
- {{{ bash_dconf_settings("org/gnome/desktop/media-handling", "automount", "false", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
 index a5271bc5..9e0dc115 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
@@ -21485,16 +22862,6 @@ index ac168ef9..69ecfa6a 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/bash/shared.sh
-index 7e2c64e5..fc18909f 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol
- 
- 
- {{{ bash_dconf_settings("org/gnome/desktop/media-handling", "automount-open", "false", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
 index 8283802e..0612d84c 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
@@ -21517,16 +22884,6 @@ index 51e4063c..3591b726 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/bash/shared.sh
-index 97a63e90..ae5872e4 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol
- 
- 
- {{{ bash_dconf_settings("org/gnome/desktop/media-handling", "autorun-never", "true", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
 index efefee40..198fd42b 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
@@ -21549,16 +22906,6 @@ index d9084479..bd866343 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/bash/shared.sh
-index 66768c6d..39bfef95 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- 
- {{{ bash_dconf_settings("org/gnome/desktop/thumbnailers", "disable-all", "true", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
 index cfaad53a..94454d77 100644
 --- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
@@ -21581,16 +22928,6 @@ index d82d2741..d7eca57d 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/bash/shared.sh
-index 9cc91fdc..6a1abf0d 100644
---- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- 
- 
- {{{ bash_dconf_settings("org/gnome/nm-applet", "disable-wifi-create", "true", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml
 index 739ce837..82376091 100644
 --- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml
@@ -21613,16 +22950,6 @@ index 416732d6..dfd0a49e 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/bash/shared.sh
-index 49e3f7e6..60d65868 100644
---- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- 
- 
- {{{ bash_dconf_settings("org/gnome/nm-applet", "suppress-wireless-networks-available", "true", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml
 index 0d8eb600..96d42b6b 100644
 --- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml
@@ -21636,98 +22963,68 @@ index 0d8eb600..96d42b6b 100644
  title: 'Disable WIFI Network Notification in GNOME3'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
-index 809ef3f0..75d3cb88 100644
+index 09eed836..601191b4 100644
 --- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/bash/shared.sh
-index cfc0001b..78509b32 100644
---- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol
- 
- 
- {{{ bash_dconf_settings("org/gnome/Vino", "authentication-methods", "['vnc']", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
-index 084253ec..fbe7c8e1 100644
+index cdf4c645..d27c6c8e 100644
 --- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15
  
  title: 'Require Credential Prompting for Remote Access in GNOME3'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
-index 74bd3c9d..1b9c33c8 100644
+index bf1efbe6..efa5b96a 100644
 --- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/bash/shared.sh
-index b10508ed..ea64385e 100644
---- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol
- 
- 
- {{{ bash_dconf_settings("org/gnome/Vino", "require-encryption", "true", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
-index 3ad1ce2f..6dd55745 100644
+index fd5f0a6d..af0de315 100644
 --- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15
  
  title: 'Require Encryption for Remote Access in GNOME3'
  
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
-index c9dcad48..4f475886 100644
+index f7c7b437..95781d5a 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/bash/shared.sh
-index 9c89da66..1386946e 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol
- 
- 
- {{{ bash_dconf_settings("org/gnome/desktop/screensaver", "idle-activation-enabled", "true", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
-index 459747a2..93842287 100644
+index 5c131548..9ea4dce0 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle15
  
  title: 'Enable GNOME3 Screensaver Idle Activation'
  
@@ -21741,16 +23038,6 @@ index d3f144c8..ae170b80 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/bash/shared.sh
-index 59a3bafa..d3c18c8d 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol,multi_platform_fedora
- 
- 
- {{{ bash_dconf_lock("org/gnome/desktop/screensaver", "idle-activation-enabled", "local.d", "00-security-settings-lock") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml
 index b94df803..aaa45d94 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml
@@ -21773,18 +23060,8 @@ index 962fff57..bf9af4c0 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/bash/shared.sh
-index ab0462e5..e9b3f8c1 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol
- . /usr/share/scap-security-guide/remediation_functions
- {{{ bash_instantiate_variables("inactivity_timeout_value") }}}
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
-index 56f4436b..cace974d 100644
+index 905c5680..1bc2c210 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
 @@ -1,6 +1,6 @@
@@ -21795,9 +23072,9 @@ index 56f4436b..cace974d 100644
  
  title: 'Set GNOME3 Screensaver Inactivity Timeout'
  
-@@ -53,7 +53,7 @@ references:
-     srg: SRG-OS-000029-GPOS-00010
+@@ -54,7 +54,7 @@ references:
      stigid@ol7: OL07-00-010070
+     stigid@ol8: OL08-00-020060
      stigid@rhel7: RHEL-07-010070
 -    stigid@rhel8: RHEL-08-020060
 +    stigid@almalinux8: RHEL-08-020060
@@ -21814,16 +23091,6 @@ index ab219dc4..e303520d 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/bash/shared.sh
-index 5c37b1d9..8d6c0e21 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol
- . /usr/share/scap-security-guide/remediation_functions
- {{{ bash_instantiate_variables("var_screensaver_lock_delay") }}}
- 
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
 index 46d19003..1b2e9db5 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
@@ -21846,18 +23113,8 @@ index 292bcf8f..bdba6192 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/bash/shared.sh
-index 5a516b50..3b749d90 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol
- 
- 
- {{{ bash_dconf_settings("org/gnome/desktop/screensaver", "lock-enabled", "true", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
-index 49f1d387..e966e091 100644
+index e84a95f7..c2048973 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -21868,9 +23125,9 @@ index 49f1d387..e966e091 100644
  
  title: 'Enable GNOME3 Screensaver Lock After Idle Period'
  
-@@ -55,7 +55,7 @@ references:
-     srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
+@@ -56,7 +56,7 @@ references:
      stigid@ol7: OL07-00-010060
+     stigid@ol8: OL08-00-020030
      stigid@rhel7: RHEL-07-010060
 -    stigid@rhel8: RHEL-08-020030
 +    stigid@almalinux8: RHEL-08-020030
@@ -21887,16 +23144,6 @@ index 34ff91ab..875abf68 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/bash/shared.sh
-index ea46be4f..4385f506 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol,multi_platform_fedora
- 
- 
- {{{ bash_dconf_lock("org/gnome/desktop/screensaver", "lock-enabled", "local.d", "00-security-settings-lock") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
 index 4b9770e1..04dea645 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
@@ -21919,16 +23166,6 @@ index 4dbe2b3c..7313b6bc 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/bash/shared.sh
-index 19666f52..d1c6eaeb 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- 
- {{{ bash_dconf_settings("org/gnome/desktop/screensaver", "picture-uri", "string ''", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
 index 4ac56470..d16064f2 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
@@ -21951,16 +23188,6 @@ index 606e00c5..792db4ca 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/bash/shared.sh
-index 9e563568..b81d73fd 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol
- 
- 
- {{{ bash_dconf_settings("org/gnome/desktop/screensaver", "show-full-name-in-top-bar", "false", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
 index 9f86c7ed..556d1227 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
@@ -21983,16 +23210,6 @@ index ed7d9884..a41cb715 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/bash/shared.sh
-index 7e540988..6baf65b4 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol
- 
- 
- {{{ bash_dconf_lock("org/gnome/desktop/screensaver", "lock-delay", "local.d", "00-security-settings-lock") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
 index d0173ce6..66020289 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
@@ -22015,16 +23232,6 @@ index aae97c96..18c7ec75 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/bash/shared.sh
-index 8f4922b5..3478e9c9 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol
- 
- 
- {{{ bash_dconf_lock("org/gnome/desktop/session", "idle-delay", "local.d", "00-security-settings-lock") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
 index cbe3e082..5d4750c7 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
@@ -22047,18 +23254,8 @@ index 76181547..eb340cb5 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/bash/shared.sh
-index 6bdb2e67..8218dfbe 100644
---- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,multi_platform_ol
- 
- 
- {{{ bash_dconf_settings("org/gnome/settings-daemon/plugins/media-keys", "logout", "''", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
-index 36e7ed1e..9b192608 100644
+index 818e00cb..681d5e7d 100644
 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
 @@ -1,6 +1,6 @@
@@ -22069,9 +23266,9 @@ index 36e7ed1e..9b192608 100644
  
  title: 'Disable Ctrl-Alt-Del Reboot Key Sequence in GNOME3'
  
-@@ -46,7 +46,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -47,7 +47,7 @@ references:
      stigid@ol7: OL07-00-020231
+     stigid@ol8: OL08-00-040171
      stigid@rhel7: RHEL-07-020231
 -    stigid@rhel8: RHEL-08-040171
 +    stigid@almalinux8: RHEL-08-040171
@@ -22088,16 +23285,6 @@ index 71f1ed93..19e07ca5 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/bash/shared.sh
-index ffa7d125..4bca3f4d 100644
---- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8
-+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8
- 
- 
- {{{ bash_dconf_settings("org/gnome/system/location", "enabled", "false", "local.d", "00-security-settings") }}}
 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml
 index 051d4f13..b9def751 100644
 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml
@@ -22160,14 +23347,14 @@ index 65a915de..e6a694e9 100644
  title: 'Remove the GDM Package Group'
  
 diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
-index 56edcdee..6251f5f9 100644
+index d27f6bf0..2198a8a4 100644
 --- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
 +++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,wrlinux8,ubuntu1604,ubuntu1804,ubuntu2004,wrlinux1019
-+prodtype: fedora,rhcos4,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,wrlinux8,ubuntu1604,ubuntu1804,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,wrlinux1019,wrlinux8
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,wrlinux1019,wrlinux8
  
  title: 'The Installed Operating System Is FIPS 140-2 Certified'
  
@@ -22184,7 +23371,7 @@ index 931be7e8..17fe400d 100644
        
        
 diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
-index dc40925c..3ffb4713 100644
+index 61ec677f..ae972fd5 100644
 --- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
 +++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
 @@ -1,6 +1,6 @@
@@ -22205,16 +23392,16 @@ index dc40925c..3ffb4713 100644
  {{% else %}}
      Red Hat Enterprise Linux is supported by Red Hat, Inc. As the Red Hat Enterprise
      Linux vendor, Red Hat, Inc. is responsible for providing security patches.
-@@ -48,7 +51,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -49,7 +52,7 @@ references:
      stigid@ol7: OL07-00-020250
+     stigid@ol8: OL08-00-010000
      stigid@rhel7: RHEL-07-020250
 -    stigid@rhel8: RHEL-08-010000
 +    stigid@almalinux8: RHEL-08-010000
      stigid@sle12: SLES-12-010000
      stigid@sle15: SLES-15-010000
  
-@@ -61,6 +64,8 @@ ocil: |-
+@@ -62,6 +65,8 @@ ocil: |-
      
    $ grep -i "red hat" /etc/redhat-release
    
  {{% elif product in ["ol7", "ol8"] %}}
      
    $ grep -i "oracle" /etc/oracle-release
    
@@ -22224,7 +23411,7 @@ index dc40925c..3ffb4713 100644
      
    $ grep -i "suse" /etc/os-release
    
  {{% endif %}}
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
-index 5484e11a..69ca3426 100644
+index 0b5d756b..07225621 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
@@ -22235,6 +23422,15 @@ index 5484e11a..69ca3426 100644
  
  title: 'Configure BIND to use System Crypto Policy'
  
+@@ -31,7 +31,7 @@ references:
+     nist: SC-13,SC-12(2),SC-12(3)
+     srg: SRG-OS-000423-GPOS-00187,SRG-OS-000426-GPOS-00190
+     stigid@ol8: OL08-00-010020
+-    stigid@rhel8: RHEL-08-010020
++    stigid@almalinux8: RHEL-08-010020
+ 
+ ocil_clause: |-
+     BIND is installed and the BIND config file doesn't contain the
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
 index 2c9316c3..ff0480eb 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
@@ -22295,41 +23491,50 @@ index 1efeb70a..1be51e61 100644
  
  BIND_CONF='/etc/named.conf'
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
-index d4ea4db6..7b804682 100644
+index 393e7210..195d74a8 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Configure System Cryptography Policy'
  
+@@ -68,7 +68,7 @@ references:
+     ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1
+     srg: SRG-OS-000396-GPOS-00176,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174
+     stigid@ol8: OL08-00-010020
+-    stigid@rhel8: RHEL-08-010020
++    stigid@almalinux8: RHEL-08-010020
+ 
+ ocil_clause: 'cryptographic policy is not configured or is configured incorrectly'
+ 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
-index 4169dff3..c0dfdaf2 100644
+index efc1cab4..7e7ff6e1 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # packages = crypto-policies-scripts
  
  # IMPORTANT: This is a false negative scenario.
- # File /etc/crypto-policies/config can be newer than /etc/crypto-policies/state/current,
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
-index 833cc166..c5556090 100644
+index 46d8e341..3e58358f 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # packages = crypto-policies-scripts
  
  update-crypto-policies --set "DEFAULT"
- sleep 1s
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
-index 5bc60832..d9f4b97b 100644
+index a18ad25b..c7a3c469 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
 @@ -1,5 +1,5 @@
@@ -22337,10 +23542,10 @@ index 5bc60832..d9f4b97b 100644
 -# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
+ # packages = crypto-policies-scripts
  
- update-crypto-policies --set "FIPS:OSPP"
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
-index 0db03331..e0688ec0 100644
+index 04527eb2..7adf3b61 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
 @@ -1,5 +1,5 @@
@@ -22348,10 +23553,10 @@ index 0db03331..e0688ec0 100644
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
+ # packages = crypto-policies-scripts
  
- sed -i "1d" /etc/crypto-policies/config
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
-index fe431fb7..8842dc5f 100644
+index 8864a8cd..6597c501 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
 @@ -1,5 +1,5 @@
@@ -22359,10 +23564,10 @@ index fe431fb7..8842dc5f 100644
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
+ # packages = crypto-policies-scripts
  
- rm /etc/crypto-policies/state/current
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
-index 709714c8..71f718c4 100644
+index 33719ca9..9de20e3c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
 @@ -1,5 +1,5 @@
@@ -22370,10 +23575,10 @@ index 709714c8..71f718c4 100644
 -# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
+ # packages = crypto-policies-scripts
  
- update-crypto-policies --set "FIPS:OSPP"
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
-index fc6bb8b5..c60a96a6 100644
+index 6e53c39d..307cfba9 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
 @@ -1,5 +1,5 @@
@@ -22381,10 +23586,21 @@ index fc6bb8b5..c60a96a6 100644
 -# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
+ # packages = crypto-policies-scripts
+ 
+diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
+index 1cb6ea49..2a5dc207 100644
+--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
++++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis_server_l1,xccdf_org.ssgproject.content_profile_cis_workstation_l1
+ # packages = crypto-policies-scripts
  
- update-crypto-policies --set "FIPS:OSPP"
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
-index d083ceb1..88e9d939 100644
+index 51d35ff9..96db9dda 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
 @@ -1,5 +1,5 @@
@@ -22392,10 +23608,10 @@ index d083ceb1..88e9d939 100644
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_e8
+ # packages = crypto-policies-scripts
  
- update-crypto-policies --set "DEFAULT:NO-SHA1"
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
-index 49e1f08d..f30ee6b4 100644
+index 053c5c1a..eafa80bc 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
 @@ -1,5 +1,5 @@
@@ -22403,10 +23619,10 @@ index 49e1f08d..f30ee6b4 100644
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_standard
+ # packages = crypto-policies-scripts
  
- update-crypto-policies --set "DEFAULT"
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
-index 54b8211c..7b94bb56 100644
+index 07cbb3f6..ae916f02 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
 @@ -1,5 +1,5 @@
@@ -22414,10 +23630,21 @@ index 54b8211c..7b94bb56 100644
 -# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
+ # packages = crypto-policies-scripts
+ 
+diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
+index 99d975bc..125e4ce2 100644
+--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
++++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis,xccdf_org.ssgproject.content_profile_cis_workstation_l2
+ # packages = crypto-policies-scripts
  
- update-crypto-policies --set "FIPS:OSPP"
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
-index 926d3c12..ca368933 100644
+index fc7aeeae..3e831ed3 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
 @@ -1,5 +1,5 @@
@@ -22425,24 +23652,24 @@ index 926d3c12..ca368933 100644
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
+ # packages = crypto-policies-scripts
  
- sed -i "1s/.*/LEGACY/" /etc/crypto-policies/config
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
-index 354f216b..7aed7424 100644
+index a044c5e9..e94e13fe 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel8,fedora
-+prodtype: rhel8,almalinux8,fedora
+-prodtype: fedora,ol8,rhel8
++prodtype: fedora,ol8,rhel8,almalinux8
  
  title: 'Configure GnuTLS library to use DoD-approved TLS Encryption'
  
-@@ -28,7 +28,7 @@ references:
-     disa: CCI-001453
+@@ -30,7 +30,7 @@ references:
      nist: AC-17(2)
      srg: SRG-OS-000250-GPOS-00093,SRG-OS-000423-GPOS-00187
+     stigid@ol8: OL08-00-010295
 -    stigid@rhel8: RHEL-08-010295
 +    stigid@almalinux8: RHEL-08-010295
  
@@ -22493,7 +23720,7 @@ index ad39b47d..e4ca9f99 100644
  configfile=/etc/crypto-policies/back-ends/gnutls.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
-index b219c9d2..003375a1 100644
+index f1a839f1..b0ef8c66 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
@@ -22504,6 +23731,15 @@ index b219c9d2..003375a1 100644
  
  title: 'Configure Kerberos to use System Crypto Policy'
  
+@@ -29,7 +29,7 @@ references:
+     nist: SC-13,SC-12(2),SC-12(3)
+     srg: SRG-OS-000120-GPOS-00061
+     stigid@ol8: OL08-00-010020
+-    stigid@rhel8: RHEL-08-010020
++    stigid@almalinux8: RHEL-08-010020
+ 
+ ocil_clause: 'the symlink does not exist or points to a different target'
+ 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
 index 677aa91c..3bcda12d 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
@@ -22537,17 +23773,26 @@ index 842fb7b4..99563741 100644
  rm -f /etc/krb5.conf.d/crypto-policies
  ln -s /etc/crypto-policies/back-ends/openssh.config /etc/krb5.conf.d/crypto-policies
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
-index d54ccaae..0bb7929d 100644
+index 783b2f84..f8fe132b 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Configure Libreswan to use System Crypto Policy'
  
+@@ -34,7 +34,7 @@ references:
+     ospp: FCS_IPSEC_EXT.1.4,FCS_IPSEC_EXT.1.6
+     srg: SRG-OS-000033-GPOS-00014
+     stigid@ol8: OL08-00-010020
+-    stigid@rhel8: RHEL-08-010020
++    stigid@almalinux8: RHEL-08-010020
+ 
+ ocil_clause: |-
+     Libreswan is installed and /etc/ipsec.conf does not contain include /etc/crypto-policies/back-ends/libreswan.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
 index 32a820e0..c7a7793a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
@@ -22607,21 +23852,21 @@ index 1ef57ed1..804d7dd7 100644
  
  cp ipsec.conf /etc
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
-index 9cf7e69b..db290ad6 100644
+index eee83810..1928dd4c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Configure OpenSSL library to use System Crypto Policy'
  
-@@ -29,7 +29,7 @@ references:
-     nerc-cip: CIP-003-3 R4.2,CIP-007-3 R5.1,CIP-007-3 R7.1
+@@ -31,7 +31,7 @@ references:
      nist: AC-17(a),AC-17(2),CM-6(a),MA-4(6),SC-13,SC-12(2),SC-12(3)
      srg: SRG-OS-000250-GPOS-00093
+     stigid@ol8: OL08-00-010293
 -    stigid@rhel8: RHEL-08-010293
 +    stigid@almalinux8: RHEL-08-010293
  
@@ -22672,21 +23917,21 @@ index 7f0c394f..653de38d 100644
  . common.sh
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
-index 4a777989..f5aa09b0 100644
+index e6bc7fef..d1f09ce8 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel8,rhel9
-+prodtype: rhel8,almalinux8,rhel9
+-prodtype: ol8,rhel8,rhel9
++prodtype: ol8,rhel8,almalinux8,rhel9
  
  title: 'Configure OpenSSL library to use TLS Encryption'
  
-@@ -28,7 +28,7 @@ references:
-     disa: CCI-001453
+@@ -29,7 +29,7 @@ references:
      nist: AC-17(2)
      srg: SRG-OS-000250-GPOS-00093
+     stigid@ol8: OL08-00-010294
 -    stigid@rhel8: RHEL-08-010294
 +    stigid@almalinux8: RHEL-08-010294
  
@@ -22770,17 +24015,26 @@ index 7a3b7c32..0eddf01d 100644
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
-index ffe4a707..603ab6e9 100644
+index 60b0ce0e..72ef3ef8 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4
-+prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Configure SSH to use System Crypto Policy'
  
+@@ -30,7 +30,7 @@ references:
+     nist: AC-17(a),AC-17(2),CM-6(a),MA-4(6),SC-13
+     srg: SRG-OS-000250-GPOS-00093
+     stigid@ol8: OL08-00-010020
+-    stigid@rhel8: RHEL-08-010287
++    stigid@almalinux8: RHEL-08-010287
+ 
+ ocil_clause: 'the CRYPTO_POLICY variable is not set or is commented in the /etc/sysconfig/sshd'
+ 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
 index 0076833e..98facaf0 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
@@ -22830,7 +24084,7 @@ index d3e1eb9e..e6900a3b 100644
  SSH_CONF="/etc/sysconfig/sshd"
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/ansible/shared.yml
-index d5c2c2b9..355c89d5 100644
+index d530f4b7..b5fdd0b2 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -22850,14 +24104,14 @@ index cd7c4fb6..1deb135a 100644
  cp="Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256"
  file="/etc/crypto-policies/local.d/opensslcnf-ospp.config"
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml
-index f7dd2528..b1764526 100644
+index 067adc6a..eb5225df 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel8,rhcos4
-+prodtype: rhel8,almalinux8,rhcos4
+-prodtype: rhcos4,rhel8
++prodtype: rhcos4,rhel8,almalinux8
  
  title: 'Harden OpenSSL Crypto Policy'
  
@@ -23236,37 +24490,46 @@ index b6ff5881..5198a648 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml
-index 956a19f3..8c4ad2c9 100644
+index 0a74e07c..11263cbb 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/bash/shared.sh
-index cdc66a8a..997ed727 100644
+index 6db8f965..2f017299 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- . /usr/share/scap-security-guide/remediation_functions
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
  {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
-index 682ca436..8cb3e3fb 100644
+index a58e0d83..12ab4eb6 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel8
-+prodtype: fedora,rhel8,almalinux8
+-prodtype: fedora,ol8,rhel8,rhel9
++prodtype: fedora,ol8,rhel8,almalinux8,rhel9
  
  title: 'Configure SSH Client to Use FIPS 140-2 Validated Ciphers: openssh.config'
  
+@@ -32,7 +32,7 @@ references:
+     nist: AC-17(2)
+     srg: SRG-OS-000250-GPOS-00093
+     stigid@ol8: OL08-00-010020
+-    stigid@rhel8: RHEL-08-010020
++    stigid@almalinux8: RHEL-08-010020
+ 
+ ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
+ 
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
 index 0a27a7e0..9d1613f3 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
@@ -23356,41 +24619,41 @@ index 2138caad..50b1b349 100644
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
-index 3e637f37..e86f8c4c 100644
+index e83aeb89..f64e72e6 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh
-index eaa4463c..986fa499 100644
+index 14d764ca..49e23f8c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- . /usr/share/scap-security-guide/remediation_functions
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
  {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
-index e904bc84..fb641b5e 100644
+index 92ac6468..cb6f28c6 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel8
-+prodtype: rhel8,almalinux8
+-prodtype: ol8,rhel8,rhel9
++prodtype: ol8,rhel8,almalinux8,rhel9
  
  title: 'Configure SSH Server to Use FIPS 140-2 Validated Ciphers: opensshserver.config'
  
-@@ -30,7 +30,7 @@ references:
-     disa: CCI-001453
+@@ -32,7 +32,7 @@ references:
      nist: AC-17(2)
      srg: SRG-OS-000250-GPOS-00093
+     stigid@ol8: OL08-00-010291
 -    stigid@rhel8: RHEL-08-010291
 +    stigid@almalinux8: RHEL-08-010291
  
@@ -23451,14 +24714,14 @@ index 7a9a2a5e..25cf3fd3 100644
  cp="CRYPTO_POLICY='-oCiphers=aes256-ctr,aes128-ctr,aes256-cbc,aes128-cbc -oMACs=hmac-sha2-512,hmac-sha2-256 -oGSSAPIKeyExchange=no -oKexAlgorithms=ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha1 -oHostKeyAlgorithms=ssh-rsa,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256 -oPubkeyAcceptedKeyTypes=rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256'"
  file=/etc/crypto-policies/local.d/opensshserver-ospp.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml
-index 80ab3ffe..8b3d3f57 100644
+index 0c438c31..f5067892 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,ol7,ol8,rhel7,rhel8,sle12,sle15,rhv4
-+prodtype: fedora,rhcos4,ol7,ol8,rhel7,rhel8,almalinux8,sle12,sle15,rhv4
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhv4,sle12,sle15
  
  title: 'Harden SSHD Crypto Policy'
  
@@ -23551,37 +24814,46 @@ index 1928d2cf..6914ed91 100644
  configfile=/etc/crypto-policies/back-ends/opensshserver.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/ansible/shared.yml
-index 1c9dde77..152d2d39 100644
+index c1ea94ce..39eadbef 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/bash/shared.sh
-index b26992ce..0846b6ce 100644
+index 451da4db..5d373e6b 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- . /usr/share/scap-security-guide/remediation_functions
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
  {{{ bash_instantiate_variables("sshd_approved_macs") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
-index d21f68ac..4ad71ae6 100644
+index 193587a8..055d5b10 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhel8
-+prodtype: fedora,rhel8,almalinux8
+-prodtype: fedora,ol8,rhel8,rhel9
++prodtype: fedora,ol8,rhel8,almalinux8,rhel9
  
  title: 'Configure SSH Client to Use FIPS 140-2 Validated MACs: openssh.config'
  
+@@ -30,7 +30,7 @@ references:
+     nist: AC-17(2)
+     srg: SRG-OS-000250-GPOS-00093
+     stigid@ol8: OL08-00-010020
+-    stigid@rhel8: RHEL-08-010020
++    stigid@almalinux8: RHEL-08-010020
+ 
+ ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
+ 
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
 index 5a4b6887..2211658c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
@@ -23671,41 +24943,41 @@ index 2138caad..50b1b349 100644
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml
-index 5ed61858..7a69caf3 100644
+index 6a0e4594..3ce06096 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh
-index 790a2951..81d971a6 100644
+index a06ffc2d..6b4a4f76 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- . /usr/share/scap-security-guide/remediation_functions
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ 
  {{{ bash_instantiate_variables("sshd_approved_macs") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
-index 0fd107a1..3144ec44 100644
+index a8a3e37b..f0a09be9 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel8
-+prodtype: rhel8,almalinux8
+-prodtype: ol8,rhel8,rhel9
++prodtype: ol8,rhel8,almalinux8,rhel9
  
  title: 'Configure SSH Server to Use FIPS 140-2 Validated MACs: opensshserver.config'
  
-@@ -28,7 +28,7 @@ references:
-     disa: CCI-001453
+@@ -30,7 +30,7 @@ references:
      nist: AC-17(2)
      srg: SRG-OS-000250-GPOS-00093
+     stigid@ol8: OL08-00-010290
 -    stigid@rhel8: RHEL-08-010290
 +    stigid@almalinux8: RHEL-08-010290
  
@@ -23821,6 +25093,30 @@ index 68ce3979..5460c879 100644
  
  title: 'Install crypto-policies package'
  
+diff --git a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-installed-removed.fail.sh b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-installed-removed.fail.sh
+index 025e7ef6..7fdf9b11 100644
+--- a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-installed-removed.fail.sh
++++ b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-installed-removed.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ #
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ 
+ # The crypto-policies package cannot be normally removed
+ # from a system, therefore as a part of testing we only
+diff --git a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-removed.fail.sh b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-removed.fail.sh
+index c5a1d53d..618f0719 100644
+--- a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-removed.fail.sh
++++ b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/tests/package-removed.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ #
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ 
+ # The crypto-policies package cannot be normally removed
+ # from a system, therefore as a part of testing we only
 diff --git a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
 index 1ac4527f..563cc96b 100644
 --- a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
@@ -23844,14 +25140,14 @@ index 264d2f94..14cc99d5 100644
  title: 'Install Virus Scanning Software'
  
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
-index eb01fb01..11c89647 100644
+index 7eed9c54..283a078e 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15
  
  title: 'Install Intrusion Detection Software'
  
@@ -23892,20 +25188,20 @@ index dc856f8b..a5561435 100644
  title: 'Virus Scanning Software Definitions Are Updated'
  
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
-index 32c93446..28b73eaa 100644
+index 1dd1e524..5d3b15bd 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9
  
  title: 'Ensure McAfee Endpoint Security for Linux (ENSL) is running'
  
-@@ -24,7 +24,7 @@ references:
-     nist: SI-2(2)
-     srg: SRG-OS-000191-GPOS-00080
+@@ -27,7 +27,7 @@ references:
+     stigid@ol7: OL07-00-020019
+     stigid@ol8: OL08-00-010001
      stigid@rhel7: RHEL-07-020019
 -    stigid@rhel8: RHEL-08-010001
 +    stigid@almalinux8: RHEL-08-010001
@@ -23913,28 +25209,29 @@ index 32c93446..28b73eaa 100644
  ocil_clause: 'virus scanning software is not running'
  
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
-index 4c7dc8d7..914c90f6 100644
+index b1da4909..aface146 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
-@@ -1,6 +1,6 @@
+@@ -6,7 +6,7 @@
+ 
  documentation_complete: true
  
--prodtype: rhel7,rhel8
-+prodtype: rhel7,rhel8,almalinux8
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,ubuntu2004
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,ubuntu2004
  
  title: 'Install McAfee Endpoint Security for Linux (ENSL)'
  
-@@ -26,7 +26,7 @@ references:
-     nist: SI-2(2)
-     srg: SRG-OS-000191-GPOS-00080
+@@ -35,7 +35,7 @@ references:
+     stigid@ol7: OL07-00-020019
+     stigid@ol8: OL08-00-010001
      stigid@rhel7: RHEL-07-020019
 -    stigid@rhel8: RHEL-08-010001
 +    stigid@almalinux8: RHEL-08-010001
+     stigid@ubuntu2004: UBTU-20-010415
  
  ocil_clause: 'the package is not installed'
- 
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_accm/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_accm/rule.yml
-index 3208a697..bd68f3a2 100644
+index 9223793b..2131c1d9 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_accm/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_accm/rule.yml
 @@ -1,6 +1,6 @@
@@ -23946,7 +25243,7 @@ index 3208a697..bd68f3a2 100644
  title: 'Install the Asset Configuration Compliance Module (ACCM)'
  
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_pa/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_pa/rule.yml
-index 7bdc4fa8..8fb1bd7e 100644
+index 29469a9b..16a7d4f2 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_pa/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_hbss_software/install_mcafee_hbss_pa/rule.yml
 @@ -1,6 +1,6 @@
@@ -23970,7 +25267,7 @@ index 83ef73b9..3ff9ea78 100644
  title: 'Enable nails Service'
  
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
-index 9486031b..4b9cb42d 100644
+index 3b7c3229..3ea794c5 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
 @@ -1,6 +1,6 @@
@@ -23981,8 +25278,17 @@ index 9486031b..4b9cb42d 100644
  
  title: "Enable Dracut FIPS Module"
  
+@@ -32,7 +32,7 @@ references:
+     ospp: FCS_RBG_EXT.1
+     srg: SRG-OS-000478-GPOS-00223
+     stigid@ol8: OL08-00-010020
+-    stigid@rhel8: RHEL-08-010020
++    stigid@almalinux8: RHEL-08-010020
+     vmmsrg: SRG-OS-000120-VMM-000600,SRG-OS-000478-VMM-001980,SRG-OS-000396-VMM-001590
+ 
+ ocil_clause: 'the Dracut FIPS module is not enabled'
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/ansible/shared.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/ansible/shared.yml
-index b6c38443..ad7f71ce 100644
+index 6977a704..e18dbd02 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -23992,16 +25298,17 @@ index b6c38443..ad7f71ce 100644
  # strategy = restrict
  # complexity = medium
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/bash/shared.sh b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/bash/shared.sh
-index 87476a7b..37673cc8 100644
+index 7627a67f..ed7a77bd 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8,Red Hat Virtualization 4
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora,Oracle Linux 8,Red Hat Virtualization 4
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,Oracle Linux 8,Red Hat Virtualization 4
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,Oracle Linux 8,Red Hat Virtualization 4
+ {{{ bash_instantiate_variables("var_system_crypto_policy") }}}
  
  fips-mode-setup --enable
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
-index 64b18ac6..5e43f05d 100644
+index 30cbc939..6454b7e0 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
 @@ -1,6 +1,6 @@
@@ -24013,28 +25320,28 @@ index 64b18ac6..5e43f05d 100644
  title: Enable FIPS Mode
  
 @@ -40,7 +40,7 @@ references:
-     nist: SC-12(2),SC-12(3),IA-7,SC-13,CM-6(a),SC-12
-     ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1
+     ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1,FCS_RBG_EXT.1
      srg: SRG-OS-000478-GPOS-00223,SRG-OS-000396-GPOS-00176
+     stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
      vmmsrg: SRG-OS-000120-VMM-000600,SRG-OS-000478-VMM-001980,SRG-OS-000396-VMM-001590
  
  ocil_clause: 'FIPS mode is not enabled'
 diff --git a/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml b/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml
-index 2ef6c50d..f1085e5b 100644
+index 64c78276..c5b4c036 100644
 --- a/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,rhcos4,ol7,ol8,rhel7,rhel8,rhel9,rhv4,wrlinux1019
-+prodtype: fedora,rhcos4,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
+-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,wrlinux1019
++prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,wrlinux1019
  
  title: Ensure '/etc/system-fips' exists
  
 diff --git a/linux_os/guide/system/software/integrity/fips/grub2_enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/grub2_enable_fips_mode/rule.yml
-index 949132df..7f78ed4c 100644
+index 4e2427ba..bbc7f8ff 100644
 --- a/linux_os/guide/system/software/integrity/fips/grub2_enable_fips_mode/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/grub2_enable_fips_mode/rule.yml
 @@ -18,7 +18,7 @@ description: |-
@@ -24047,7 +25354,7 @@ index 949132df..7f78ed4c 100644
  
  rationale: |-
 diff --git a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
-index 0fbca696..77a65f8e 100644
+index bc0cf1bb..552eb7d4 100644
 --- a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
 @@ -1,6 +1,6 @@
@@ -24058,10 +25365,10 @@ index 0fbca696..77a65f8e 100644
  
  title: "Set kernel parameter 'crypto.fips_enabled' to 1"
  
-@@ -31,7 +31,7 @@ references:
-     nerc-cip: CIP-003-3 R4.2,CIP-007-3 R5.1
+@@ -32,7 +32,7 @@ references:
      nist: SC-12(2),SC-12(3),IA-7,SC-13,CM-6(a),SC-12
      srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000396-GPOS-00176,SRG-OS-000423-GPOS-00187,SRG-OS-000478-GPOS-00223
+     stigid@ol8: OL08-00-010020
 -    stigid@rhel8: RHEL-08-010020
 +    stigid@almalinux8: RHEL-08-010020
      vmmsrg: SRG-OS-000120-VMM-000600,SRG-OS-000478-VMM-001980,SRG-OS-000396-VMM-001590
@@ -24078,53 +25385,53 @@ index 7c25aebf..19796558 100644
  {{{ bash_package_install("aide") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
-index e4a1668c..5a85573e 100644
+index 5f16a4f1..29b56ac4 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
-+prodtype: debian10,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
+-prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
++prodtype: debian10,debian11,debian9,fedora,ol7,ol8,rhcos4,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
  
  title: 'Build and Test AIDE Database'
  
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
-index edef2721..7975ba73 100644
+index 6adeeb08..4c6d6ce7 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
-index 0875eeec..a480f991 100644
+index 0726807a..d7aa732b 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_sle
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
-index 17a95bf4..2ee64ecc 100644
+index b75e3e35..a20491ff 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: sle12,sle15,ubuntu2004,rhel8,fedora
-+prodtype: sle12,sle15,ubuntu2004,rhel8,almalinux8,fedora
+-prodtype: fedora,ol8,rhel8,rhel9,sle12,sle15,ubuntu2004
++prodtype: fedora,ol8,rhel8,almalinux8,rhel9,sle12,sle15,ubuntu2004
  
  title: 'Configure AIDE to Verify the Audit Tools'
  
-@@ -39,7 +39,7 @@ references:
-     disa: CCI-001496
+@@ -41,7 +41,7 @@ references:
      nist: AU-9(3),AU-9(3).1
      srg: SRG-OS-000278-GPOS-00108
+     stigid@ol8: OL08-00-030650
 -    stigid@rhel8: RHEL-08-030650
 +    stigid@almalinux8: RHEL-08-030650
      stigid@sle12: SLES-12-010540
@@ -24164,24 +25471,24 @@ index 4315cef2..00ce6b2e 100644
  
  yum -y install aide
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
-index aa605c85..0d3ad729 100644
+index 34799aa6..a2d72d1c 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_wrlinux,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_wrlinux,multi_platform_sle
  
  {{{ bash_package_install("aide") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
-index e7991c7a..4e888b76 100644
+index 343cd9e4..0497dd6f 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle15,ubuntu2004,wrlinux1019
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15,ubuntu2004,wrlinux1019
  
  title: 'Configure Periodic Execution of AIDE'
  
@@ -24196,7 +25503,7 @@ index 5c11fc17..e4efb9ca 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
-index 3d22d123..90372d96 100644
+index 9c69dd1e..74c47f19 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
 @@ -1,6 +1,6 @@
@@ -24207,9 +25514,9 @@ index 3d22d123..90372d96 100644
  
  title: 'Configure Notification of Post-AIDE Scan Details'
  
-@@ -47,7 +47,7 @@ references:
-     srg: SRG-OS-000363-GPOS-00150,SRG-OS-000447-GPOS-00201
+@@ -48,7 +48,7 @@ references:
      stigid@ol7: OL07-00-020040
+     stigid@ol8: OL08-00-010360
      stigid@rhel7: RHEL-07-020040
 -    stigid@rhel8: RHEL-08-010360
 +    stigid@almalinux8: RHEL-08-010360
@@ -24273,7 +25580,7 @@ index bcf29f05..71ee850e 100644
  {{{ bash_package_install("aide") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
-index d37006d5..890a7c00 100644
+index bf4c5149..15e18872 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
 @@ -1,6 +1,6 @@
@@ -24284,9 +25591,9 @@ index d37006d5..890a7c00 100644
  
  title: 'Configure AIDE to Verify Access Control Lists (ACLs)'
  
-@@ -42,7 +42,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -43,7 +43,7 @@ references:
      stigid@ol7: OL07-00-021600
+     stigid@ol8: OL08-00-040310
      stigid@rhel7: RHEL-07-021600
 -    stigid@rhel8: RHEL-08-040310
 +    stigid@almalinux8: RHEL-08-040310
@@ -24328,7 +25635,7 @@ index ab7ad7ab..f3fb9b53 100644
  {{{ bash_package_install("aide") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
-index c5f88cdf..537a1531 100644
+index a89aeedb..35c1fd85 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
 @@ -1,6 +1,6 @@
@@ -24339,9 +25646,9 @@ index c5f88cdf..537a1531 100644
  
  title: 'Configure AIDE to Verify Extended Attributes'
  
-@@ -42,7 +42,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -43,7 +43,7 @@ references:
      stigid@ol7: OL07-00-021610
+     stigid@ol8: OL08-00-040300
      stigid@rhel7: RHEL-07-021610
 -    stigid@rhel8: RHEL-08-040300
 +    stigid@almalinux8: RHEL-08-040300
@@ -24373,34 +25680,34 @@ index d02d969a..a88b92ab 100644
  
  cat >/etc/aide.conf <env_reset     tag, when specified, will run the command in a minimal environment,
-     containing the TERM, PATH, HOME, MAIL, SHELL, LOGNAME, USER and SUDO_* variables.
--{{%- if product in ["rhel7", "rhel8"] %}}
-+{{%- if product in ["rhel7", "rhel8", "almalinux8"] %}}
-     On {{{ full_name }}}, env_reset is enabled by default
- {{%- endif %}}
-     This should be enabled by making sure that the env_reset tag exists in
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_ignore_dot/rule.yml b/linux_os/guide/system/software/sudo/sudo_add_ignore_dot/rule.yml
-index f26a63e7..622055f3 100644
+index f26a63e7..bcc8e8d4 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_ignore_dot/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_add_ignore_dot/rule.yml
-@@ -1,13 +1,13 @@
+@@ -1,6 +1,6 @@
  documentation_complete: true
  
 -prodtype: ol7,ol8,rhel7,rhel8
@@ -24543,14 +25842,6 @@ index f26a63e7..622055f3 100644
  
  title: 'Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot'
  
- description: |-
-     The sudo ignore_dot tag, when specified, will ignore the current directory
-     in the PATH environment variable.
--{{%- if product in ["rhel7", "rhel8"] %}}
-+{{%- if product in ["rhel7", "rhel8", "almalinux8"] %}}
-     On {{{ full_name }}}, env_reset is enabled by default
- {{%- endif %}}
-     This should be enabled by making sure that the ignore_dot tag exists in
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_passwd_timeout/rule.yml b/linux_os/guide/system/software/sudo/sudo_add_passwd_timeout/rule.yml
 index ae339952..40ef5a07 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_passwd_timeout/rule.yml
@@ -24564,10 +25855,10 @@ index ae339952..40ef5a07 100644
  title: 'Ensure sudo passwd_timeout is appropriate - sudo passwd_timeout'
  
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/rule.yml b/linux_os/guide/system/software/sudo/sudo_add_umask/rule.yml
-index 189c1b9d..3f3730f4 100644
+index 189c1b9d..9a722eb0 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_umask/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_add_umask/rule.yml
-@@ -1,13 +1,13 @@
+@@ -1,6 +1,6 @@
  documentation_complete: true
  
 -prodtype: ol7,ol8,rhel7,rhel8
@@ -24575,14 +25866,6 @@ index 189c1b9d..3f3730f4 100644
  
  title: 'Ensure sudo umask is appropriate - sudo umask'
  
- description: |-
-     The sudo umask tag, when specified, will be added the to the user's umask in the
-     command environment.
--{{%- if product in ["rhel7", "rhel8"] %}}
-+{{%- if product in ["rhel7", "rhel8", "almalinux8"] %}}
-     On {{{ full_name }}}, the default umask value is 0022.
- {{% endif %}}
-     The umask should be configured by making sure that the umask=sub_var_value("var_sudo_umask") tag exists in
 diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh
 index 5d9a8b49..3710e371 100644
 --- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh
@@ -24661,12 +25944,12 @@ index 1c87c96c..265432ee 100644
  
  # Make sure sudo is owned by root group
 diff --git a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
-index bb1d3bd4..0d06c1c7 100644
+index 545dbcbf..490bed29 100644
 --- a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
-@@ -37,7 +37,7 @@ references:
-     srg: SRG-OS-000373-GPOS-00156,SRG-OS-000373-GPOS-00157,SRG-OS-000373-GPOS-00158
+@@ -38,7 +38,7 @@ references:
      stigid@ol7: OL07-00-010350
+     stigid@ol8: OL08-00-010381
      stigid@rhel7: RHEL-07-010350
 -    stigid@rhel8: RHEL-08-010381
 +    stigid@almalinux8: RHEL-08-010381
@@ -24674,12 +25957,12 @@ index bb1d3bd4..0d06c1c7 100644
      stigid@sle15: SLES-15-010450
      vsrg: SRG-OS-000373-VMM-001470,SRG-OS-000373-VMM-001480,SRG-OS-000373-VMM-001490
 diff --git a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
-index 84c21869..b9032533 100644
+index 9bd661c7..0c95067d 100644
 --- a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
-@@ -38,7 +38,7 @@ references:
-     srg: SRG-OS-000373-GPOS-00156,SRG-OS-000373-GPOS-00157,SRG-OS-000373-GPOS-00158
+@@ -39,7 +39,7 @@ references:
      stigid@ol7: OL07-00-010340
+     stigid@ol8: OL08-00-010380
      stigid@rhel7: RHEL-07-010340
 -    stigid@rhel8: RHEL-08-010380
 +    stigid@almalinux8: RHEL-08-010380
@@ -24687,21 +25970,21 @@ index 84c21869..b9032533 100644
      stigid@sle15: SLES-15-010450
      vsrg: SRG-OS-000373-VMM-001470,SRG-OS-000373-VMM-001480,SRG-OS-000373-VMM-001490
 diff --git a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
-index 8622d6af..db291979 100644
+index eebb9667..5cf7e8f4 100644
 --- a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: rhel8,sle12,sle15
-+prodtype: rhel8,almalinux8,sle12,sle15
+-prodtype: ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
++prodtype: ol7,ol8,rhel7,rhel8,almalinux8,rhel9,sle12,sle15
  
  title: 'The operating system must require Re-Authentication when using the sudo command.
   Ensure sudo timestamp_timeout is appropriate - sudo timestamp_timeout'
-@@ -33,7 +33,7 @@ references:
-     disa: CCI-002038
-     nist: IA-11
-     srg: SRG-OS-000373-GPOS-00156
+@@ -38,7 +38,7 @@ references:
+     stigid@ol7: OL07-00-010343
+     stigid@ol8: OL08-00-010384
+     stigid@rhel7: RHEL-07-010343
 -    stigid@rhel8: RHEL-08-010384
 +    stigid@almalinux8: RHEL-08-010384
      stigid@sle12: SLES-12-010113
@@ -24720,7 +26003,7 @@ index 174da919..ee73e10e 100644
  title: 'Ensure only owner and members of group owner of /usr/bin/sudo can execute it'
  
 diff --git a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
-index a9a23baf..9304e425 100644
+index 57cb763d..37d96fa5 100644
 --- a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
 @@ -2,7 +2,7 @@ documentation_complete: true
@@ -24732,17 +26015,38 @@ index a9a23baf..9304e425 100644
  
  description: |-
      The sudo command allows a user to execute programs with elevated
-@@ -33,7 +33,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -34,7 +34,7 @@ references:
      stigid@ol7: OL07-00-010341
+     stigid@ol8: OL08-00-010382
      stigid@rhel7: RHEL-07-010341
 -    stigid@rhel8: RHEL-08-010382
 +    stigid@almalinux8: RHEL-08-010382
      stigid@sle12: SLES-12-010111
      stigid@sle15: SLES-15-020101
  
+diff --git a/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml b/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
+index a97bd3ef..bd782d8a 100644
+--- a/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
++++ b/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel7,rhel8,rhel9
++prodtype: fedora,rhel7,rhel8,almalinux8,rhel9
+ 
+ title: 'Ensure sudo only includes the default configuration directory'
+ 
+@@ -28,7 +28,7 @@ identifiers:
+ references:
+     disa: CCI-000366
+     srg: SRG-OS-000480-GPOS-00227
+-    stigid@rhel8: RHEL-08-010379
++    stigid@almalinux8: RHEL-08-010379
+ 
+ ocil_clause: "the /etc/sudoers doesn't include /etc/sudores.d or includes other directories?"
+ 
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
-index 2ce70f49..311a10d1 100644
+index 698021d8..869af9ba 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
 @@ -2,7 +2,7 @@ documentation_complete: true
@@ -24754,15 +26058,25 @@ index 2ce70f49..311a10d1 100644
  
  description: |-
      The sudoers security policy requires that users authenticate themselves before they can use sudo.
-@@ -32,7 +32,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -33,7 +33,7 @@ references:
      stigid@ol7: OL07-00-010342
+     stigid@ol8: OL08-00-010383
      stigid@rhel7: RHEL-07-010342
 -    stigid@rhel8: RHEL-08-010383
 +    stigid@almalinux8: RHEL-08-010383
      stigid@sle12: SLES-12-010112
      stigid@sle15: SLES-15-020103
  
+diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.fail.sh
+index a258d108..904d4adb 100644
+--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.fail.sh
++++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
+ # packages = sudo
+ 
+ echo 'Defaults !targetpw' >> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
 index 9706b8bd..c543b1b3 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
@@ -24782,6 +26096,16 @@ index 093f9dd8..0cd6dbf4 100644
 +# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
  # packages = sudo
  
+ echo 'Defaults !targetpw' >> /etc/sudoers
+diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
+index 6247b523..bd82dc53 100644
+--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
++++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
+ # packages = sudo
+ 
  echo 'Defaults !targetpw' >> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
 index b12d1f88..eebf2cd7 100644
@@ -24814,147 +26138,139 @@ index 103cb466..e23bcce4 100644
  
  if [ $(sudo egrep -i '(!targetpw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' | wc -l) -ne 0 ]
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
-index f77d3bff..b0859cdf 100644
+index 909924de..1e5f94f9 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
  
  title: 'Uninstall abrt-addon-ccpp Package'
  
-@@ -21,7 +21,7 @@ identifiers:
- references:
+@@ -22,7 +22,7 @@ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
  
  {{{ complete_ocil_entry_package(package="abrt-addon-ccpp") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
-index 6e7b5d51..dd6157c4 100644
+index f74bfa3f..ad77aadf 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
  
  title: 'Uninstall abrt-addon-kerneloops Package'
  
-@@ -21,7 +21,7 @@ identifiers:
- references:
+@@ -22,7 +22,7 @@ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
  
  {{{ complete_ocil_entry_package(package="abrt-addon-kerneloops") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
-index ceacda79..24990e5d 100644
+index 3233cc50..62040ee9 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
-@@ -1,6 +1,6 @@
- documentation_complete: true
- 
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
- 
- title: 'Uninstall abrt-addon-python Package'
- 
-@@ -21,7 +21,7 @@ identifiers:
- references:
+@@ -20,7 +20,7 @@ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
  
  {{{ complete_ocil_entry_package(package="abrt-addon-python") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
-index 51b2541d..3a20fb80 100644
+index 43f8d7fb..ab43bb7a 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
  
  title: 'Uninstall abrt-cli Package'
  
-@@ -21,7 +21,7 @@ identifiers:
- references:
+@@ -22,7 +22,7 @@ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
  
  {{{ complete_ocil_entry_package(package="abrt-cli") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-plugin-logger_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-plugin-logger_removed/rule.yml
-index d5ee870a..723b0714 100644
+index 30da7dca..15d81cfd 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-plugin-logger_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-plugin-logger_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
  
  title: 'Uninstall abrt-plugin-logger Package'
  
-@@ -21,7 +21,7 @@ identifiers:
- references:
+@@ -22,7 +22,7 @@ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
  
  {{{ complete_ocil_entry_package(package="abrt-plugin-logger") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-plugin-rhtsupport_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-plugin-rhtsupport_removed/rule.yml
-index ba9d22d6..b635c8ce 100644
+index 0ef883b1..2c988f19 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-plugin-rhtsupport_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-plugin-rhtsupport_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
  
  title: 'Uninstall abrt-plugin-rhtsupport Package'
  
-@@ -21,7 +21,7 @@ identifiers:
- references:
+@@ -22,7 +22,7 @@ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
  
  {{{ complete_ocil_entry_package(package="abrt-plugin-rhtsupport") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
-index 484fb9a7..3f140aeb 100644
+index 5d142cb3..20f8cfea 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+-prodtype: fedora,ol7,ol8,rhel7,rhel8
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8
  
  title: 'Uninstall abrt-plugin-sosreport Package'
  
-@@ -20,7 +20,7 @@ identifiers:
- references:
+@@ -21,7 +21,7 @@ references:
      disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
+     stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
  
@@ -25009,7 +26325,7 @@ index 1210a1e8..58d95cc6 100644
  title: 'Uninstall geolite2-country Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
-index 43a60100..62ed0519 100644
+index d1a9c101..41250a96 100644
 --- a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -25020,17 +26336,17 @@ index 43a60100..62ed0519 100644
  
  title: 'Uninstall gssproxy Package'
  
-@@ -20,7 +20,7 @@ identifiers:
- references:
+@@ -21,7 +21,7 @@ references:
      disa: CCI-000381,CCI-000366
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040370
 -    stigid@rhel8: RHEL-08-040370
 +    stigid@almalinux8: RHEL-08-040370
  
  {{{ complete_ocil_entry_package(package="gssproxy") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
-index fe76c57b..6f6971a4 100644
+index 80057708..d1285a9c 100644
 --- a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -25041,17 +26357,17 @@ index fe76c57b..6f6971a4 100644
  
  title: 'Uninstall iprutils Package'
  
-@@ -21,7 +21,7 @@ identifiers:
- references:
+@@ -22,7 +22,7 @@ references:
      disa: CCI-000366
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040380
 -    stigid@rhel8: RHEL-08-040380
 +    stigid@almalinux8: RHEL-08-040380
  
  {{{ complete_ocil_entry_package(package="iprutils") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
-index 0e030e15..79bdf11b 100644
+index 81347484..2306a7d7 100644
 --- a/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -25062,15 +26378,15 @@ index 0e030e15..79bdf11b 100644
  
  title: 'Uninstall krb5-workstation Package'
  
-@@ -24,7 +24,7 @@ identifiers:
- references:
+@@ -25,7 +25,7 @@ references:
      disa: CCI-000803
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000120-GPOS-00061
+     stigid@ol8: OL08-00-010162
 -    stigid@rhel8: RHEL-08-010162
 +    stigid@almalinux8: RHEL-08-010162
  
- {{{ complete_ocil_entry_package(package="krb5-workstation") }}}
- 
+ platforms:
+ {{{ rule_notapplicable_when_ovirt_installed() | indent(4)}}}
 diff --git a/linux_os/guide/system/software/system-tools/package_libcap-ng-utils_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_libcap-ng-utils_installed/rule.yml
 index 6696d589..a0122c7c 100644
 --- a/linux_os/guide/system/software/system-tools/package_libcap-ng-utils_installed/rule.yml
@@ -25107,8 +26423,29 @@ index 80a273bf..74169dbe 100644
  
  title: 'Uninstall pigz Package'
  
+diff --git a/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
+index 2b34390f..b9e583ed 100644
+--- a/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
++++ b/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,rhel8
++prodtype: fedora,rhel8,almalinux8
+ 
+ title: 'Uninstall python3-abrt-addon Package'
+ 
+@@ -19,7 +19,7 @@ identifiers:
+ references:
+     disa: CCI-000381
+     srg: SRG-OS-000095-GPOS-00049
+-    stigid@rhel8: RHEL-08-040001
++    stigid@almalinux8: RHEL-08-040001
+ 
+ {{{ complete_ocil_entry_package(package="python3-abrt-addon") }}}
+ 
 diff --git a/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml
-index 2396f5bb..56da7af6 100644
+index efb59165..ae4176f6 100644
 --- a/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -25120,7 +26457,7 @@ index 2396f5bb..56da7af6 100644
  title: 'Install rear Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
-index 663a2706..319ef34c 100644
+index e0fd861e..12dc53fa 100644
 --- a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -25131,10 +26468,10 @@ index 663a2706..319ef34c 100644
  
  title: 'Install rng-tools Package'
  
-@@ -21,7 +21,7 @@ identifiers:
- references:
+@@ -22,7 +22,7 @@ references:
      disa: CCI-000366
      srg: SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-010472
 -    stigid@rhel8: RHEL-08-010472
 +    stigid@almalinux8: RHEL-08-010472
  
@@ -25153,7 +26490,7 @@ index a7f9dfd8..d5d24a55 100644
  title: 'Install scap-security-guide Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
-index b90a7588..5e93b020 100644
+index 32e5ce9a..fd1fd250 100644
 --- a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
 @@ -1,6 +1,6 @@
@@ -25177,7 +26514,7 @@ index e5b9a440..e3c2435f 100644
  title: 'Install tar Package'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
-index 9f5f17ec..9c5c9725 100644
+index a30fa893..c083f1ff 100644
 --- a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
 @@ -1,6 +1,6 @@
@@ -25188,10 +26525,10 @@ index 9f5f17ec..9c5c9725 100644
  
  title: 'Uninstall tuned Package'
  
-@@ -23,7 +23,7 @@ identifiers:
- references:
+@@ -24,7 +24,7 @@ references:
      disa: CCI-000366
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
+     stigid@ol8: OL08-00-040390
 -    stigid@rhel8: RHEL-08-040390
 +    stigid@almalinux8: RHEL-08-040390
  
@@ -25210,27 +26547,27 @@ index 0eb7a8dd..34344f55 100644
  title: 'Install vim Package'
  
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
-index caaeb5cd..b1f397c0 100644
+index 051e89da..895effa2 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
-index 929ef50c..d2207f47 100644
+index 41fcf825..db90731d 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
 +++ b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
  
  if grep --silent ^clean_requirements_on_remove /etc/yum.conf ; then
          sed -i "s/^clean_requirements_on_remove.*/clean_requirements_on_remove=1/g" /etc/yum.conf
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
-index b443bf0c..c15520fa 100644
+index 7a906355..1a73068e 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
 +++ b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
 @@ -1,6 +1,6 @@
@@ -25241,9 +26578,9 @@ index b443bf0c..c15520fa 100644
  
  title: 'Ensure {{{ pkg_manager }}} Removes Previous Package Versions'
  
-@@ -46,7 +46,7 @@ references:
-     srg: SRG-OS-000437-GPOS-00194
+@@ -47,7 +47,7 @@ references:
      stigid@ol7: OL07-00-020200
+     stigid@ol8: OL08-00-010440
      stigid@rhel7: RHEL-07-020200
 -    stigid@rhel8: RHEL-08-010440
 +    stigid@almalinux8: RHEL-08-010440
@@ -25471,37 +26808,17 @@ index 00000000..3e4fe227
 +    
    $ rpm -q --queryformat "%{SUMMARY}\n" gpg-pubkey
    
 +    The command should return the string below:
 +    
    gpg(AlmaLinux <packager@almalinux.org>
    
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/ansible/shared.yml
-index 24be33be..bd3c35ea 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/ansible/shared.yml
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = unknown
- # complexity = low
-@@ -20,7 +20,7 @@
-     value: 1
-     no_extra_spaces: yes
-     create: False
--  when: (ansible_distribution == "RedHat" or ansible_distribution == "CentOS" or ansible_distribution == "Scientific" or yum_config_file.stat.exists)
-+  when: (ansible_distribution == "RedHat" or ansible_distribution == "CentOS" or ansible_distribution == "Scientific" or ansible_distribution == "AlmaLinux" or yum_config_file.stat.exists)
- 
- - name: Ensure GPG check is globally activated (dnf)
-   ini_file:
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
-index 4469a468..80996789 100644
+index 2bf91c8c..b5f52073 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
- . /usr/share/scap-security-guide/remediation_functions
+@@ -1,3 +1,3 @@
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
  
- replace_or_append "{{{ pkg_manager_config_file }}}" '^gpgcheck' '1' '@CCENUM@'
+ {{{ bash_replace_or_append( pkg_manager_config_file , '^gpgcheck', '1') }}}
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
-index 8bf083bb..b2359634 100644
+index edb7748b..c0481718 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
 @@ -1,6 +1,6 @@
@@ -25512,9 +26829,9 @@ index 8bf083bb..b2359634 100644
  
  title: 'Ensure gpgcheck Enabled In Main {{{ pkg_manager }}} Configuration'
  
-@@ -57,7 +57,7 @@ references:
-     srg: SRG-OS-000366-GPOS-00153
+@@ -60,7 +60,7 @@ references:
      stigid@ol7: OL07-00-020050
+     stigid@ol8: OL08-00-010370
      stigid@rhel7: RHEL-07-020050
 -    stigid@rhel8: RHEL-08-010370
 +    stigid@almalinux8: RHEL-08-010370
@@ -25522,7 +26839,7 @@ index 8bf083bb..b2359634 100644
      stigid@sle15: SLES-15-010430
      vmmsrg: SRG-OS-000366-VMM-001430,SRG-OS-000370-VMM-001460,SRG-OS-000404-VMM-001650
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/ansible/shared.yml
-index 68553a12..c9cdb166 100644
+index 3cab4a16..e3cabb82 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -25531,17 +26848,8 @@ index 68553a12..c9cdb166 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-@@ -19,7 +19,7 @@
-     option: localpkg_gpgcheck
-     value: 1
-     create: True
--  when: (ansible_distribution == "RedHat" or ansible_distribution == "CentOS" or ansible_distribution == "Scientific" or yum_config_file.stat.exists)
-+  when: (ansible_distribution == "RedHat" or ansible_distribution == "CentOS" or ansible_distribution == "Scientific" or ansible_distribution == "AlmaLinux" or yum_config_file.stat.exists)
- 
- - name: Ensure GPG check Enabled for Local Packages (DNF)
-   ini_file:
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
-index 0f2bd164..de00472e 100644
+index 67da27c0..96a9e11d 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
 @@ -1,6 +1,6 @@
@@ -25552,9 +26860,9 @@ index 0f2bd164..de00472e 100644
  
  title: 'Ensure gpgcheck Enabled for Local Packages'
  
-@@ -40,7 +40,7 @@ references:
-     srg: SRG-OS-000366-GPOS-00153
+@@ -41,7 +41,7 @@ references:
      stigid@ol7: OL07-00-020060
+     stigid@ol8: OL08-00-010371
      stigid@rhel7: RHEL-07-020060
 -    stigid@rhel8: RHEL-08-010371
 +    stigid@almalinux8: RHEL-08-010371
@@ -25562,12 +26870,12 @@ index 0f2bd164..de00472e 100644
  
  ocil_clause: 'gpgcheck is not enabled or configured correctly to verify local packages'
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
-index a8cfc6e5..4ff55004 100644
+index c658f901..939ce9c2 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
  # reboot = false
  # strategy = enable
  # complexity = low
@@ -25580,17 +26888,37 @@ index a9b33d87..b1c33b4b 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
  sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/yum.repos.d/*
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
-index 85666c5f..7af9b6da 100644
+index 2c5501c7..c07a6357 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
 @@ -1,6 +1,6 @@
  documentation_complete: true
  
--prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
-+prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9,rhv4,sle12,sle15
  
  title: 'Ensure gpgcheck Enabled for All {{{ pkg_manager }}} Package Repositories'
  
+diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
+index 37e47e4d..a852e856 100644
+--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
++++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
+ 
+ sed -i 's/gpgcheck\s*=.*/gpgcheck=0/g' /etc/yum.repos.d/*
+diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
+index 04ff6e57..b97d7546 100644
+--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
++++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
+ 
+ sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/yum.repos.d/*
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml
 index be2c7aa1..40ff5875 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml
@@ -25616,17 +26944,17 @@ index dd52ba7e..18365b4b 100644
  title: 'Install dnf-automatic Package'
  
 diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh b/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh
-index 70de60d2..18a53cc0 100644
+index fd844d2a..2932351f 100644
 --- a/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh
 +++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  # reboot = true
  # strategy = patch
  # complexity = low
 diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
-index 85c56011..89741252 100644
+index 9e67a875..d73ecd56 100644
 --- a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
 +++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
 @@ -1,6 +1,6 @@
@@ -25649,9 +26977,9 @@ index 85c56011..89741252 100644
  {{% elif product in ["sle12", "sle15"] %}}
      If the system is configured for online updates, invoking the following command will list available
      security updates:
-@@ -62,7 +67,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
+@@ -63,7 +68,7 @@ references:
      stigid@ol7: OL07-00-020260
+     stigid@ol8: OL08-00-010010
      stigid@rhel7: RHEL-07-020260
 -    stigid@rhel8: RHEL-08-010010
 +    stigid@almalinux8: RHEL-08-010010
@@ -25672,10 +27000,10 @@ index f0ae5076..8936b05c 100644
  
 diff --git a/products/almalinux8/CMakeLists.txt b/products/almalinux8/CMakeLists.txt
 new file mode 100644
-index 00000000..c1ac2802
+index 00000000..6f48e657
 --- /dev/null
 +++ b/products/almalinux8/CMakeLists.txt
-@@ -0,0 +1,28 @@
+@@ -0,0 +1,29 @@
 +# Sometimes our users will try to do: "cd almalinux8; cmake ." That needs to error in a nice way.
 +if ("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}")
 +    message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!")
@@ -25686,14 +27014,15 @@ index 00000000..c1ac2802
 +
 +ssg_build_product(${PRODUCT})
 +
-+ssg_build_html_table_by_ref(${PRODUCT} "nist")
-+ssg_build_html_table_by_ref(${PRODUCT} "cui")
-+ssg_build_html_table_by_ref(${PRODUCT} "cis")
-+ssg_build_html_table_by_ref(${PRODUCT} "pcidss")
-+ssg_build_html_table_by_ref(${PRODUCT} "anssi")
++ssg_build_html_ref_tables("${PRODUCT}" "table-${PRODUCT}-{ref_id}refs" "anssi;cis;cui;nist;pcidss")
 +
-+ssg_build_html_nistrefs_table(${PRODUCT} "ospp")
-+ssg_build_html_nistrefs_table(${PRODUCT} "stig")
++ssg_build_html_profile_table("table-${PRODUCT}-nistrefs-ospp" "${PRODUCT}" "ospp" "nist")
++ssg_build_html_profile_table("table-${PRODUCT}-nistrefs-stig" "${PRODUCT}" "stig" "nist")
++
++ssg_build_html_profile_table("table-${PRODUCT}-anssirefs-bp28_minimal" "${PRODUCT}" "anssi_bp28_minimal" "anssi")
++ssg_build_html_profile_table("table-${PRODUCT}-anssirefs-bp28_enhanced" "${PRODUCT}" "anssi_bp28_enhanced" "anssi")
++ssg_build_html_profile_table("table-${PRODUCT}-anssirefs-bp28_intermediary" "${PRODUCT}" "anssi_bp28_intermediary" "anssi")
++ssg_build_html_profile_table("table-${PRODUCT}-anssirefs-bp28_high" "${PRODUCT}" "anssi_bp28_high" "anssi")
 +
 +ssg_build_html_cce_table(${PRODUCT})
 +
@@ -25706,10 +27035,10 @@ index 00000000..c1ac2802
 +#ssg_build_html_stig_tables(${PRODUCT} "ospp")
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_enhanced-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_enhanced-ks.cfg
 new file mode 100644
-index 00000000..b6701749
+index 00000000..995a0d8e
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_enhanced-ks.cfg
-@@ -0,0 +1,163 @@
+@@ -0,0 +1,169 @@
 +# SCAP Security Guide ANSSI BP-028 (enhanced) profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-01-28
@@ -25780,6 +27109,12 @@ index 00000000..b6701749
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
++# Set up the authentication options for the system (required)
++# sssd profile sets sha512 to hash passwords
++# passwords are shadowed by default
++# See the manual page for authselect-profile for a complete list of possible options.
++authselect select sssd
++
 +# Set the system time zone (required)
 +timezone --utc America/New_York
 +
@@ -25811,13 +27146,13 @@ index 00000000..b6701749
 +# Create particular logical volumes (optional)
 +logvol / --fstype=xfs --name=LogVol06 --vgname=VolGroup --size=3192 --grow
 +# Ensure /usr Located On Separate Partition
-+logvol /usr --fstype=xfs --name=LogVol08 --vgname=VolGroup --size=5000 --fsoptions="nodev"
++logvol /usr --fstype=xfs --name=LogVol08 --vgname=VolGroup --size=6536 --fsoptions="nodev"
 +# Ensure /opt Located On Separate Partition
-+logvol /opt --fstype=xfs --name=LogVol09 --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid"
++logvol /opt --fstype=xfs --name=LogVol09 --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid"
 +# Ensure /srv Located On Separate Partition
-+logvol /srv --fstype=xfs --name=LogVol10 --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid"
++logvol /srv --fstype=xfs --name=LogVol10 --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid"
 +# Ensure /home Located On Separate Partition
-+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
++logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=512 --fsoptions="nodev"
 +# Ensure /tmp Located On Separate Partition
 +logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
 +# Ensure /var/tmp Located On Separate Partition
@@ -25832,7 +27167,7 @@ index 00000000..b6701749
 +
 +# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
 +# content - security policies - on the installed system.This add-on has been enabled by default
-+# since RHEL 7.2. When enabled, the packages necessary to provide this
++# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this
 +# functionality will automatically be installed. However, by default, no policies are enforced,
 +# meaning that no checks are performed during or after installation unless specifically configured.
 +#
@@ -25875,10 +27210,10 @@ index 00000000..b6701749
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_high-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_high-ks.cfg
 new file mode 100644
-index 00000000..fe272bb1
+index 00000000..603835c3
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_high-ks.cfg
-@@ -0,0 +1,167 @@
+@@ -0,0 +1,173 @@
 +# SCAP Security Guide ANSSI BP-028 (high) profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2020-12-10
@@ -25949,6 +27284,12 @@ index 00000000..fe272bb1
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
++# Set up the authentication options for the system (required)
++# sssd profile sets sha512 to hash passwords
++# passwords are shadowed by default
++# See the manual page for authselect-profile for a complete list of possible options.
++authselect select sssd
++
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
 +selinux --enforcing
@@ -25984,13 +27325,13 @@ index 00000000..fe272bb1
 +# Create particular logical volumes (optional)
 +logvol / --fstype=xfs --name=LogVol06 --vgname=VolGroup --size=3192 --grow
 +# Ensure /usr Located On Separate Partition
-+logvol /usr --fstype=xfs --name=LogVol08 --vgname=VolGroup --size=5000 --fsoptions="nodev"
++logvol /usr --fstype=xfs --name=LogVol08 --vgname=VolGroup --size=6536 --fsoptions="nodev"
 +# Ensure /opt Located On Separate Partition
-+logvol /opt --fstype=xfs --name=LogVol09 --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid"
++logvol /opt --fstype=xfs --name=LogVol09 --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid"
 +# Ensure /srv Located On Separate Partition
-+logvol /srv --fstype=xfs --name=LogVol10 --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid"
++logvol /srv --fstype=xfs --name=LogVol10 --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid"
 +# Ensure /home Located On Separate Partition
-+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
++logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=512 --fsoptions="nodev"
 +# Ensure /tmp Located On Separate Partition
 +logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
 +# Ensure /var/tmp Located On Separate Partition
@@ -26005,7 +27346,7 @@ index 00000000..fe272bb1
 +
 +# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
 +# content - security policies - on the installed system.This add-on has been enabled by default
-+# since RHEL 7.2. When enabled, the packages necessary to provide this 
++# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
 +# functionality will automatically be installed. However, by default, no policies are enforced,
 +# meaning that no checks are performed during or after installation unless specifically configured.
 +#  
@@ -26048,10 +27389,10 @@ index 00000000..fe272bb1
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_intermediary-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_intermediary-ks.cfg
 new file mode 100644
-index 00000000..99294f42
+index 00000000..16b3faa0
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_intermediary-ks.cfg
-@@ -0,0 +1,163 @@
+@@ -0,0 +1,169 @@
 +# SCAP Security Guide ANSSI BP-028 (intermediary) profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-01-28
@@ -26122,6 +27463,12 @@ index 00000000..99294f42
 +# --ssh		allow sshd service through the firewall
 +firewall --enabled --ssh
 +
++# Set up the authentication options for the system (required)
++# sssd profile sets sha512 to hash passwords
++# passwords are shadowed by default
++# See the manual page for authselect-profile for a complete list of possible options.
++authselect select sssd
++
 +# Set the system time zone (required)
 +timezone --utc America/New_York
 +
@@ -26137,7 +27484,7 @@ index 00000000..99294f42
 +
 +# The following partition layout scheme assumes disk of size 20GB or larger
 +# Modify size of partitions appropriately to reflect actual machine's hardware
-+#
++# 
 +# Remove Linux partitions from the system prior to creating new ones (optional)
 +# --linux	erase all Linux partitions
 +# --initlabel	initialize the disk label to the default based on the underlying architecture
@@ -26153,13 +27500,13 @@ index 00000000..99294f42
 +# Create particular logical volumes (optional)
 +logvol / --fstype=xfs --name=LogVol06 --vgname=VolGroup --size=3192 --grow
 +# Ensure /usr Located On Separate Partition
-+logvol /usr --fstype=xfs --name=LogVol08 --vgname=VolGroup --size=5000 --fsoptions="nodev"
++logvol /usr --fstype=xfs --name=LogVol08 --vgname=VolGroup --size=6536 --fsoptions="nodev"
 +# Ensure /opt Located On Separate Partition
-+logvol /opt --fstype=xfs --name=LogVol09 --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid"
++logvol /opt --fstype=xfs --name=LogVol09 --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid"
 +# Ensure /srv Located On Separate Partition
-+logvol /srv --fstype=xfs --name=LogVol10 --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid"
++logvol /srv --fstype=xfs --name=LogVol10 --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid"
 +# Ensure /home Located On Separate Partition
-+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
++logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=512 --fsoptions="nodev"
 +# Ensure /tmp Located On Separate Partition
 +logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
 +# Ensure /var/tmp Located On Separate Partition
@@ -26174,17 +27521,17 @@ index 00000000..99294f42
 +
 +# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
 +# content - security policies - on the installed system.This add-on has been enabled by default
-+# since RHEL 7.2. When enabled, the packages necessary to provide this
++# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
 +# functionality will automatically be installed. However, by default, no policies are enforced,
 +# meaning that no checks are performed during or after installation unless specifically configured.
-+#
++#  
 +#  Important
 +#   Applying a security policy is not necessary on all systems. This screen should only be used
 +#   when a specific policy is mandated by your organization rules or government regulations.
 +#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
 +#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
 +#   Values can be optionally enclosed in single quotes (') or double quotes (").
-+#
++#   
 +#  The following keys are recognized by the add-on:
 +#    content-type - Type of the security content. Possible values are datastream, archive, rpm, and scap-security-guide.
 +#      - If the content-type is scap-security-guide, the add-on will use content provided by the
@@ -26198,7 +27545,7 @@ index 00000000..99294f42
 +#    tailoring-path - Path to a tailoring file which should be used, given as a relative path in the archive.
 +#
 +#  The following is an example %addon org_fedora_oscap section which uses content from the
-+#  scap-security-guide on the installation media:
++#  scap-security-guide on the installation media: 
 +%addon org_fedora_oscap
 +	content-type = scap-security-guide
 +	profile = xccdf_org.ssgproject.content_profile_anssi_bp28_intermediary
@@ -26217,10 +27564,10 @@ index 00000000..99294f42
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_minimal-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_minimal-ks.cfg
 new file mode 100644
-index 00000000..4fbcdb6a
+index 00000000..ba9b2eb4
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-anssi_bp28_minimal-ks.cfg
-@@ -0,0 +1,127 @@
+@@ -0,0 +1,133 @@
 +# SCAP Security Guide ANSSI BP-028 (minimal) profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-01-28
@@ -26281,6 +27628,12 @@ index 00000000..4fbcdb6a
 +# to see how to create encrypted password form for different plaintext password
 +rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
 +
++# Set up the authentication options for the system (required)
++# sssd profile sets sha512 to hash passwords
++# passwords are shadowed by default
++# See the manual page for authselect-profile for a complete list of possible options.
++authselect select sssd
++
 +# Set the system time zone (required)
 +timezone --utc America/New_York
 +
@@ -26307,7 +27660,7 @@ index 00000000..4fbcdb6a
 +
 +# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
 +# content - security policies - on the installed system.This add-on has been enabled by default
-+# since RHEL 7.2. When enabled, the packages necessary to provide this 
++# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
 +# functionality will automatically be installed. However, by default, no policies are enforced,
 +# meaning that no checks are performed during or after installation unless specifically configured.
 +#  
@@ -26350,11 +27703,11 @@ index 00000000..4fbcdb6a
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis-ks.cfg
 new file mode 100644
-index 00000000..200beffb
+index 00000000..b5d9a693
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cis-ks.cfg
 @@ -0,0 +1,143 @@
-+# SCAP Security Guide CIS profile (Level 2 - Server) kickstart for AlmaLinux 8 Server
++# SCAP Security Guide CIS profile (Level 2 - Server) kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-12
 +#
@@ -26499,11 +27852,11 @@ index 00000000..200beffb
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis_server_l1-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis_server_l1-ks.cfg
 new file mode 100644
-index 00000000..d5474115
+index 00000000..55e94b1c
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cis_server_l1-ks.cfg
 @@ -0,0 +1,133 @@
-+# SCAP Security Guide CIS profile (Level 1 - Server) kickstart for AlmaLinux 8 Server
++# SCAP Security Guide CIS profile (Level 1 - Server) kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-12
 +#
@@ -26611,7 +27964,7 @@ index 00000000..d5474115
 +volgroup VolGroup --pesize=4096 pv.01
 +
 +# Create particular logical volumes (optional)
-+logvol / --fstype=xfs --name=LogVol06 --vgname=VolGroup --size=10240 --grow
++logvol / --fstype=xfs --name=LogVol06 --vgname=VolGroup --size=16896 --grow
 +# Ensure /tmp Located On Separate Partition
 +logvol /tmp --fstype=xfs --name=LogVol01 --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
 +logvol swap --name=lv_swap --vgname=VolGroup --size=2016
@@ -26638,11 +27991,11 @@ index 00000000..d5474115
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l1-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l1-ks.cfg
 new file mode 100644
-index 00000000..2cabaa30
+index 00000000..c4a9001f
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l1-ks.cfg
 @@ -0,0 +1,133 @@
-+# SCAP Security Guide CIS profile (Level 1 - Workstation) kickstart for AlmaLinux 8 Server
++# SCAP Security Guide CIS profile (Level 1 - Workstation) kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-12
 +#
@@ -26750,7 +28103,7 @@ index 00000000..2cabaa30
 +volgroup VolGroup --pesize=4096 pv.01
 +
 +# Create particular logical volumes (optional)
-+logvol / --fstype=xfs --name=LogVol06 --vgname=VolGroup --size=10240 --grow
++logvol / --fstype=xfs --name=LogVol06 --vgname=VolGroup --size=16896 --grow
 +# Ensure /tmp Located On Separate Partition
 +logvol /tmp --fstype=xfs --name=LogVol01 --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
 +logvol swap --name=lv_swap --vgname=VolGroup --size=2016
@@ -26777,11 +28130,11 @@ index 00000000..2cabaa30
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l2-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l2-ks.cfg
 new file mode 100644
-index 00000000..09b19c64
+index 00000000..1b766f5e
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cis_workstation_l2-ks.cfg
 @@ -0,0 +1,143 @@
-+# SCAP Security Guide CIS profile (Level 2 - Workstation) kickstart for AlmaLinux 8 Server
++# SCAP Security Guide CIS profile (Level 2 - Workstation) kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-12
 +#
@@ -26926,7 +28279,7 @@ index 00000000..09b19c64
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-cui-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-cui-ks.cfg
 new file mode 100644
-index 00000000..69239029
+index 00000000..0255ad13
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-cui-ks.cfg
 @@ -0,0 +1,164 @@
@@ -26999,10 +28352,10 @@ index 00000000..69239029
 +firewall --enabled --ssh
 +
 +# Set up the authentication options for the system (required)
-+# --enableshadow	enable shadowed passwords by default
-+# --passalgo		hash / crypt algorithm for new passwords
-+# See the manual page for authconfig for a complete list of possible options.
-+authconfig --enableshadow --passalgo=sha512
++# sssd profile sets sha512 to hash passwords
++# passwords are shadowed by default
++# See the manual page for authselect-profile for a complete list of possible options.
++authselect select sssd
 +
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
@@ -27053,7 +28406,7 @@ index 00000000..69239029
 +
 +# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
 +# content - security policies - on the installed system.This add-on has been enabled by default
-+# since RHEL 7.2. When enabled, the packages necessary to provide this 
++# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
 +# functionality will automatically be installed. However, by default, no policies are enforced,
 +# meaning that no checks are performed during or after installation unless specifically configured.
 +#  
@@ -27096,11 +28449,11 @@ index 00000000..69239029
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-e8-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-e8-ks.cfg
 new file mode 100644
-index 00000000..4f4aa074
+index 00000000..410bb4ab
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-e8-ks.cfg
 @@ -0,0 +1,122 @@
-+# SCAP Security Guide Essential Eight profile kickstart for AlmaLinux 8 Server
++# SCAP Security Guide Essential Eight profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2019-11-13
 +#
@@ -27224,11 +28577,11 @@ index 00000000..4f4aa074
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-hipaa-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-hipaa-ks.cfg
 new file mode 100644
-index 00000000..7af28b5b
+index 00000000..90ba7a55
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-hipaa-ks.cfg
 @@ -0,0 +1,122 @@
-+# SCAP Security Guide HIPAA profile kickstart for AlmaLinux 8 Server
++# SCAP Security Guide HIPAA profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2020-05-25
 +#
@@ -27352,11 +28705,11 @@ index 00000000..7af28b5b
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-ism_o-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-ism_o-ks.cfg
 new file mode 100644
-index 00000000..4f469518
+index 00000000..2dc58251
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-ism_o-ks.cfg
 @@ -0,0 +1,116 @@
-+# SCAP Security Guide ISM Official profile kickstart for AlmaLinux 8 Server
++# SCAP Security Guide ISM Official profile kickstart for AlmaLinux 8
 +# Version: 0.0.1
 +# Date: 2021-08-16
 +#
@@ -27474,7 +28827,7 @@ index 00000000..4f469518
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-ospp-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-ospp-ks.cfg
 new file mode 100644
-index 00000000..3b3996d9
+index 00000000..d36a3a9d
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-ospp-ks.cfg
 @@ -0,0 +1,164 @@
@@ -27547,10 +28900,10 @@ index 00000000..3b3996d9
 +firewall --enabled --ssh
 +
 +# Set up the authentication options for the system (required)
-+# --enableshadow	enable shadowed passwords by default
-+# --passalgo		hash / crypt algorithm for new passwords
-+# See the manual page for authconfig for a complete list of possible options.
-+authconfig --enableshadow --passalgo=sha512
++# sssd profile sets sha512 to hash passwords
++# passwords are shadowed by default
++# See the manual page for authselect-profile for a complete list of possible options.
++authselect select sssd
 +
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
@@ -27601,7 +28954,7 @@ index 00000000..3b3996d9
 +
 +# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
 +# content - security policies - on the installed system.This add-on has been enabled by default
-+# since RHEL 7.2. When enabled, the packages necessary to provide this 
++# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
 +# functionality will automatically be installed. However, by default, no policies are enforced,
 +# meaning that no checks are performed during or after installation unless specifically configured.
 +#  
@@ -27644,7 +28997,7 @@ index 00000000..3b3996d9
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-pci-dss-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-pci-dss-ks.cfg
 new file mode 100644
-index 00000000..a2149a90
+index 00000000..219ee0fc
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-pci-dss-ks.cfg
 @@ -0,0 +1,154 @@
@@ -27708,10 +29061,10 @@ index 00000000..a2149a90
 +firewall --enabled --ssh
 +
 +# Set up the authentication options for the system (required)
-+# --enableshadow	enable shadowed passwords by default
-+# --passalgo		hash / crypt algorithm for new passwords
-+# See the manual page for authconfig for a complete list of possible options.
-+authconfig --enableshadow --passalgo=sha512
++# sssd profile sets sha512 to hash passwords
++# passwords are shadowed by default
++# See the manual page for authselect-profile for a complete list of possible options.
++authselect select sssd
 +
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
@@ -27765,7 +29118,7 @@ index 00000000..a2149a90
 +
 +# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
 +# content - security policies - on the installed system.This add-on has been enabled by default
-+# since RHEL 7.2. When enabled, the packages necessary to provide this 
++# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
 +# functionality will automatically be installed. However, by default, no policies are enforced,
 +# meaning that no checks are performed during or after installation unless specifically configured.
 +#  
@@ -27804,7 +29157,7 @@ index 00000000..a2149a90
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-stig-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-stig-ks.cfg
 new file mode 100644
-index 00000000..7ac37fbd
+index 00000000..866e49af
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-stig-ks.cfg
 @@ -0,0 +1,165 @@
@@ -27877,10 +29230,10 @@ index 00000000..7ac37fbd
 +firewall --enabled --ssh
 +
 +# Set up the authentication options for the system (required)
-+# --enableshadow	enable shadowed passwords by default
-+# --passalgo		hash / crypt algorithm for new passwords
-+# See the manual page for authconfig for a complete list of possible options.
-+authconfig --enableshadow --passalgo=sha512
++# sssd profile sets sha512 to hash passwords
++# passwords are shadowed by default
++# See the manual page for authselect-profile for a complete list of possible options.
++authselect select sssd
 +
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
@@ -27932,7 +29285,7 @@ index 00000000..7ac37fbd
 +
 +# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
 +# content - security policies - on the installed system.This add-on has been enabled by default
-+# since RHEL 7.2. When enabled, the packages necessary to provide this 
++# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
 +# functionality will automatically be installed. However, by default, no policies are enforced,
 +# meaning that no checks are performed during or after installation unless specifically configured.
 +#  
@@ -27975,7 +29328,7 @@ index 00000000..7ac37fbd
 +reboot --eject
 diff --git a/products/almalinux8/kickstart/ssg-almalinux8-stig_gui-ks.cfg b/products/almalinux8/kickstart/ssg-almalinux8-stig_gui-ks.cfg
 new file mode 100644
-index 00000000..4d7d477e
+index 00000000..699b5018
 --- /dev/null
 +++ b/products/almalinux8/kickstart/ssg-almalinux8-stig_gui-ks.cfg
 @@ -0,0 +1,165 @@
@@ -28048,10 +29401,10 @@ index 00000000..4d7d477e
 +firewall --enabled --ssh
 +
 +# Set up the authentication options for the system (required)
-+# --enableshadow	enable shadowed passwords by default
-+# --passalgo		hash / crypt algorithm for new passwords
-+# See the manual page for authconfig for a complete list of possible options.
-+authconfig --enableshadow --passalgo=sha512
++# sssd profile sets sha512 to hash passwords
++# passwords are shadowed by default
++# See the manual page for authselect-profile for a complete list of possible options.
++authselect select sssd
 +
 +# State of SELinux on the installed system (optional)
 +# Defaults to enforcing
@@ -28072,7 +29425,7 @@ index 00000000..4d7d477e
 +
 +# The following partition layout scheme assumes disk of size 20GB or larger
 +# Modify size of partitions appropriately to reflect actual machine's hardware
-+#
++# 
 +# Remove Linux partitions from the system prior to creating new ones (optional)
 +# --linux	erase all Linux partitions
 +# --initlabel	initialize the disk label to the default based on the underlying architecture
@@ -28103,17 +29456,17 @@ index 00000000..4d7d477e
 +
 +# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
 +# content - security policies - on the installed system.This add-on has been enabled by default
-+# since RHEL 7.2. When enabled, the packages necessary to provide this
++# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this 
 +# functionality will automatically be installed. However, by default, no policies are enforced,
 +# meaning that no checks are performed during or after installation unless specifically configured.
-+#
++#  
 +#  Important
 +#   Applying a security policy is not necessary on all systems. This screen should only be used
 +#   when a specific policy is mandated by your organization rules or government regulations.
 +#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
 +#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
 +#   Values can be optionally enclosed in single quotes (') or double quotes (").
-+#
++#   
 +#  The following keys are recognized by the add-on:
 +#    content-type - Type of the security content. Possible values are datastream, archive, rpm, and scap-security-guide.
 +#      - If the content-type is scap-security-guide, the add-on will use content provided by the
@@ -28127,7 +29480,7 @@ index 00000000..4d7d477e
 +#    tailoring-path - Path to a tailoring file which should be used, given as a relative path in the archive.
 +#
 +#  The following is an example %addon org_fedora_oscap section which uses content from the
-+#  scap-security-guide on the installation media:
++#  scap-security-guide on the installation media: 
 +%addon org_fedora_oscap
 +	content-type = scap-security-guide
 +	profile = xccdf_org.ssgproject.content_profile_stig_gui
@@ -28146,7 +29499,7 @@ index 00000000..4d7d477e
 +reboot --eject
 diff --git a/products/almalinux8/overlays/srg_support.xml b/products/almalinux8/overlays/srg_support.xml
 new file mode 100644
-index 00000000..08c87ea6
+index 00000000..153b22a8
 --- /dev/null
 +++ b/products/almalinux8/overlays/srg_support.xml
 @@ -0,0 +1,173 @@
@@ -28316,7 +29669,7 @@ index 00000000..08c87ea6
 +Procedures to promptly apply software updates must be established and
 +executed. The AlmaLinux operating system provides support for automating such a
 +process, by running the yum program through a cron job or by managing the
-+system and its packages through the Foreman.
++system and its packages through the the Foreman.
 +
 +
 +
@@ -28325,14 +29678,15 @@ index 00000000..08c87ea6
 +
 diff --git a/products/almalinux8/product.yml b/products/almalinux8/product.yml
 new file mode 100644
-index 00000000..052ac73e
+index 00000000..a3b26ef7
 --- /dev/null
 +++ b/products/almalinux8/product.yml
-@@ -0,0 +1,27 @@
+@@ -0,0 +1,34 @@
 +product: almalinux8
 +full_name: AlmaLinux 8
 +type: platform
 +
++benchmark_id: ALMALINUX-8
 +benchmark_root: "../../linux_os/guide"
 +
 +profiles_root: "./profiles"
@@ -28341,11 +29695,14 @@ index 00000000..052ac73e
 +
 +init_system: "systemd"
 +
-+oval_feed_url: "https://security.almalinux.org/oval/org.almalinux.alsa-8.xml"
-+
 +pkg_release: "5ffd890e"
 +pkg_version: "3abb34f8"
 +
++oval_feed_url: "https://security.almalinux.org/oval/org.almalinux.alsa-8.xml"
++
++grub2_boot_path: "/boot/grub2"
++grub2_uefi_boot_path: "/boot/efi/EFI/almalinux"
++
 +cpes_root: "../../shared/applicability"
 +cpes:
 +  - almalinux8:
@@ -28356,14 +29713,21 @@ index 00000000..052ac73e
 +# Mapping of CPE platform to package
 +platform_package_overrides:
 +  login_defs: "shadow-utils"
++
++reference_uris:
++  cis: 'https://www.cisecurity.org/benchmark/almalinuxos_linux/'
 diff --git a/products/almalinux8/profiles/anssi_bp28_enhanced.profile b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
 new file mode 100644
-index 00000000..4a34d1e2
+index 00000000..8f2ee314
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
-@@ -0,0 +1,16 @@
+@@ -0,0 +1,19 @@
 +documentation_complete: true
 +
++metadata:
++    SMEs:
++        - yuumasato
++
 +title: 'ANSSI-BP-028 (enhanced)'
 +
 +description: |-
@@ -28377,15 +29741,18 @@ index 00000000..4a34d1e2
 +
 +selections:
 +    - anssi:all:enhanced
-+    - '!selinux_state'
 diff --git a/products/almalinux8/profiles/anssi_bp28_high.profile b/products/almalinux8/profiles/anssi_bp28_high.profile
 new file mode 100644
-index 00000000..5336db82
+index 00000000..0cd4b67f
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_high.profile
-@@ -0,0 +1,15 @@
+@@ -0,0 +1,19 @@
 +documentation_complete: true
 +
++metadata:
++    SMEs:
++        - yuumasato
++
 +title: 'ANSSI-BP-028 (high)'
 +
 +description: |-
@@ -28401,12 +29768,16 @@ index 00000000..5336db82
 +    - anssi:all:high
 diff --git a/products/almalinux8/profiles/anssi_bp28_intermediary.profile b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
 new file mode 100644
-index 00000000..5b7bcebb
+index 00000000..9c9e4cc6
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
-@@ -0,0 +1,15 @@
+@@ -0,0 +1,19 @@
 +documentation_complete: true
 +
++metadata:
++    SMEs:
++        - yuumasato
++
 +title: 'ANSSI-BP-028 (intermediary)'
 +
 +description: |-
@@ -28422,12 +29793,16 @@ index 00000000..5b7bcebb
 +  - anssi:all:intermediary
 diff --git a/products/almalinux8/profiles/anssi_bp28_minimal.profile b/products/almalinux8/profiles/anssi_bp28_minimal.profile
 new file mode 100644
-index 00000000..b3fc48f8
+index 00000000..19a95efb
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_minimal.profile
-@@ -0,0 +1,16 @@
+@@ -0,0 +1,20 @@
 +documentation_complete: true
 +
++metadata:
++    SMEs:
++        - yuumasato
++
 +title: 'ANSSI-BP-028 (minimal)'
 +
 +description: |-
@@ -28444,19 +29819,19 @@ index 00000000..b3fc48f8
 +
 diff --git a/products/almalinux8/profiles/cis.profile b/products/almalinux8/profiles/cis.profile
 new file mode 100644
-index 00000000..d598a219
+index 00000000..8a76db5d
 --- /dev/null
 +++ b/products/almalinux8/profiles/cis.profile
 @@ -0,0 +1,22 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: 1.0.0
++    version: 1.0.1
 +    SMEs:
 +        - vojtapolasek
 +        - yuumasato
 +
-+reference: https://www.cisecurity.org/benchmark/almalinux/
++reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
 +
 +title: 'CIS AlmaLinux OS 8 Benchmark for Level 2 - Server'
 +
@@ -28472,19 +29847,19 @@ index 00000000..d598a219
 +    - cis_rhel8:all:l2_server
 diff --git a/products/almalinux8/profiles/cis_server_l1.profile b/products/almalinux8/profiles/cis_server_l1.profile
 new file mode 100644
-index 00000000..050a7789
+index 00000000..2da081cd
 --- /dev/null
 +++ b/products/almalinux8/profiles/cis_server_l1.profile
 @@ -0,0 +1,22 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: 1.0.0
++    version: 1.0.1
 +    SMEs:
 +        - vojtapolasek
 +        - yuumasato
 +
-+reference: https://www.cisecurity.org/benchmark/almalinux/
++reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
 +
 +title: 'CIS AlmaLinux OS 8 Benchmark for Level 1 - Server'
 +
@@ -28500,19 +29875,19 @@ index 00000000..050a7789
 +    - cis_rhel8:all:l1_server
 diff --git a/products/almalinux8/profiles/cis_workstation_l1.profile b/products/almalinux8/profiles/cis_workstation_l1.profile
 new file mode 100644
-index 00000000..8ffc95a4
+index 00000000..2ee3bf7c
 --- /dev/null
 +++ b/products/almalinux8/profiles/cis_workstation_l1.profile
 @@ -0,0 +1,22 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: 1.0.0
++    version: 1.0.1
 +    SMEs:
 +        - vojtapolasek
 +        - yuumasato
 +
-+reference: https://www.cisecurity.org/benchmark/almalinux/
++reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
 +
 +title: 'CIS AlmaLinux OS 8 Benchmark for Level 1 - Workstation'
 +
@@ -28528,19 +29903,19 @@ index 00000000..8ffc95a4
 +    - cis_rhel8:all:l1_workstation
 diff --git a/products/almalinux8/profiles/cis_workstation_l2.profile b/products/almalinux8/profiles/cis_workstation_l2.profile
 new file mode 100644
-index 00000000..9df68893
+index 00000000..8af16bfe
 --- /dev/null
 +++ b/products/almalinux8/profiles/cis_workstation_l2.profile
 @@ -0,0 +1,22 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: 1.0.0
++    version: 1.0.1
 +    SMEs:
 +        - vojtapolasek
 +        - yuumasato
 +
-+reference: https://www.cisecurity.org/benchmark/almalinux/
++reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
 +
 +title: 'CIS AlmaLinux OS 8 Benchmark for Level 2 - Workstation'
 +
@@ -28556,16 +29931,16 @@ index 00000000..9df68893
 +    - cis_rhel8:all:l2_workstation
 diff --git a/products/almalinux8/profiles/cjis.profile b/products/almalinux8/profiles/cjis.profile
 new file mode 100644
-index 00000000..eec51034
+index 00000000..f3f28bda
 --- /dev/null
 +++ b/products/almalinux8/profiles/cjis.profile
-@@ -0,0 +1,140 @@
+@@ -0,0 +1,141 @@
 +documentation_complete: false
 +
 +metadata:
 +    version: 5.4
 +    SMEs:
-+        - carlosmmatos
++        - ggbecker
 +
 +reference: https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center
 +
@@ -28639,6 +30014,7 @@ index 00000000..eec51034
 +    - accounts_password_pam_difok
 +    - accounts_max_concurrent_login_sessions
 +    - set_password_hashing_algorithm_systemauth
++    - set_password_hashing_algorithm_passwordauth
 +    - set_password_hashing_algorithm_logindefs
 +    - set_password_hashing_algorithm_libuserconf
 +    - file_owner_etc_shadow
@@ -28702,7 +30078,7 @@ index 00000000..eec51034
 +    - kernel_module_bluetooth_disabled
 diff --git a/products/almalinux8/profiles/cui.profile b/products/almalinux8/profiles/cui.profile
 new file mode 100644
-index 00000000..53197176
+index 00000000..b772740c
 --- /dev/null
 +++ b/products/almalinux8/profiles/cui.profile
 @@ -0,0 +1,32 @@
@@ -28711,7 +30087,7 @@ index 00000000..53197176
 +metadata:
 +    version: TBD
 +    SMEs:
-+        - carlosmmatos
++        - ggbecker
 +
 +title: 'Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)'
 +
@@ -28730,7 +30106,7 @@ index 00000000..53197176
 +    supplement the basic security requirements, are taken from the security controls
 +    in NIST Special Publication 800-53.
 +
-+    This profile configures AlmaLinux 8 to the NIST Special
++    This profile configures AlmaLinux OS 8 to the NIST Special
 +    Publication 800-53 controls identified for securing Controlled Unclassified
 +    Information (CUI)."
 +
@@ -28740,7 +30116,7 @@ index 00000000..53197176
 +    - inactivity_timeout_value=10_minutes
 diff --git a/products/almalinux8/profiles/e8.profile b/products/almalinux8/profiles/e8.profile
 new file mode 100644
-index 00000000..d154b66f
+index 00000000..65004519
 --- /dev/null
 +++ b/products/almalinux8/profiles/e8.profile
 @@ -0,0 +1,149 @@
@@ -28750,12 +30126,12 @@ index 00000000..d154b66f
 +    SMEs:
 +        - shaneboulden
 +
-+reference: https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers 
++reference: https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers
 +
 +title: 'Australian Cyber Security Centre (ACSC) Essential Eight'
 +
 +description: |-
-+  This profile contains configuration checks for AlmaLinux 8
++  This profile contains configuration checks for AlmaLinux OS 8
 +  that align to the Australian Cyber Security Centre (ACSC) Essential Eight.
 +
 +  A copy of the Essential Eight in Linux Environments guide can be found at the
@@ -28895,16 +30271,15 @@ index 00000000..d154b66f
 +  - package_rear_installed
 diff --git a/products/almalinux8/profiles/hipaa.profile b/products/almalinux8/profiles/hipaa.profile
 new file mode 100644
-index 00000000..43305cc2
+index 00000000..2e8a33d3
 --- /dev/null
 +++ b/products/almalinux8/profiles/hipaa.profile
-@@ -0,0 +1,165 @@
+@@ -0,0 +1,164 @@
 +documentation_complete: True
 +
 +metadata:
 +    SMEs:
 +        - jjaswanson4
-+        - carlosmmatos
 +
 +reference: https://www.hhs.gov/hipaa/for-professionals/index.html
 +
@@ -28920,7 +30295,7 @@ index 00000000..43305cc2
 +
 +    This profile configures AlmaLinux 8 to the HIPAA Security
 +    Rule identified for securing of electronic protected health information.
-+    Use of this profile in no way guarantees or makes claims against legal compliance against the HIPAA Security Rule(s).   
++    Use of this profile in no way guarantees or makes claims against legal compliance against the HIPAA Security Rule(s).
 +
 +selections:
 +    - grub2_password
@@ -29066,7 +30441,7 @@ index 00000000..43305cc2
 +    - audit_rules_usergroup_modification_shadow
 diff --git a/products/almalinux8/profiles/ism_o.profile b/products/almalinux8/profiles/ism_o.profile
 new file mode 100644
-index 00000000..63aa09b3
+index 00000000..2a281cdc
 --- /dev/null
 +++ b/products/almalinux8/profiles/ism_o.profile
 @@ -0,0 +1,135 @@
@@ -29088,7 +30463,7 @@ index 00000000..63aa09b3
 +  with the applicability marking of OFFICIAL.
 +
 +  The ISM uses a risk-based approach to cyber security. This profile provides a guide to aligning
-+  AlmaLinux security controls with the ISM, which can be used to select controls
++  Red Hat Enterprise Linux security controls with the ISM, which can be used to select controls
 +  specific to an organisation's security posture and risk profile.
 +
 +  A copy of the ISM can be found at the ACSC website:
@@ -29238,7 +30613,7 @@ index 00000000..d1d1b8af
 +    #netlabel_tools
 diff --git a/products/almalinux8/profiles/ospp.profile b/products/almalinux8/profiles/ospp.profile
 new file mode 100644
-index 00000000..ce4ccaf3
+index 00000000..9d06f9a9
 --- /dev/null
 +++ b/products/almalinux8/profiles/ospp.profile
 @@ -0,0 +1,445 @@
@@ -29248,7 +30623,6 @@ index 00000000..ce4ccaf3
 +    version: 4.2.1
 +    SMEs:
 +        - comps
-+        - carlosmmatos
 +        - stevegrubb
 +
 +reference: https://www.niap-ccevs.org/Profile/PP.cfm
@@ -29408,6 +30782,7 @@ index 00000000..ce4ccaf3
 +    - auditd_log_format
 +    - auditd_freq
 +    - auditd_name_format
++    - auditd_audispd_syslog_plugin_activated
 +
 +    ### Module Blacklist
 +    - kernel_module_cramfs_disabled
@@ -29449,7 +30824,7 @@ index 00000000..ce4ccaf3
 +    - package_nfs-utils_removed
 +    - package_krb5-workstation_removed
 +    - package_abrt-addon-kerneloops_removed
-+    - package_abrt-addon-python_removed
++    - package_python3-abrt-addon_removed
 +    - package_abrt-addon-ccpp_removed
 +    - package_abrt-plugin-rhtsupport_removed
 +    - package_abrt-plugin-logger_removed
@@ -29689,19 +31064,19 @@ index 00000000..ce4ccaf3
 +    - zipl_vsyscall_argument.severity=info
 diff --git a/products/almalinux8/profiles/pci-dss.profile b/products/almalinux8/profiles/pci-dss.profile
 new file mode 100644
-index 00000000..9faa9b1f
+index 00000000..7b64de5e
 --- /dev/null
 +++ b/products/almalinux8/profiles/pci-dss.profile
-@@ -0,0 +1,148 @@
+@@ -0,0 +1,149 @@
 +documentation_complete: true
 +
 +metadata:
 +    SMEs:
-+        - carlosmmatos
++        - yuumasato
 +
 +reference: https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf
 +
-+title: 'PCI-DSS v3.2.1 Control Baseline for AlmaLinux 8'
++title: 'PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 8'
 +
 +description: |-
 +    Ensures PCI-DSS v3.2.1 security configuration settings are applied.
@@ -29821,6 +31196,7 @@ index 00000000..9faa9b1f
 +    - service_pcscd_enabled
 +    - sssd_enable_smartcards
 +    - set_password_hashing_algorithm_systemauth
++    - set_password_hashing_algorithm_passwordauth
 +    - set_password_hashing_algorithm_logindefs
 +    - set_password_hashing_algorithm_libuserconf
 +    - file_owner_etc_shadow
@@ -29843,10 +31219,10 @@ index 00000000..9faa9b1f
 +    - configure_kerberos_crypto_policy
 diff --git a/products/almalinux8/profiles/rht-ccp.profile b/products/almalinux8/profiles/rht-ccp.profile
 new file mode 100644
-index 00000000..282e0b0b
+index 00000000..2ac2f5e4
 --- /dev/null
 +++ b/products/almalinux8/profiles/rht-ccp.profile
-@@ -0,0 +1,100 @@
+@@ -0,0 +1,102 @@
 +documentation_complete: false
 +
 +title: 'Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)'
@@ -29854,7 +31230,8 @@ index 00000000..282e0b0b
 +description: |-
 +    This profile contains the minimum security relevant
 +    configuration settings recommended by Red Hat, Inc for
-+    instances deployed by Red Hat Certified Cloud Providers.
++    Red Hat Enterprise Linux 8 instances deployed by Red Hat Certified
++    Cloud Providers.
 +
 +selections:
 +    - var_selinux_state=enforcing
@@ -29902,6 +31279,7 @@ index 00000000..282e0b0b
 +    - accounts_password_pam_difok
 +    - accounts_passwords_pam_faillock_deny
 +    - set_password_hashing_algorithm_systemauth
++    - set_password_hashing_algorithm_passwordauth
 +    - set_password_hashing_algorithm_logindefs
 +    - set_password_hashing_algorithm_libuserconf
 +    - require_singleuser_auth
@@ -29949,17 +31327,17 @@ index 00000000..282e0b0b
 +    - configure_ssh_crypto_policy
 diff --git a/products/almalinux8/profiles/standard.profile b/products/almalinux8/profiles/standard.profile
 new file mode 100644
-index 00000000..7904d13c
+index 00000000..da736594
 --- /dev/null
 +++ b/products/almalinux8/profiles/standard.profile
 @@ -0,0 +1,67 @@
 +documentation_complete: false
 +
-+title: 'Standard System Security Profile for AlmaLinux 8'
++title: 'Standard System Security Profile for AlmaLinux OS 8'
 +
 +description: |-
 +    This profile contains rules to ensure standard security baseline
-+    of a AlmaLinux 8 system. Regardless of your system's workload
++    of a AlmaLinux OS 8 system. Regardless of your system's workload
 +    all of these checks should pass.
 +
 +selections:
@@ -30022,24 +31400,35 @@ index 00000000..7904d13c
 +    - configure_kerberos_crypto_policy
 diff --git a/products/almalinux8/profiles/stig.profile b/products/almalinux8/profiles/stig.profile
 new file mode 100644
-index 00000000..ec8f3137
+index 00000000..c76af959
 --- /dev/null
 +++ b/products/almalinux8/profiles/stig.profile
-@@ -0,0 +1,1186 @@
+@@ -0,0 +1,1180 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: V1R3
++    version: V1R5
 +    SMEs:
++        - mab879
 +        - ggbecker
 +
 +reference: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
 +
-+title: 'DISA STIG for AlmaLinux 8'
++title: 'DISA STIG for Red Hat Enterprise Linux 8'
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG for AlmaLinux 8 V1R3.
++    DISA STIG for Red Hat Enterprise Linux 8 V1R5.
++
++    In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this
++    configuration baseline as applicable to the operating system tier of
++    Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as:
++
++    - Red Hat Enterprise Linux Server
++    - Red Hat Enterprise Linux Workstation and Desktop
++    - Red Hat Enterprise Linux for HPC
++    - Red Hat Storage
++    - Red Hat Containers with a Red Hat Enterprise Linux 8 image
 +
 +selections:
 +    ### Variables
@@ -30068,7 +31457,7 @@ index 00000000..ec8f3137
 +    - var_password_pam_lcredit=1
 +    - var_password_pam_retry=3
 +    - var_password_pam_minlen=15
-+    - var_sshd_set_keepalive=0
++    # - var_sshd_set_keepalive=0
 +    - sshd_approved_macs=stig
 +    - sshd_approved_ciphers=stig
 +    - sshd_idle_timeout_value=10_minutes
@@ -30088,6 +31477,8 @@ index 00000000..ec8f3137
 +    - var_auditd_disk_error_action=halt
 +    - var_auditd_max_log_file_action=syslog
 +    - var_auditd_disk_full_action=halt
++    - var_sssd_certificate_verification_digest_function=sha1
++    - login_banner_text=dod_banners
 +
 +    ### Enable / Configure FIPS
 +    - enable_fips_mode
@@ -30164,6 +31555,9 @@ index 00000000..ec8f3137
 +    # RHEL-08-010152
 +    - require_emergency_target_auth
 +
++    # RHEL-08-010159
++    - set_password_hashing_algorithm_passwordauth
++
 +    # RHEL-08-010160
 +    - set_password_hashing_algorithm_systemauth
 +
@@ -30179,16 +31573,16 @@ index 00000000..ec8f3137
 +    # RHEL-08-010171
 +    - package_policycoreutils_installed
 +
-+    # RHEL-08-010180
-+
 +    # RHEL-08-010190
 +    - dir_perms_world_writable_sticky_bits
 +
-+    # RHEL-08-010200
-+    - sshd_set_keepalive_0
-+
-+    # RHEL-08-010201
-+    - sshd_set_idle_timeout
++    # These two items don't behave as they used to in RHEL8.6 and RHEL9
++    # anymore. They will be disabled for now until an alternative
++    # solution is found.
++    # # RHEL-08-010200
++    # - sshd_set_keepalive_0
++    # # RHEL-08-010201
++    # - sshd_set_idle_timeout
 +
 +    # RHEL-08-010210
 +    - file_permissions_var_log_messages
@@ -30208,9 +31602,7 @@ index 00000000..ec8f3137
 +    # RHEL-08-010260
 +    - file_groupowner_var_log
 +
-+    # *** SHARED *** #
-+    # RHEL-08-010290 && RHEL-08-010291
-+    # *** SHARED *** #
++    # RHEL-08-010287
 +    - configure_ssh_crypto_policy
 +
 +    # RHEL-08-010290
@@ -30245,15 +31637,25 @@ index 00000000..ec8f3137
 +    # RHEL-08-010330
 +    - file_permissions_library_dirs
 +
++    # RHEL-08-010331
++    - dir_permissions_library_dirs
++
 +    # RHEL-08-010340
 +    - file_ownership_library_dirs
 +
++    # RHEL-08-010341
++    - dir_ownership_library_dirs
++
 +    # RHEL-08-010350
 +    - root_permissions_syslibrary_files
++
++    # RHEL-08-010351
 +    - dir_group_ownership_library_dirs
 +
-+    # RHEL-08-010360
++    # RHEL-08-010359
 +    - package_aide_installed
++
++    # RHEL-08-010360
 +    - aide_scan_notification
 +
 +    # RHEL-08-010370
@@ -30277,6 +31679,9 @@ index 00000000..ec8f3137
 +    # RHEL-08-010376
 +    - sysctl_kernel_perf_event_paranoid
 +
++    # RHEL-08-010379
++    - sudoers_default_includedir
++
 +    # RHEL-08-010380
 +    - sudo_remove_nopasswd
 +
@@ -30297,6 +31702,7 @@ index 00000000..ec8f3137
 +    - install_smartcard_packages
 +
 +    # RHEL-08-010400
++    - sssd_certificate_verification
 +
 +    # RHEL-08-010410
 +    - package_opensc_installed
@@ -30368,15 +31774,11 @@ index 00000000..ec8f3137
 +    - partition_for_tmp
 +
 +    # RHEL-08-010544
-+    ### NOTE: Will probably show up in V1R3 - Q3 of 21'
 +    - partition_for_var_tmp
 +
 +    # RHEL-08-010550
 +    - sshd_disable_root_login
 +
-+    # RHEL-08-010560
-+    - service_auditd_enabled
-+
 +    # RHEL-08-010561
 +    - service_rsyslog_enabled
 +
@@ -30478,38 +31880,27 @@ index 00000000..ec8f3137
 +    # RHEL-08-020000
 +    - account_temp_expire_date
 +
-+    # RHEL-08-020010
++    # RHEL-08-020010, RHEL-08-020011, RHEL-08-020025, RHEL-08-020026
 +    - accounts_passwords_pam_faillock_deny
 +
-+    # RHEL-08-020011
-+
-+    # RHEL-08-020012
++    # RHEL-08-020012, RHEL-08-020013
 +    - accounts_passwords_pam_faillock_interval
 +
-+    # RHEL-08-020013
-+
-+    # RHEL-08-020014
++    # RHEL-08-020014, RHEL-08-020016, RHEL-08-020017
 +    - accounts_passwords_pam_faillock_unlock_time
 +
 +    # RHEL-08-020015
 +
-+    # RHEL-08-020016
-+
-+    # RHEL-08-020017
-+
-+    # RHEL-08-020018
-+
-+    # RHEL-08-020019
++    # RHEL-08-020018, RHEL-08-020019
++    - accounts_passwords_pam_faillock_deny
 +
 +    # RHEL-08-020020
 +
 +    # RHEL-08-020021
 +
-+    # RHEL-08-020022
++    # RHEL-08-020022, RHEL-08-020023
 +    - accounts_passwords_pam_faillock_deny_root
 +
-+    # RHEL-08-020023
-+
 +    # RHEL-08-020024
 +    - accounts_max_concurrent_login_sessions
 +
@@ -30543,6 +31934,20 @@ index 00000000..ec8f3137
 +    - sssd_enable_certmap
 +
 +    # RHEL-08-020100
++    - accounts_password_pam_pwquality_password_auth
++
++    # RHEL-08-020101
++    - accounts_password_pam_pwquality_system_auth
++
++    # RHEL-08-020102
++    # This is only required for RHEL8 systems below version 8.4 where the
++    # retry parameter was not yet available on /etc/security/pwquality.conf.
++
++    # RHEL-08-020103
++    # This is only required for RHEL8 systems below version 8.4 where the
++    # retry parameter was not yet available on /etc/security/pwquality.conf.
++
++    # RHEL-08-020104
 +    - accounts_password_pam_retry
 +
 +    # RHEL-08-020110
@@ -30580,6 +31985,8 @@ index 00000000..ec8f3137
 +
 +    # RHEL-08-020220
 +    - accounts_password_pam_pwhistory_remember_system_auth
++
++    # RHEL-08-020221
 +    - accounts_password_pam_pwhistory_remember_password_auth
 +
 +    # RHEL-08-020230
@@ -30637,6 +32044,8 @@ index 00000000..ec8f3137
 +
 +    # RHEL-08-020353
 +    - accounts_umask_etc_bashrc
++    - accounts_umask_etc_csh_cshrc
++    - accounts_umask_etc_profile
 +
 +    # RHEL-08-030000
 +    - audit_rules_suid_privilege_function
@@ -30730,18 +32139,11 @@ index 00000000..ec8f3137
 +
 +    # RHEL-08-030200
 +    - audit_rules_dac_modification_lremovexattr
-+
-+    # RHEL-08-030210
 +    - audit_rules_dac_modification_removexattr
-+
-+    # RHEL-08-030220
 +    - audit_rules_dac_modification_lsetxattr
-+
-+    # RHEL-08-030230
 +    - audit_rules_dac_modification_fsetxattr
-+
-+    # RHEL-08-030240
 +    - audit_rules_dac_modification_fremovexattr
++    - audit_rules_dac_modification_setxattr
 +
 +    # RHEL-08-030250
 +    - audit_rules_privileged_commands_chage
@@ -30749,8 +32151,6 @@ index 00000000..ec8f3137
 +    # RHEL-08-030260
 +    - audit_rules_execution_chcon
 +
-+    # RHEL-08-030270
-+    - audit_rules_dac_modification_setxattr
 +
 +    # RHEL-08-030280
 +    - audit_rules_privileged_commands_ssh_agent
@@ -30805,28 +32205,18 @@ index 00000000..ec8f3137
 +
 +    # RHEL-08-030360
 +    - audit_rules_kernel_module_loading_init
++    - audit_rules_kernel_module_loading_finit
 +
 +    # RHEL-08-030361
 +    - audit_rules_file_deletion_events_rename
-+
-+    # RHEL-08-030362
 +    - audit_rules_file_deletion_events_renameat
-+
-+    # RHEL-08-030363
 +    - audit_rules_file_deletion_events_rmdir
-+
-+    # RHEL-08-030364
 +    - audit_rules_file_deletion_events_unlink
-+
-+    # RHEL-08-030365
 +    - audit_rules_file_deletion_events_unlinkat
 +
 +    # RHEL-08-030370
 +    - audit_rules_privileged_commands_gpasswd
 +
-+    # RHEL-08-030380
-+    - audit_rules_kernel_module_loading_finit
-+
 +    # RHEL-08-030390
 +    - audit_rules_kernel_module_loading_delete
 +
@@ -30838,41 +32228,21 @@ index 00000000..ec8f3137
 +
 +    # RHEL-08-030420
 +    - audit_rules_unsuccessful_file_modification_truncate
-+
-+    # RHEL-08-030430
 +    - audit_rules_unsuccessful_file_modification_openat
-+
-+    # RHEL-08-030440
 +    - audit_rules_unsuccessful_file_modification_open
-+
-+    # RHEL-08-030450
 +    - audit_rules_unsuccessful_file_modification_open_by_handle_at
-+
-+    # RHEL-08-030460
 +    - audit_rules_unsuccessful_file_modification_ftruncate
-+
-+    # RHEL-08-030470
 +    - audit_rules_unsuccessful_file_modification_creat
 +
 +    # RHEL-08-030480
 +    - audit_rules_dac_modification_chown
++    - audit_rules_dac_modification_lchown
++    - audit_rules_dac_modification_fchownat
++    - audit_rules_dac_modification_fchown
 +
 +    # RHEL-08-030490
 +    - audit_rules_dac_modification_chmod
-+
-+    # RHEL-08-030500
-+    - audit_rules_dac_modification_lchown
-+
-+    # RHEL-08-030510
-+    - audit_rules_dac_modification_fchownat
-+
-+    # RHEL-08-030520
-+    - audit_rules_dac_modification_fchown
-+
-+    # RHEL-08-030530
 +    - audit_rules_dac_modification_fchmodat
-+
-+    # RHEL-08-030540
 +    - audit_rules_dac_modification_fchmod
 +
 +    # RHEL-08-030550
@@ -30948,6 +32318,7 @@ index 00000000..ec8f3137
 +    # RHEL-08-030740
 +    # remediation fails because default configuration file contains pool instead of server keyword
 +    - chronyd_or_ntpd_set_maxpoll
++    - chronyd_server_directive
 +
 +    # RHEL-08-030741
 +    - chronyd_client_only
@@ -30962,7 +32333,7 @@ index 00000000..ec8f3137
 +    - package_abrt_removed
 +    - package_abrt-addon-ccpp_removed
 +    - package_abrt-addon-kerneloops_removed
-+    - package_abrt-addon-python_removed
++    - package_python3-abrt-addon_removed
 +    - package_abrt-cli_removed
 +    - package_abrt-plugin-logger_removed
 +    - package_abrt-plugin-rhtsupport_removed
@@ -31176,9 +32547,7 @@ index 00000000..ec8f3137
 +    - sysctl_net_core_bpf_jit_harden
 +
 +    # RHEL-08-040290
-+    # /etc/postfix/main.cf does not exist on default installation resulting in error during remediation
-+    # there needs to be a new platform check to identify when postfix is installed or not
-+    # - postfix_prevent_unrestricted_relay
++    - postfix_prevent_unrestricted_relay
 +
 +    # RHEL-08-040300
 +    - aide_verify_ext_attributes
@@ -31189,6 +32558,9 @@ index 00000000..ec8f3137
 +    # RHEL-08-040320
 +    - xwindows_remove_packages
 +
++    # RHEL-08-040321
++    - xwindows_runlevel_target
++
 +    # RHEL-08-040330
 +    - network_sniffer_disabled
 +
@@ -31214,36 +32586,50 @@ index 00000000..ec8f3137
 +    - package_tuned_removed
 diff --git a/products/almalinux8/profiles/stig_gui.profile b/products/almalinux8/profiles/stig_gui.profile
 new file mode 100644
-index 00000000..e5d85108
+index 00000000..d29ceb9c
 --- /dev/null
 +++ b/products/almalinux8/profiles/stig_gui.profile
-@@ -0,0 +1,26 @@
+@@ -0,0 +1,40 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: V1R3
++    version: V1R5
 +    SMEs:
++        - mab879
 +        - ggbecker
 +
 +reference: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
 +
-+title: 'DISA STIG with GUI for AlmaLinux 8'
++title: 'DISA STIG with GUI for Red Hat Enterprise Linux 8'
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG with GUI for AlmaLinux 8 V1R3.
++    DISA STIG with GUI for Red Hat Enterprise Linux 8 V1R5.
++
++    In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this
++    configuration baseline as applicable to the operating system tier of
++    Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as:
++
++    - Red Hat Enterprise Linux Server
++    - Red Hat Enterprise Linux Workstation and Desktop
++    - Red Hat Enterprise Linux for HPC
++    - Red Hat Storage
++    - Red Hat Containers with a Red Hat Enterprise Linux 8 image
 +
 +    Warning: The installation and use of a Graphical User Interface (GUI)
 +    increases your attack vector and decreases your overall security posture. If
 +    your Information Systems Security Officer (ISSO) lacks a documented operational
 +    requirement for a graphical user interface, please consider using the
-+    standard DISA STIG for AlmaLinux 8 profile.
++    standard DISA STIG for Red Hat Enterprise Linux 8 profile.
 +
 +extends: stig
 +
 +selections:
 +    # RHEL-08-040320
 +    - '!xwindows_remove_packages'
++
++    # RHEL-08-040321
++    - '!xwindows_runlevel_target'
 diff --git a/products/almalinux8/transforms/cci2html.xsl b/products/almalinux8/transforms/cci2html.xsl
 new file mode 100644
 index 00000000..f5e327b3
@@ -31258,10 +32644,10 @@ index 00000000..f5e327b3
 +
 diff --git a/products/almalinux8/transforms/constants.xslt b/products/almalinux8/transforms/constants.xslt
 new file mode 100644
-index 00000000..7a98cad6
+index 00000000..92f8f9c4
 --- /dev/null
 +++ b/products/almalinux8/transforms/constants.xslt
-@@ -0,0 +1,21 @@
+@@ -0,0 +1,13 @@
 +
 +
 +
@@ -31271,31 +32657,9 @@ index 00000000..7a98cad6
 +AL_8_STIG
 +almalinux8
 +
-+empty
-+AL-8
-+
++https://www.cisecurity.org/benchmark/almalinuxos_linux/
 +
 +
-+
-+
-+
-+
-+
-+
-+
-diff --git a/products/almalinux8/transforms/shorthand2xccdf.xslt b/products/almalinux8/transforms/shorthand2xccdf.xslt
-new file mode 100644
-index 00000000..4b191e90
---- /dev/null
-+++ b/products/almalinux8/transforms/shorthand2xccdf.xslt
-@@ -0,0 +1,8 @@
-+
-+
-+
-+
-+
-+unknown
-+
 +
 diff --git a/products/almalinux8/transforms/table-add-srgitems.xslt b/products/almalinux8/transforms/table-add-srgitems.xslt
 new file mode 100644
@@ -31377,21 +32741,6 @@ index 00000000..a4e7d736
 +
 +
 +
-diff --git a/products/almalinux8/transforms/xccdf2table-byref.xslt b/products/almalinux8/transforms/xccdf2table-byref.xslt
-new file mode 100644
-index 00000000..1cdb679c
---- /dev/null
-+++ b/products/almalinux8/transforms/xccdf2table-byref.xslt
-@@ -0,0 +1,9 @@
-+
-+
-+
-+
-+
-+
-+
-+
-+
 diff --git a/products/almalinux8/transforms/xccdf2table-cce.xslt b/products/almalinux8/transforms/xccdf2table-cce.xslt
 new file mode 100644
 index 00000000..f156a669
@@ -31407,20 +32756,6 @@ index 00000000..f156a669
 +
 +
 +
-diff --git a/products/almalinux8/transforms/xccdf2table-profileanssirefs.xslt b/products/almalinux8/transforms/xccdf2table-profileanssirefs.xslt
-new file mode 100644
-index 00000000..6fff5e71
---- /dev/null
-+++ b/products/almalinux8/transforms/xccdf2table-profileanssirefs.xslt
-@@ -0,0 +1,8 @@
-+
-+
-+
-+
-+
-+
-+
-+
 diff --git a/products/almalinux8/transforms/xccdf2table-profileccirefs.xslt b/products/almalinux8/transforms/xccdf2table-profileccirefs.xslt
 new file mode 100644
 index 00000000..30419e92
@@ -31495,14 +32830,14 @@ index 00000000..a71d8364
 +
 +
 diff --git a/shared/checks/oval/install_mcafee_hbss.xml b/shared/checks/oval/install_mcafee_hbss.xml
-index 7e2f41cd..1a9d9072 100644
+index 7e2f41cd..d20940a8 100644
 --- a/shared/checks/oval/install_mcafee_hbss.xml
 +++ b/shared/checks/oval/install_mcafee_hbss.xml
 @@ -10,6 +10,7 @@
  	multi_platform_ol
  	multi_platform_rhcos
  	multi_platform_rhel
-+  multi_platform_almalinux
++multi_platform_almalinux
  	multi_platform_rhv
  	multi_platform_sle
  	multi_platform_ubuntu
@@ -31549,211 +32884,3341 @@ index 00000000..91af880d
 +
 +
 diff --git a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-index 41847663..0b470d64 100644
+index 41847663..be250510 100644
 --- a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
 +++ b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
 @@ -10,6 +10,7 @@
  	multi_platform_ol
  	multi_platform_rhcos
  	multi_platform_rhel
-+  multi_platform_almalinux
++multi_platform_almalinux
  	multi_platform_rhv
  	multi_platform_sle
  	multi_platform_ubuntu
-diff --git a/shared/references/disa-stig-almalinux8-v1r3-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v1r3-xccdf-manual.xml
+diff --git a/shared/references/disa-stig-almalinux8-v1r4-xccdf-scap.xml b/shared/references/disa-stig-almalinux8-v1r4-xccdf-scap.xml
 new file mode 120000
-index 00000000..57dae81b
+index 00000000..37c20342
 --- /dev/null
-+++ b/shared/references/disa-stig-almalinux8-v1r3-xccdf-manual.xml
++++ b/shared/references/disa-stig-almalinux8-v1r4-xccdf-scap.xml
 @@ -0,0 +1 @@
-+disa-stig-rhel8-v1r3-xccdf-manual.xml
++disa-stig-rhel8-v1r4-xccdf-scap.xml
 \ No newline at end of file
+diff --git a/shared/references/disa-stig-almalinux8-v1r5-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v1r5-xccdf-manual.xml
+new file mode 120000
+index 00000000..df167cfd
+--- /dev/null
++++ b/shared/references/disa-stig-almalinux8-v1r5-xccdf-manual.xml
+@@ -0,0 +1 @@
++disa-stig-rhel8-v1r5-xccdf-manual.xml
+\ No newline at end of file
+diff --git a/shared/references/disa-stig-ol7-v2r4-xccdf-manual.xml b/shared/references/disa-stig-ol7-v2r4-xccdf-manual.xml
+index 3c8a6475..457f2c2a 100644
+--- a/shared/references/disa-stig-ol7-v2r4-xccdf-manual.xml
++++ b/shared/references/disa-stig-ol7-v2r4-xccdf-manual.xml
+@@ -986,18 +986,18 @@ password_pbkdf2 root {hash from grub2-mkpasswd-pbkdf2 command}
+ Generate a new "grub.conf" file with the new password with the following commands:
+ 
+ # grub2-mkconfig --output=/tmp/grub2.cfg
+-# mv /tmp/grub2.cfg /boot/efi/EFI/redhat/grub.cfgFor systems that use BIOS, this is Not Applicable.
++# mv /tmp/grub2.cfg /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
+ For systems that are running Oracle Linux 7.2 or newer, this is Not Applicable.
+ 
+ Check to see if an encrypted root password is set. On systems that use UEFI, use the following command:
+ 
+-# grep -i password /boot/efi/EFI/redhat/grub.cfg
++# grep -i password /boot/efi/EFI/almalinux/grub.cfg
+ 
+ password_pbkdf2 [superusers-account] [password-hash]
+ 
+ If the root password entry does not begin with "password_pbkdf2", this is a finding.
+ 
+-If the "superusers-account" is not set to "root", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010491Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089V-99143SV-108247CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++If the "superusers-account" is not set to "root", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010491Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089V-99143SV-108247CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+ 
+ Generate an encrypted grub2 password for the grub superusers account with the following command:
+ 
+@@ -1009,7 +1009,7 @@ For systems that are running a version of Oracle Linux prior to 7.2, this is Not
+ 
+ Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
+ 
+-$ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
++$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
+ GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
+ 
+ If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000104-GPOS-00051<GroupDescription></GroupDescription>OL07-00-010500The Oracle Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.<VulnDiscussion>To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
+@@ -1919,7 +1919,7 @@ On BIOS-based machines, use the following command:
+ 
+ On UEFI-based machines, use the following command:
+ 
+-# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
++# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
+ 
+ If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=<partition of /boot or /boot/efi> must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
+ 
+@@ -1950,7 +1950,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
+ 
+ If a "dracut-fips" package is installed, check to see if the kernel command line is configured to use FIPS mode with the following command:
+ 
+-Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
++Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
+ 
+ # grep fips /boot/grub2/grub.cfg
+ /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0 rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us rd.lvm.lv=rhel/root rhgb fips=1 quiet
+@@ -2047,14 +2047,14 @@ All=p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
+ 
+ If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2 approved cryptographic hashes for validating file contents and directories, this is a finding.SRG-OS-000364-GPOS-00151<GroupDescription></GroupDescription>OL07-00-021700The Oracle Linux operating system must not allow removable media to be used as the boot loader unless approved.<VulnDiscussion>Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the Information System Security Officer (ISSO).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089SV-108367V-99263CCI-001813Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.Verify the system is not configured to use a boot loader on removable media.
+ 
+-Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
++Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
+ 
+ Check for the existence of alternate boot loader configuration files with the following command:
+ 
+ # find / -name grub.cfg
+ /boot/grub2/grub.cfg
+ 
+-If a "grub.cfg" is found in any subdirectories other than "/boot/grub2" and "/boot/efi/EFI/redhat", ask the System Administrator if there is documentation signed by the ISSO to approve the use of removable media as a boot loader. 
++If a "grub.cfg" is found in any subdirectories other than "/boot/grub2" and "/boot/efi/EFI/almalinux", ask the System Administrator if there is documentation signed by the ISSO to approve the use of removable media as a boot loader. 
+ 
+ Check that the grub configuration file has the set root command in each menu entry with the following commands:
+ 
+@@ -5058,7 +5058,7 @@ export superusers
+ 
+ If "superusers" is not set to a unique name or is missing a name, this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010492Oracle Linux operating systems version 7.2 or newer booted with United Extensible Firmware Interface (UEFI) must have a unique name for the grub superusers account when booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089CCI-000213Configure the system to require a grub bootloader password for the grub superusers account.
+ 
+-Edit the /boot/efi/EFI/redhat/grub.cfg file and add or modify the following lines in the "### BEGIN /etc/grub.d/01_users ###" section:
++Edit the /boot/efi/EFI/almalinux/grub.cfg file and add or modify the following lines in the "### BEGIN /etc/grub.d/01_users ###" section:
+ 
+ set superusers="[someuniquestringhere]"
+ export superusers
+@@ -5067,7 +5067,7 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}SRG-OS-000033-GPOS-00014<GroupDescription></GroupDescription>OL08-00-010020OL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.<VulnDiscussion>Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated. 
+  
+-OL 8 uses GRUB 2 as the default bootloader. Note that GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines. 
++OL 8 uses GRUB 2 as the default bootloader. Note that GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines. 
+  
+ The fips=1 kernel option needs to be added to the kernel command line during system installation so that key generation is done with FIPS-approved algorithms and continuous monitoring tests in place. Users should also ensure the system has plenty of entropy during the installation process by moving the mouse around, or if no mouse is available, ensuring that many keystrokes are typed. The recommended number of keystrokes is 256 and more. Fewer than 256 keystrokes may generate a non-unique key.
+ 
+@@ -450,7 +450,7 @@ $ sudo grep rounds /etc/pam.d/system-auth
+  
+ password sufficient pam_unix.so sha512 rounds=5000 
+  
+-If "rounds" has a value below "5000" or is commented out, this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL08-00-010140OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 8DISADPMS TargetOracle Linux 85416CCI-000213Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
++If "rounds" has a value below "5000" or is commented out, this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL08-00-010140OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 8DISADPMS TargetOracle Linux 85416CCI-000213Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
+  
+ Generate an encrypted grub2 password for the grub superusers account with the following command: 
+  
+@@ -460,7 +460,7 @@ Confirm password:For systems that use BIOS, this is Not Applicable.
++$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
+ 
+ Verify that a unique name is set as the "superusers" account:
+ 
+-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
++$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
+ set superusers="[someuniqueUserNamehere]"
+ export superusers
+ 
+diff --git a/shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml b/shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml
+index a674d506..e8361c77 100644
+--- a/shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml
++++ b/shared/references/disa-stig-rhel7-v3r5-xccdf-manual.xml
+@@ -905,7 +905,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
+ $ sudo grep -iw grub2_password /boot/grub2/user.cfg
+ GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
+ 
+-If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-07-010491Red Hat Enterprise Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 7DISADPMS TargetRed Hat Enterprise Linux 72899SV-95719V-81007CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-07-010491Red Hat Enterprise Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 7DISADPMS TargetRed Hat Enterprise Linux 72899SV-95719V-81007CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+ 
+ Generate an encrypted grub2 password for the grub superusers account with the following command:
+ 
+@@ -917,7 +917,7 @@ For systems that are running a version of RHEL prior to 7.2, this is Not Applica
+ 
+ Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
+ 
+-$ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
++$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
+ GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
+ 
+ If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000104-GPOS-00051<GroupDescription></GroupDescription>RHEL-07-010500The Red Hat Enterprise Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.<VulnDiscussion>To assure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
+@@ -1866,7 +1866,7 @@ On BIOS-based machines, use the following command:
+ 
+ On UEFI-based machines, use the following command:
+ 
+-# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
++# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
+ 
+ If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=<partition of /boot or /boot/efi> must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
+ 
+@@ -1897,7 +1897,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
+ 
+ If a "dracut-fips" package is installed, check to see if the kernel command line is configured to use FIPS mode with the following command:
+ 
+-Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
++Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
+ 
+ # grep fips /boot/grub2/grub.cfg
+ /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0 rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us rd.lvm.lv=rhel/root rhgb fips=1 quiet
+@@ -1995,14 +1995,14 @@ All=p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
+ 
+ If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.SRG-OS-000364-GPOS-00151<GroupDescription></GroupDescription>RHEL-07-021700The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved.<VulnDiscussion>Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the Information System Security Officer (ISSO).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 7DISADPMS TargetRed Hat Enterprise Linux 72899SV-86699V-72075CCI-000318CCI-000368CCI-001812CCI-001813CCI-001814Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.Verify the system is not configured to use a boot loader on removable media.
+ 
+-Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
++Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
+ 
+ Check for the existence of alternate boot loader configuration files with the following command:
+ 
+ # find / -name grub.cfg
+ /boot/grub2/grub.cfg
+ 
+-If a "grub.cfg" is found in any subdirectories other than "/boot/grub2" and "/boot/efi/EFI/redhat", ask the System Administrator if there is documentation signed by the ISSO to approve the use of removable media as a boot loader. 
++If a "grub.cfg" is found in any subdirectories other than "/boot/grub2" and "/boot/efi/EFI/almalinux", ask the System Administrator if there is documentation signed by the ISSO to approve the use of removable media as a boot loader. 
+ 
+ Check that the grub configuration file has the set root command in each menu entry with the following commands:
+ 
+@@ -4969,7 +4969,7 @@ Verify that a unique name is set as the "superusers" account:
+ If "superusers" is identical to any OS account name or is missing a name, this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-07-010492Red Hat Enterprise Linux operating systems version 7.2 or newer booted with United Extensible Firmware Interface (UEFI) must have a unique name for the grub superusers account when booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
+ The GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 7DISADPMS TargetRed Hat Enterprise Linux 72899CCI-000213Configure the system to have a unique name for the grub superusers account.
+ 
+-Edit the /boot/efi/EFI/redhat/grub.cfg file and add or modify the following lines in the "### BEGIN /etc/grub.d/01_users ###" section:
++Edit the /boot/efi/EFI/almalinux/grub.cfg file and add or modify the following lines in the "### BEGIN /etc/grub.d/01_users ###" section:
+ 
+ set superusers="[someuniquestringhere]"
+ export superusers
+@@ -4979,7 +4979,7 @@ For systems that are running a version of RHEL prior to 7.2, this is Not Applica
+ 
+ Verify that a unique name is set as the "superusers" account:
+ 
+-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
++$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
+     set superusers="[someuniquestringhere]"
+     export superusers
+ 
+diff --git a/shared/references/disa-stig-rhel7-v3r5-xccdf-scap.xml b/shared/references/disa-stig-rhel7-v3r5-xccdf-scap.xml
+index 9a270474..6750a087 100644
+--- a/shared/references/disa-stig-rhel7-v3r5-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel7-v3r5-xccdf-scap.xml
+@@ -3449,7 +3449,7 @@ Confirm password:
+           SV-95719
+           V-81007
+           CCI-000213
+-          Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++          Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+ 
+ Generate an encrypted grub2 password for the grub superusers account with the following command:
+ 
+@@ -4223,7 +4223,7 @@ On BIOS-based machines, use the following command:
+ 
+ On UEFI-based machines, use the following command:
+ 
+-# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
++# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
+ 
+ If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=<partition of /boot or /boot/efi> must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
+ 
+@@ -8494,7 +8494,8 @@ Note: The "[value]" must be a number that is greater than or equal to "0".Disable Prelinking
+             
+               multi_platform_fedora
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+               multi_platform_rhel-osp
+             
+             The prelinking feature can interfere with the operation of
+@@ -8525,7 +8526,8 @@ Note: The "[value]" must be a number that is greater than or equal to "0".
+             Package openssh-server Removed
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+               multi_platform_fedora
+               multi_platform_sle
+             
+@@ -9442,7 +9444,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+           
+             Limit Password Reuse
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+               multi_platform_fedora
+             
+             The passwords to remember should be set correctly.
+@@ -9464,7 +9467,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+           
+             RHEL-07-040160 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements.
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free up resources committed by the managed network element. 
+ 
+@@ -9573,7 +9577,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - chmod
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             The changing of file permissions and attributes should be audited.
+             
+@@ -9616,7 +9621,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - chown
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -9645,7 +9651,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - fchmod
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -9674,7 +9681,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - fchmodat
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -9703,7 +9711,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - fchown
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -9732,7 +9741,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - fchownat
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -9761,7 +9771,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - fremovexattr
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -9790,7 +9801,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - fsetxattr
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -9819,7 +9831,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - lchown
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -9848,7 +9861,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - lremovexattr
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -9877,7 +9891,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - lsetxattr
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -9906,7 +9921,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - removexattr
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -9935,7 +9951,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Audit Discretionary Access Control Modification Events - setxattr
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -11246,7 +11263,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Disable Host-Based Authentication
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             SSH host-based authentication should be disabled.
+             
+@@ -11261,7 +11279,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Package prelink Removed
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             The RPM package prelink should be removed.
+             
+@@ -11404,7 +11423,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Mount Remote Filesystems with nosuid
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -11434,7 +11454,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Package net-snmp Removed
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             The RPM package net-snmp should be removed.
+             
+@@ -11461,7 +11482,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Package telnet-server Removed
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             The RPM package telnet-server should be removed.
+             
+@@ -11489,7 +11511,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Package vsftpd Removed
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             The RPM package vsftpd should be removed.
+             
+@@ -11502,7 +11525,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Package xorg-x11-server-common Removed
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+               multi_platform_fedora
+             
+             
+@@ -11531,7 +11555,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Ensure /home Located On Separate Partition
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             If user home directories will be stored locally, create a
+       separate partition for /home. If /home will be mounted from another
+@@ -11549,7 +11574,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Ensure /var Located On Separate Partition
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -11567,7 +11593,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Ensure /var/log/audit Located On Separate Partition
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -11586,7 +11613,8 @@ Terminating network connections associated with communications sessions includes
+             Verify File Hashes with RPM
+             
+               multi_platform_fedora
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             Verify the RPM digests of system binaries using the RPM database.
+             
+@@ -11660,7 +11688,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Ensure Only Protocol 2 Connections Allowed
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+               multi_platform_debian
+               multi_platform_ubuntu
+             
+@@ -11696,7 +11725,8 @@ Terminating network connections associated with communications sessions includes
+           
+             Disable .rhosts Files
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             
+             
+@@ -11761,7 +11791,8 @@ This should be disabled.
+           
+             Do Not Allow Users to Set Environment Options
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+             
+             PermitUserEnvironment should be disabled
+             
+@@ -12113,7 +12144,8 @@ By specifying a cipher list with the order of ciphers being in a "strongest to w
+           
+             Package openssh-server is version 7.4 or higher
+             
+-              multi_platform_rhel
++              multi_platform_rhel
++multi_platform_almalinux
+               multi_platform_fedora
+               multi_platform_sle
+             
+@@ -12384,12 +12416,12 @@ The ability to enable/disable a session lock is given to the user by default. Di
+             The UEFI grub2 boot loader should have password protection enabled.
+             
+           
+-          
++          
+             
+-            
++            
+             
+-              
+-              
++              
++              
+             
+           
+         
+@@ -13399,7 +13431,7 @@ The ability to enable/disable a session lock is given to the user by default. Di
+         
+           
+         
+-        
++        
+           
+         
+         
+@@ -13964,10 +13996,10 @@ The ability to enable/disable a session lock is given to the user by default. Di
+         
+           
+         
+-        
++        
+           
+         
+-        
++        
+           
+         
+         
+@@ -15542,7 +15574,7 @@ The ability to enable/disable a session lock is given to the user by default. Di
+           /boot/grub2/grub.cfg
+         
+         
+-          /boot/efi/EFI/redhat/grub.cfg
++          /boot/efi/EFI/almalinux/grub.cfg
+         
+         
+           
+@@ -16385,12 +16417,12 @@ The ability to enable/disable a session lock is given to the user by default. Di
+           1
+         
+         
+-          /boot/efi/EFI/redhat/user.cfg
++          /boot/efi/EFI/almalinux/user.cfg
+           ^[\s]*GRUB2_PASSWORD=grub\.pbkdf2\.sha512\.\S+$
+           1
+         
+         
+-          /boot/efi/EFI/redhat/grub.cfg
++          /boot/efi/EFI/almalinux/grub.cfg
+           ^[\s]*set[\s]+superusers=\"\S+\"$
+           1
+         
+@@ -16950,7 +16982,7 @@ The ability to enable/disable a session lock is given to the user by default. Di
+         
+         
+           /boot/grub2/grub.cfg
+-          /boot/efi/EFI/redhat/grub.cfg
++          /boot/efi/EFI/almalinux/grub.cfg
+         
+         
+           
+diff --git a/shared/references/disa-stig-rhel8-v1r4-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v1r4-xccdf-scap.xml
+index 24c8f3e5..122efe4f 100644
+--- a/shared/references/disa-stig-rhel8-v1r4-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel8-v1r4-xccdf-scap.xml
+@@ -2493,7 +2493,7 @@ SHA_CRYPT_MIN_ROUNDS 5000
+             2921
+           
+           CCI-000213
+-          Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++          Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+ 
+ Generate an encrypted grub2 password for the grub superusers account with the following command:
+ 
+@@ -9399,7 +9399,8 @@ Note: The "[value]" must be a number that is greater than or equal to "0".
+             IPv6 is disabled in the kernel.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             IPv6 is disabled in the kernel, either via a kernel cmdline option or sysctl.
+           
+@@ -9415,7 +9416,8 @@ Note: The "[value]" must be a number that is greater than or equal to "0".
+             OpenSSH is installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             OpenSSH is installed
+           
+@@ -9443,7 +9445,8 @@ Red Hat offers the Extended Update Support (EUS) ad-on to a Red Hat Enterprise L
+           
+             RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the Federal Government since this provides assurance they have been tested and validated.
+ 
+@@ -9460,7 +9463,8 @@ The fips=1 kernel option needs to be added to the kernel command line during sys
+           
+             RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.
+ 
+@@ -9476,7 +9480,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The system must use a strong hashing algorithm to store the password.
+ 
+@@ -9490,7 +9495,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The system must use a strong hashing algorithm to store the password. The system must use a sufficient number of hashing rounds to ensure the required level of entropy.
+ 
+@@ -9505,15 +9511,16 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
+           
+-          
+-            
++          
++            
+             
+-              
+-              
++              
++              
+             
+           
+         
+@@ -9521,7 +9528,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
+           
+@@ -9537,7 +9545,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010160 - RHEL 8 operating systems must require authentication upon booting into rescue mode.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If the system does not require valid root authentication before it boots into rescue mode, anyone who invokes rescue mode is granted privileged access to all files on the system.
+           
+@@ -9549,7 +9558,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -9565,7 +9575,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -9585,7 +9596,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -9605,7 +9617,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010171 - RHEL 8 must have the policycoreutils package installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
+ 
+@@ -9619,7 +9632,8 @@ Policycoreutils contains the policy core utilities that are required for basic o
+           
+             RHEL-08-010200 - RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Terminating an idle SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
+ 
+@@ -9636,7 +9650,8 @@ RHEL 8 utilizes /etc/ssh/sshd_config for configurations of OpenSSH. Within the s
+           
+             RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -9650,7 +9665,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010220 - The RHEL 8 /var/log/messages file must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -9664,7 +9680,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010230 - The RHEL 8 /var/log/messages file must be group-owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -9678,7 +9695,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010240 - The RHEL 8 /var/log directory must have mode 0755 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -9692,7 +9710,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010250 - The RHEL 8 /var/log directory must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -9706,7 +9725,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -9720,7 +9740,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010292 - RHEL 8 must ensure the SSH server uses strong entropy.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.
+ 
+@@ -9736,7 +9757,8 @@ The SSH implementation in RHEL8 uses the OPENSSL library, which does not use hig
+           
+             RHEL-08-010294 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the OpenSSL package.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
+ 
+@@ -9764,7 +9786,8 @@ RHEL 8 incorporates system-wide crypto policies by default.  The employed algori
+           
+             RHEL-08-010300 - RHEL 8 system commands must have mode 755 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -9778,7 +9801,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010310 - RHEL 8 system commands must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -9792,7 +9816,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -9806,7 +9831,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010370 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
+ 
+@@ -9823,7 +9849,8 @@ Verifying the authenticity of the software prior to installation validates the i
+           
+             RHEL-08-010371 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
+ 
+@@ -9839,7 +9866,8 @@ Verifying the authenticity of the software prior to installation validates the i
+           
+             RHEL-08-010372 - RHEL 8 must prevent the loading of a new kernel for later execution.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
+ Disabling kexec_load prevents an unsigned kernel image (that could be a windows kernel or modified vulnerable kernel) from being loaded. Kexec can be used subvert the entire secureboot process and should be avoided at all costs especially since it can load unsigned kernel images.
+@@ -9861,7 +9889,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-010373 - RHEL 8 must enable kernel parameters to enforce discretionary access control on symlinks.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write).  Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment.  DAC allows the owner to determine who will have access to objects they control.  An example of DAC includes user-controlled file permissions.  
+ 
+@@ -9887,7 +9916,8 @@ Based on the information above, if a configuration file begins with "99-" is cre
+           
+             RHEL-08-010374 - RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
+ 
+@@ -9914,7 +9944,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-010375 - RHEL 8 must restrict access to the kernel message buffer.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
+ 
+@@ -9942,7 +9973,8 @@ Based on the information above, if a configuration file begins with "99-" is cre
+           
+             RHEL-08-010376 - RHEL 8 must prevent kernel profiling by unprivileged users.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
+ 
+@@ -9971,7 +10003,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-010380 - RHEL 8 must require users to provide a password for privilege escalation.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
+ 
+@@ -9986,7 +10019,8 @@ When operating systems provide the capability to escalate a functional capabilit
+           
+             RHEL-08-010381 - RHEL 8 must require users to reauthenticate for privilege escalation.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
+ 
+@@ -10001,7 +10035,8 @@ When operating systems provide the capability to escalate a functional capabilit
+           
+             RHEL-08-010390 - RHEL 8 must have the packages required for multifactor authentication installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Using an authentication device, such as a DoD Common Access Card (CAC) or token that is separate from the information system, ensures that even if the information system is compromised, credentials stored on the authentication device will not be affected.
+ 
+@@ -10021,7 +10056,8 @@ This requirement only applies to components where this is specific to the functi
+           
+             RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.
+           
+@@ -10033,7 +10069,8 @@ This requirement only applies to components where this is specific to the functi
+           
+             RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
+ 
+@@ -10047,7 +10084,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010460 - There must be no shosts.equiv files on the RHEL 8 operating system.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "shosts.equiv" files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
+           
+@@ -10059,7 +10097,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010470 - There must be no .shosts files on the RHEL 8 operating system.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The ".shosts" files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
+           
+@@ -10071,7 +10110,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010480 - The RHEL 8 SSH public host key files must have mode 0644 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If a public host key file is modified by an unauthorized user, the SSH service may be compromised.
+           
+@@ -10084,7 +10124,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010490 - The RHEL 8 SSH private host key files must have mode 0600 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If an unauthorized user obtains the private SSH host key file, the host could be impersonated.
+           
+@@ -10097,7 +10138,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010500 - The RHEL 8 SSH daemon must perform strict mode checking of home directory configuration files.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If other users have access to modify user-specific SSH configuration files, they may be able to log on to the system as another user.
+           
+@@ -10110,7 +10152,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010510 - The RHEL 8 SSH daemon must not allow compression or must only allow compression after successful authentication.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.
+           
+@@ -10123,7 +10166,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010520 - The RHEL 8 SSH daemon must not allow authentication using known hosts authentication.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.
+           
+@@ -10136,7 +10180,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010521 - The RHEL 8 SSH daemon must not allow Kerberos authentication, except to fulfill documented and validated mission requirements.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Configuring these settings for the SSH daemon provides additional assurance that remote logon via SSH will not use Kerberos authentication, even in the event of misconfiguration elsewhere.
+           
+@@ -10149,7 +10194,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010540 - RHEL 8 must use a separate file system for /var.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -10162,7 +10208,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010541 - RHEL 8 must use a separate file system for /var/log.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -10175,7 +10222,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010542 - RHEL 8 must use a separate file system for the system audit data path.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -10188,7 +10236,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010543 - A separate RHEL 8 filesystem must be used for the /tmp directory.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -10201,7 +10250,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010550 - RHEL 8 must not permit direct logons to the root account using remote access via SSH.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Even though the communications channel may be encrypted, an additional layer of security is gained by extending the policy of not logging on directly as root. In addition, logging on with a user-specific account provides individual accountability of actions performed on the system.
+           
+@@ -10214,7 +10264,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010560 - The auditd service must be running in RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
+ 
+@@ -10229,7 +10280,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010561 - The rsyslog service must be running in RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
+ 
+@@ -10244,12 +10296,13 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010571 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+           
+-            
++            
+             
+               
+               
+@@ -10260,7 +10313,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010580 - RHEL 8 must prevent special devices on non-root local partitions.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.  The only legitimate location for device files is the /dev directory located on the root partition.
+           
+@@ -10273,7 +10327,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010630 - RHEL 8 must prevent code from being executed on file systems that are imported via Network File System (NFS).
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "noexec" mount option causes the system not to execute binary files. This option must be used for mounting any file system not containing approved binary as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -10286,7 +10341,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010640 - RHEL 8 must prevent special devices on file systems that are imported via Network File System (NFS).
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -10299,7 +10355,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010650 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS).
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -10312,7 +10369,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010671 - RHEL 8 must disable the kernel.core_pattern.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -10335,7 +10393,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-010673 - RHEL 8 must disable core dumps for all users.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -10350,7 +10409,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010674 - RHEL 8 must disable storing core dumps.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -10364,7 +10424,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010675 - RHEL 8 must disable core dump backtraces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -10378,7 +10439,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010760 - All RHEL 8 local interactive user accounts must be assigned a home directory upon creation
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
+           
+@@ -10390,7 +10452,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010830 - RHEL 8 must not allow users to override SSH environment variables.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             SSH environment options potentially allow users to bypass access restriction in some configurations.
+           
+@@ -10403,7 +10466,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-020010 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -10427,7 +10491,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+           
+             RHEL-08-020011 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             In RHEL 8.2 the "/etc/security/faillock.conf" file was incorporated to centralize the configuration of the pam_faillock.so module.  Also introduced is a "local_users_only" option that will only track failed user authentication attempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP, etc.) users to allow the centralized platform to solely manage user lockout.
+ 
+@@ -10442,7 +10507,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+           
+             RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -10462,7 +10528,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+           
+             RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -10479,7 +10546,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+           
+             RHEL-08-020014 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -10501,7 +10569,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+           
+             RHEL-08-020015 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -10518,7 +10587,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+           
+             RHEL-08-020018 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -10538,7 +10608,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+           
+             RHEL-08-020019 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -10555,7 +10626,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+           
+             RHEL-08-020020 - RHEL 8 must log user name information when unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -10575,7 +10647,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+           
+             RHEL-08-020021 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -10592,7 +10665,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+           
+             RHEL-08-020022 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -10612,7 +10686,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+           
+             RHEL-08-020023 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -10629,7 +10704,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+           
+             RHEL-08-020024 - RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Operating system management includes the ability to control the number of users and user sessions that utilize an operating system. Limiting the number of allowed users and sessions per user is helpful in reducing the risks related to DoS attacks.
+ 
+@@ -10644,7 +10720,8 @@ This requirement addresses concurrent sessions for information system accounts a
+           
+             RHEL-08-020040 - RHEL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for command line sessions.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
+ 
+@@ -10660,7 +10737,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
+           
+             RHEL-08-020041 - RHEL 8 must ensure session control is automatically started at shell initialization.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
+ 
+@@ -10677,7 +10755,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
+           
+             RHEL-08-020042 - RHEL 8 must prevent users from disabling session control mechanisms.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
+ 
+@@ -10693,7 +10772,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
+           
+             RHEL-08-020100 - RHEL 8 must ensure the password complexity module is enabled in the password-auth file.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
+ 
+@@ -10709,7 +10789,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. This
+           
+             RHEL-08-020110 - RHEL 8 must enforce password complexity by requiring that at least one uppercase character be used.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -10725,7 +10806,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
+           
+             RHEL-08-020120 - RHEL 8 must enforce password complexity by requiring that at least one lower-case character be used.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -10741,7 +10823,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
+           
+             RHEL-08-020130 - RHEL 8 must enforce password complexity by requiring that at least one numeric character be used.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -10757,7 +10840,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+           
+             RHEL-08-020140 - RHEL 8 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -10773,7 +10857,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020150 - RHEL 8 must require the maximum number of repeating characters be limited to three when passwords are changed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -10789,7 +10874,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020160 - RHEL 8 must require the change of at least four character classes when passwords are changed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -10805,7 +10891,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020170 - RHEL 8 must require the change of at least 8 characters when passwords are changed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -10821,7 +10908,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020180 - RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime restriction in /etc/shadow.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
+           
+@@ -10834,7 +10922,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020190 - RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/logins.def.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
+           
+@@ -10846,7 +10935,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020200 - RHEL 8 user account passwords must have a 60-day maximum password lifetime restriction.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
+           
+@@ -10858,7 +10948,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020210 - RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
+           
+@@ -10873,7 +10964,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020220 - RHEL 8 must be configured in the password-auth file to prohibit password reuse for a minimum of five generations.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.
+ 
+@@ -10891,7 +10983,8 @@ Note that manual changes to the listed files may be overwritten by the "authsele
+           
+             RHEL-08-020230 - RHEL 8 passwords must have a minimum of 15 characters.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
+ 
+@@ -10911,7 +11004,8 @@ The DoD minimum password requirement is 15 characters.
+           
+             RHEL-08-020231 - RHEL 8 passwords for new users must have a minimum of 15 characters.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
+ 
+@@ -10927,7 +11021,8 @@ The DoD minimum password requirement is 15 characters.
+           
+             RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
+ 
+@@ -10941,7 +11036,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
+           
+             RHEL-08-020280 - All RHEL 8 passwords must contain at least one special character.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -10957,7 +11053,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+           
+             RHEL-08-020300 - RHEL 8 must prevent the use of dictionary words for passwords.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses, and brute-force attacks.
+           
+@@ -10970,7 +11067,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+           
+             RHEL-08-020310 - RHEL 8 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Configuring the operating system to implement organization-wide security implementation guides and security checklists verifies compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
+ 
+@@ -10984,7 +11082,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-020330 - RHEL 8 must not have accounts configured with blank or null passwords.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
+           
+@@ -10996,7 +11095,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-020350 - RHEL 8 must display the date and time of the last successful account logon upon an SSH logon.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Providing users with feedback on when account accesses via SSH last occurred facilitates user recognition and reporting of unauthorized account use.
+           
+@@ -11009,7 +11109,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-020351 - RHEL 8 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Setting the most restrictive default permissions ensures that when new accounts are created, they do not have unnecessary access.
+           
+@@ -11021,7 +11122,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-030000 - The RHEL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider threats and the advanced persistent threat.
+           
+@@ -11037,7 +11139,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-030020 - The RHEL 8 System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
+ 
+@@ -11053,7 +11156,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+           
+             RHEL-08-030040 - The RHEL 8 System must take appropriate action when an audit processing failure occurs.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
+ 
+@@ -11069,7 +11173,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+           
+             RHEL-08-030060 - The RHEL 8 audit system must take appropriate action when the audit storage volume is full.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is critical that when RHEL 8 is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.
+ 
+@@ -11087,7 +11192,8 @@ When availability is an overriding concern, other approved actions in response t
+           
+             RHEL-08-030061 - The RHEL 8 audit system must audit local events.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -11101,7 +11207,8 @@ Audit record content that may be necessary to satisfy this requirement includes,
+           
+             RHEL-08-030062 - RHEL 8 must label all off-loaded audit logs before sending them to the central log server.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -11119,7 +11226,8 @@ When audit logs are not labeled before they are sent to a central log server, th
+           
+             RHEL-08-030063 - RHEL 8 must resolve audit information before writing to disk.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -11135,7 +11243,8 @@ Enriched logging aids in making sense of who, what, and when events occur on a s
+           
+             RHEL-08-030070 - RHEL 8 audit logs must have a mode of 0600 or less permissive to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -11149,7 +11258,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-030080 - RHEL 8 audit logs must be owned by root to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -11163,7 +11273,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-030090 - RHEL 8 audit logs must be group-owned by root to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -11177,7 +11288,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+           
+             RHEL-08-030100 - RHEL 8 audit log directory must be owned by root to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -11191,7 +11303,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+           
+             RHEL-08-030110 - RHEL 8 audit log directory must be group-owned by root to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -11205,7 +11318,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+           
+             RHEL-08-030120 - RHEL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -11219,7 +11333,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+           
+             RHEL-08-030121 - RHEL 8 audit system must protect auditing rules from unauthorized change.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -11235,7 +11350,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
+           
+             RHEL-08-030122 - RHEL 8 audit system must protect logon UIDs from unauthorized change.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -11251,7 +11367,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
+           
+             RHEL-08-030130 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11266,7 +11383,8 @@ Audit records can be generated from various components within the information sy
+           
+             RHEL-08-030140 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11281,7 +11399,8 @@ Audit records can be generated from various components within the information sy
+           
+             RHEL-08-030150 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11296,7 +11415,8 @@ Audit records can be generated from various components within the information sy
+           
+             RHEL-08-030160 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11311,7 +11431,8 @@ Audit records can be generated from various components within the information sy
+           
+             RHEL-08-030170 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11326,7 +11447,8 @@ Audit records can be generated from various components within the information sy
+           
+             RHEL-08-030171 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11341,7 +11463,8 @@ Audit records can be generated from various components within the information sy
+           
+             RHEL-08-030172 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11356,7 +11479,8 @@ Audit records can be generated from various components within the information sy
+           
+             RHEL-08-030180 - The RHEL 8 audit package must be installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -11372,7 +11496,8 @@ Associating event types with detected events in RHEL 8 audit logs provides a mea
+           
+             RHEL-08-030190 - Successful/unsuccessful uses of the su command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11389,7 +11514,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030200 - The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr and lremovexattr system calls.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11436,7 +11562,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+           
+             RHEL-08-030250 - Successful/unsuccessful uses of the chage command in RHEL 8 must generate an audit record
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11455,7 +11582,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030260 - Successful/unsuccessful uses of the chcon command in RHEL 8 must generate an audit record
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11474,7 +11602,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030280 - Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11491,7 +11620,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030290 - Successful/unsuccessful uses of the passwd command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11508,7 +11638,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030300 - Successful/unsuccessful uses of the mount command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11525,7 +11656,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030301 - Successful/unsuccessful uses of the umount command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11542,7 +11674,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030302 - Successful/unsuccessful uses of the mount syscall in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11560,7 +11693,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030310 - Successful/unsuccessful uses of the unix_update in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -11577,7 +11711,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030311 - Successful/unsuccessful uses of postdrop in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -11594,7 +11729,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030312 - Successful/unsuccessful uses of postqueue in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -11611,7 +11747,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -11628,7 +11765,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030314 - Successful/unsuccessful uses of setfiles in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -11645,7 +11783,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030315 - Successful/unsuccessful uses of userhelper in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -11662,7 +11801,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030316 - Successful/unsuccessful uses of setsebool in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -11679,7 +11819,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030317 - Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -11696,7 +11837,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030320 - Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11713,7 +11855,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030330 - Successful/unsuccessful uses of the setfacl command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11730,7 +11873,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11747,7 +11891,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030350 - Successful/unsuccessful uses of the newgrp command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11764,7 +11909,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030360 - Successful/unsuccessful uses of the init_module and finit_module command system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11786,7 +11932,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+           
+             RHEL-08-030361 - Successful/unsuccessful uses of the rename, unlink, rmdir, renameat and unlinkat commandsystem calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11817,7 +11964,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+           
+             RHEL-08-030370 - Successful/unsuccessful uses of the gpasswd command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11834,7 +11982,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030390 - Successful/unsuccessful uses of the delete_module command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11852,7 +12001,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030400 - Successful/unsuccessful uses of the crontab command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11869,7 +12019,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030410 - Successful/unsuccessful uses of the chsh command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11886,7 +12037,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030420 - Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11931,7 +12083,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+           
+             RHEL-08-030480 - Successful/unsuccessful uses of the chown, fchown, fchownat and lchown system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11960,7 +12113,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+           
+             RHEL-08-030490 - Successful/unsuccessful uses of the chmod, fchmod and fchmodat system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -11985,7 +12139,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+           
+             RHEL-08-030550 - Successful/unsuccessful uses of the sudo command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -12002,7 +12157,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030560 - Successful/unsuccessful uses of the usermod command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -12019,7 +12175,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030570 - Successful/unsuccessful uses of the chacl command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -12036,7 +12193,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+           
+             RHEL-08-030580 - Successful/unsuccessful uses of the kmod command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -12063,7 +12221,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
+           
+             RHEL-08-030600 - Successful/unsuccessful modifications to the lastlog file in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -12090,7 +12249,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
+           
+             RHEL-08-030610 - RHEL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+           
+@@ -12103,7 +12263,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
+           
+             RHEL-08-030620 - RHEL 8 audit tools must have a mode of 0755 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
+ 
+@@ -12119,7 +12280,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+           
+             RHEL-08-030630 - RHEL 8 audit tools must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
+ 
+@@ -12135,7 +12297,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+           
+             RHEL-08-030640 - RHEL 8 audit tools must be group-owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
+ 
+@@ -12151,7 +12314,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+           
+             RHEL-08-030680 - RHEL 8 must have the packages required for encrypting offloaded audit logs installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -12174,7 +12338,8 @@ Note that a port number was given as there is no standard port for RELP.
+             RHEL-08-030700 - RHEL 8 must take appropriate action when the internal event queue is full.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -12190,7 +12355,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
+           
+             RHEL-08-030730 - RHEL 8 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.
+           
+@@ -12202,7 +12368,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
+           
+             RHEL-08-030741 - RHEL 8 must disable the chrony daemon from acting as a server.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
+ 
+@@ -12220,7 +12387,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
+           
+             RHEL-08-030742 - RHEL 8 must disable network management of the chrony daemon.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
+ 
+@@ -12238,7 +12406,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
+           
+             RHEL-08-040000 - RHEL 8 must not have the telnet-server package installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -12260,7 +12429,8 @@ If a privileged user were to log on using this service, the privileged user pass
+           
+             RHEL-08-040001 - RHEL 8 must not have any automated bug reporting tools installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -12278,7 +12448,8 @@ Verify the operating system is configured to disable non-essential capabilities.
+           
+             RHEL-08-040002 - RHEL 8 must not have the sendmail package installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -12296,7 +12467,8 @@ Verify the operating system is configured to disable non-essential capabilities.
+           
+             RHEL-08-040010 - RHEL 8 must not have the rsh-server package installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -12314,7 +12486,8 @@ If a privileged user were to log on using this service, the privileged user pass
+           
+             RHEL-08-040021 - RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -12331,7 +12504,8 @@ The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data li
+           
+             RHEL-08-040022 - RHEL 8 must disable the controller area network (CAN) protocol.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -12348,7 +12522,8 @@ The Controller Area Network (CAN) is a serial communications protocol, which was
+           
+             RHEL-08-040023 - RHEL 8 must disable the stream control transmission (SCTP) protocol.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -12365,7 +12540,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
+           
+             RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -12382,7 +12558,8 @@ The Transparent Inter-Process Communication (TIPC) protocol is designed to provi
+           
+             RHEL-08-040025 - RHEL 8 must disable mounting of cramfs.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -12399,7 +12576,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
+           
+             RHEL-08-040026 - RHEL 8 must disable IEEE 1394 (FireWire) Support.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -12414,7 +12592,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
+           
+             RHEL-08-040060 - RHEL 8 must enforce SSHv2 for network access to all accounts.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             A replay attack may enable an unauthorized user to gain access to RHEL 8. Authentication sessions between the authenticator and RHEL 8 validating the user credentials must not be vulnerable to a replay attack.
+ 
+@@ -12435,7 +12614,8 @@ RHEL 8 incorporates OpenSSH as a default ssh provider. OpenSSH has been a 100 pe
+           
+             RHEL-08-040080 - RHEL 8 must be configured to disable USB mass storage.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity.
+           
+@@ -12448,7 +12628,8 @@ RHEL 8 incorporates OpenSSH as a default ssh provider. OpenSSH has been a 100 pe
+           
+             RHEL-08-040111 - RHEL 8 Bluetooth must be disabled.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without protection of communications with wireless peripherals, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read, altered, or used to compromise the RHEL 8 operating system.
+ 
+@@ -12464,7 +12645,8 @@ Protecting the confidentiality and integrity of communications with wireless per
+           
+             RHEL-08-040120 - RHEL 8 must mount /dev/shm with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12483,7 +12665,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040121 - RHEL 8 must mount /dev/shm with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12500,7 +12683,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040122 - RHEL 8 must mount /dev/shm with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12519,7 +12703,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040123 - RHEL 8 must mount /tmp with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12539,7 +12724,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040124 - RHEL 8 must mount /tmp with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12557,7 +12743,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040125 - RHEL 8 must mount /tmp with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12577,7 +12764,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040126 - RHEL 8 must mount /var/log with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12597,7 +12785,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040127 - RHEL 8 must mount /var/log with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12617,7 +12806,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040128 - RHEL 8 must mount /var/log with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12637,7 +12827,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040129 - RHEL 8 must mount /var/log/audit with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12657,7 +12848,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040130 - RHEL 8 must mount /var/log/audit with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12677,7 +12869,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040131 - RHEL 8 must mount /var/log/audit with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12697,7 +12890,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040132 - RHEL 8 must mount /var/tmp with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12716,7 +12910,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040133 - RHEL 8 must mount /var/tmp with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12735,7 +12930,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040134 - RHEL 8 must mount /var/tmp with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -12754,7 +12950,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040160 - All RHEL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+ 
+@@ -12771,7 +12968,8 @@ Protecting the confidentiality and integrity of organizational information can b
+           
+             RHEL 8 must force a frequent session key renegotiation for SSH connections to the server.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+ 
+@@ -12790,7 +12988,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+           
+             RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
+           
+@@ -12802,7 +13001,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+           
+             RHEL-08-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If TFTP is required for operational support (such as the transmission of router configurations) its use must be documented with the Information System Security Officer (ISSO), restricted to only authorized personnel, and have access control rules established.
+           
+@@ -12814,7 +13014,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+           
+             RHEL-08-040200 - The root account must be the only account having unrestricted access to the RHEL 8 system.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.
+           
+@@ -12826,7 +13027,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+           
+             RHEL-08-040210 - RHEL 8 must prevent Internet Control Message Protocol (ICMP) redirect messages from being accepted.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+           
+@@ -12842,7 +13044,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+           
+             RHEL-08-040220 - RHEL 8 must not send Internet Control Message Protocol (ICMP) redirects.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
+ 
+@@ -12867,7 +13070,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-040230 - RHEL 8 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.
+ 
+@@ -12892,7 +13096,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-040240 - RHEL 8 must not forward source-routed packets.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
+ 
+@@ -12918,7 +13123,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-040250 - RHEL 8 must not forward source-routed packets by default.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
+ 		
+@@ -12944,7 +13150,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-040260 - RHEL 8 must not be performing packet forwarding unless the system is a router.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
+ 
+@@ -12970,7 +13177,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-040261 - RHEL 8 must not accept router advertisements on all IPv6 interfaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
+ 
+@@ -12998,7 +13206,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-040262 - RHEL 8 must not accept router advertisements on all IPv6 interfaces by default.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
+ 
+@@ -13026,7 +13235,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-040270 - RHEL 8 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
+ 
+@@ -13051,7 +13261,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-040280 - RHEL 8 must ignore Internet Control Message Protocol (ICMP) redirect messages.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+ 
+@@ -13077,7 +13288,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-040281 - RHEL 8 must disable access to network bpf syscall from unprivileged processes.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -13100,7 +13312,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-040282 - RHEL 8 must restrict usage of ptrace to descendant processes.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -13123,7 +13336,8 @@ Based on the information above, if a configuration file that begins with "99-" i
+           
+             RHEL-08-040283 - RHEL 8 must restrict exposed kernel pointer addresses access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives.  These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.  
+ 
+@@ -13145,7 +13359,8 @@ Based on the information above, if a configuration file begins with "99-" is cre
+           
+             RHEL-08-040284 - RHEL 8 must disable the use of user namespaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -13167,7 +13382,8 @@ Based on the information above, if a configuration file begins with "99-" is cre
+           
+             RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -13189,7 +13405,8 @@ Based on the information above, if a configuration file begins with "99-" is cre
+           
+             RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.
+           
+@@ -13202,7 +13419,8 @@ Based on the information above, if a configuration file begins with "99-" is cre
+           
+             RHEL-08-040340 - RHEL 8 remote X connections for interactive users must be disabled unless to fulfill documented and validated mission requirements.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The security risk of using X11 forwarding is that the client's X11 display server may be exposed to attack when the SSH client requests forwarding.  A system administrator may have a stance in which they want to protect clients that may expose themselves to attack by unwittingly requesting X11 forwarding, which can warrant a ''no'' setting.
+ X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user's X11 authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring if the ForwardX11Trusted option is also enabled.
+@@ -13217,7 +13435,8 @@ If X11 services are not required for the system's intended function, they should
+           
+             RHEL-08-040341 - The RHEL 8 SSH daemon must prevent remote hosts from connecting to the proxy display.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address. By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DIPSLAY environment variable to localhost. This prevents remote hosts from connecting to the proxy display.
+           
+@@ -13230,7 +13449,8 @@ If X11 services are not required for the system's intended function, they should
+           
+             RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Restricting TFTP to a specific directory prevents remote users from copying, transferring, or overwriting system files.
+           
+@@ -13243,7 +13463,8 @@ If X11 services are not required for the system's intended function, they should
+           
+             RHEL-08-040360 - A File Transfer Protocol (FTP) server package must not be installed unless mission essential on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The FTP service provides an unencrypted remote access that does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. SSH or other encrypted file transfer methods must be used in place of this service.
+           
+@@ -13255,7 +13476,8 @@ If X11 services are not required for the system's intended function, they should
+           
+             RHEL-08-040370 - The gssproxy package must not be installed unless mission essential on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -13271,7 +13493,8 @@ The gssproxy package is a proxy for GSS API credential handling and could expose
+           
+             RHEL-08-040380 - The iprutils package must not be installed unless mission essential on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -13287,7 +13510,8 @@ The iprutils package provides a suite of utilities to manage and configure SCSI
+           
+             RHEL-08-040390 - The tuned package must not be installed unless mission essential on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -13303,7 +13527,8 @@ The tuned package contains a daemon that tunes the system settings dynamically.
+           
+             RHEL-08-030670 - RHEL 8 must have the packages required for offloading audit logs installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -13326,7 +13551,8 @@ Note that a port number was given as there is no standard port for RELP.
+             RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -13345,7 +13571,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010382 - RHEL 8 must restrict privilege elevation to authorized personnel.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
+           
+@@ -13358,7 +13585,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010383 - RHEL 8 must use the invoking user's password for privilege escalation when using "sudo".
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password. 
+ For more information on each of the listed configurations, reference the sudoers(5) manual page.
+@@ -13382,7 +13610,8 @@ For more information on each of the listed configurations, reference the sudoers
+           
+             RHEL-08-010384 - RHEL 8 must require re-authentication when using the "sudo" command.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
+ 
+@@ -13456,15 +13685,15 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+           
+           
+         
+-        
++        
+           
+           
+         
+-        
++        
+           
+           
+         
+-        
++        
+           
+         
+         
+@@ -14979,18 +15208,18 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+           ^\s*SHA_CRYPT_MAX_ROUNDS\s+(\d+)\b
+           1
+         
+-        
+-          /boot/efi/EFI/redhat/grub.cfg
++        
++          /boot/efi/EFI/almalinux/grub.cfg
+           ^\s*set\s+superusers\s*=\s*"(\w+)"\s*$
+           1
+         
+-        
+-          /boot/efi/EFI/redhat/user.cfg
++        
++          /boot/efi/EFI/almalinux/user.cfg
+           ^\s*GRUB2_PASSWORD=(\S+)\b
+           1
+         
+-        
+-          /boot/efi/EFI/redhat/grub.cfg
++        
++          /boot/efi/EFI/almalinux/grub.cfg
+         
+         
+           /boot/grub2/grub.cfg
+diff --git a/shared/references/disa-stig-rhel8-v1r5-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v1r5-xccdf-manual.xml
+index 216e91f9..9cde5e5e 100644
+--- a/shared/references/disa-stig-rhel8-v1r5-xccdf-manual.xml
++++ b/shared/references/disa-stig-rhel8-v1r5-xccdf-manual.xml
+@@ -368,7 +368,7 @@ $ sudo egrep "^SHA_CRYPT_" /etc/login.defs
+ 
+ If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "5000", this is a finding.
+ 
+-If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+ 
+ Generate an encrypted grub2 password for the grub superusers account with the following command:
+ 
+@@ -378,7 +378,7 @@ Confirm password:For systems that use BIOS, this is Not Applicable.
++$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
+ 
+ Verify that a unique name is set as the "superusers" account:
+ 
+-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
++$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
+ set superusers="[someuniquestringhere]"
+ export superusers
+ 
 diff --git a/shared/templates/accounts_password/ansible.template b/shared/templates/accounts_password/ansible.template
-index f8478db7..7d4d984f 100644
+index 7383c68f..43cff8bd 100644
 --- a/shared/templates/accounts_password/ansible.template
 +++ b/shared/templates/accounts_password/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/accounts_password/bash.template b/shared/templates/accounts_password/bash.template
-index 64d1be69..7bbb1772 100644
+index 9633b681..674973a5 100644
 --- a/shared/templates/accounts_password/bash.template
 +++ b/shared/templates/accounts_password/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_dac_modification/ansible.template b/shared/templates/audit_rules_dac_modification/ansible.template
-index 2c006b45..af197a30 100644
+index 888f76e9..ae66d5d2 100644
 --- a/shared/templates/audit_rules_dac_modification/ansible.template
 +++ b/shared/templates/audit_rules_dac_modification/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_dac_modification/bash.template b/shared/templates/audit_rules_dac_modification/bash.template
-index b2de8d35..34a34bc3 100644
+index 9b57c665..b5b584f0 100644
 --- a/shared/templates/audit_rules_dac_modification/bash.template
 +++ b/shared/templates/audit_rules_dac_modification/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  
- # Include source function library.
- . /usr/share/scap-security-guide/remediation_functions
+ # First perform the remediation of the syscall rule
+ # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_file_deletion_events/ansible.template b/shared/templates/audit_rules_file_deletion_events/ansible.template
-index 4709a61c..12c27613 100644
+index c54bd839..f1e948db 100644
 --- a/shared/templates/audit_rules_file_deletion_events/ansible.template
 +++ b/shared/templates/audit_rules_file_deletion_events/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_file_deletion_events/bash.template b/shared/templates/audit_rules_file_deletion_events/bash.template
-index b5b4c46a..8083e2fb 100644
+index cd7e552c..6b9f4a47 100644
 --- a/shared/templates/audit_rules_file_deletion_events/bash.template
 +++ b/shared/templates/audit_rules_file_deletion_events/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- 
- # Include source function library.
- . /usr/share/scap-security-guide/remediation_functions
-diff --git a/shared/templates/audit_rules_login_events/ansible.template b/shared/templates/audit_rules_login_events/ansible.template
-index 4b32771c..4de3c0d4 100644
---- a/shared/templates/audit_rules_login_events/ansible.template
-+++ b/shared/templates/audit_rules_login_events/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/audit_rules_login_events/bash.template b/shared/templates/audit_rules_login_events/bash.template
-index 69e8be9c..7df49b30 100644
---- a/shared/templates/audit_rules_login_events/bash.template
-+++ b/shared/templates/audit_rules_login_events/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- 
- # Include source function library.
- . /usr/share/scap-security-guide/remediation_functions
-diff --git a/shared/templates/audit_rules_path_syscall/ansible.template b/shared/templates/audit_rules_path_syscall/ansible.template
-index fcd2bda3..de182133 100644
---- a/shared/templates/audit_rules_path_syscall/ansible.template
-+++ b/shared/templates/audit_rules_path_syscall/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/audit_rules_path_syscall/bash.template b/shared/templates/audit_rules_path_syscall/bash.template
-index 676f6c37..71d2b52f 100644
---- a/shared/templates/audit_rules_path_syscall/bash.template
-+++ b/shared/templates/audit_rules_path_syscall/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- 
- # Include source function library.
- . /usr/share/scap-security-guide/remediation_functions
-diff --git a/shared/templates/audit_rules_privileged_commands/ansible.template b/shared/templates/audit_rules_privileged_commands/ansible.template
-index e9ef0849..390ba631 100644
---- a/shared/templates/audit_rules_privileged_commands/ansible.template
-+++ b/shared/templates/audit_rules_privileged_commands/ansible.template
-@@ -1,7 +1,7 @@
- {{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-   {{%- set perm_x=" -F perm=x" %}}
- {{%- endif %}}
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/audit_rules_privileged_commands/bash.template b/shared/templates/audit_rules_privileged_commands/bash.template
-index 5af362df..f376cbf3 100644
---- a/shared/templates/audit_rules_privileged_commands/bash.template
-+++ b/shared/templates/audit_rules_privileged_commands/bash.template
-@@ -1,7 +1,7 @@
- {{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
-   {{%- set perm_x=" -F perm=x" %}}
- {{%- endif %}}
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- 
- # Include source function library.
- . /usr/share/scap-security-guide/remediation_functions
-diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
-index 6cf90e11..49808bea 100644
---- a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
-+++ b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
-index 4adaa86f..e300c0d4 100644
---- a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
-+++ b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- 
- # Include source function library.
- . /usr/share/scap-security-guide/remediation_functions
-diff --git a/shared/templates/audit_rules_usergroup_modification/ansible.template b/shared/templates/audit_rules_usergroup_modification/ansible.template
-index ea9738ec..eba27777 100644
---- a/shared/templates/audit_rules_usergroup_modification/ansible.template
-+++ b/shared/templates/audit_rules_usergroup_modification/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/audit_rules_usergroup_modification/bash.template b/shared/templates/audit_rules_usergroup_modification/bash.template
-index 21524172..965c3f3f 100644
---- a/shared/templates/audit_rules_usergroup_modification/bash.template
-+++ b/shared/templates/audit_rules_usergroup_modification/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # Include source function library.
- . /usr/share/scap-security-guide/remediation_functions
- 
-diff --git a/shared/templates/grub2_bootloader_argument/ansible.template b/shared/templates/grub2_bootloader_argument/ansible.template
-index b0fef2d9..43346d3d 100644
---- a/shared/templates/grub2_bootloader_argument/ansible.template
-+++ b/shared/templates/grub2_bootloader_argument/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = true
- # strategy = restrict
- # complexity = medium
-diff --git a/shared/templates/grub2_bootloader_argument/bash.template b/shared/templates/grub2_bootloader_argument/bash.template
-index cecd1f99..42dd311c 100644
---- a/shared/templates/grub2_bootloader_argument/bash.template
-+++ b/shared/templates/grub2_bootloader_argument/bash.template
-@@ -1,4 +1,4 @@
 -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
  
- {{% if product in ["rhel7", "ol7"] or 'ubuntu' in product %}}
- {{% if '/' in ARG_NAME %}}
+ # First perform the remediation of the syscall rule
+ # Retrieve hardware architecture of the underlying system
+diff --git a/shared/templates/audit_rules_login_events/ansible.template b/shared/templates/audit_rules_login_events/ansible.template
+index 09d2e056..2b20c215 100644
+--- a/shared/templates/audit_rules_login_events/ansible.template
++++ b/shared/templates/audit_rules_login_events/ansible.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+ # reboot = true
+ # strategy = restrict
+ # complexity = low
+diff --git a/shared/templates/audit_rules_login_events/bash.template b/shared/templates/audit_rules_login_events/bash.template
+index c94b1073..a7a1623c 100644
+--- a/shared/templates/audit_rules_login_events/bash.template
++++ b/shared/templates/audit_rules_login_events/bash.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+ 
+ # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
+ 
+diff --git a/shared/templates/audit_rules_path_syscall/ansible.template b/shared/templates/audit_rules_path_syscall/ansible.template
+index 8c1361b7..6280a411 100644
+--- a/shared/templates/audit_rules_path_syscall/ansible.template
++++ b/shared/templates/audit_rules_path_syscall/ansible.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
+ # reboot = true
+ # strategy = restrict
+ # complexity = low
+diff --git a/shared/templates/audit_rules_path_syscall/bash.template b/shared/templates/audit_rules_path_syscall/bash.template
+index 332c87de..cdcf6352 100644
+--- a/shared/templates/audit_rules_path_syscall/bash.template
++++ b/shared/templates/audit_rules_path_syscall/bash.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
+ 
+ # First perform the remediation of the syscall rule
+ # Retrieve hardware architecture of the underlying system
+diff --git a/shared/templates/audit_rules_privileged_commands/ansible.template b/shared/templates/audit_rules_privileged_commands/ansible.template
+index aa7b5097..ad33c6a1 100644
+--- a/shared/templates/audit_rules_privileged_commands/ansible.template
++++ b/shared/templates/audit_rules_privileged_commands/ansible.template
+@@ -1,7 +1,7 @@
+-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15"] %}}
++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15"] %}}
+   {{%- set perm_x=" -F perm=x" %}}
+ {{%- endif %}}
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
+diff --git a/shared/templates/audit_rules_privileged_commands/bash.template b/shared/templates/audit_rules_privileged_commands/bash.template
+index f3c57c5e..bcab9578 100644
+--- a/shared/templates/audit_rules_privileged_commands/bash.template
++++ b/shared/templates/audit_rules_privileged_commands/bash.template
+@@ -1,7 +1,7 @@
+-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15", "ubuntu2004"] %}}
++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15", "ubuntu2004"] %}}
+   {{%- set perm_x=" -F perm=x" %}}
+ {{%- endif %}}
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+ 
+ ACTION_ARCH_FILTERS="-a always,exit"
+ OTHER_FILTERS="-F path={{{ PATH }}}{{{ perm_x }}}"
+diff --git a/shared/templates/audit_rules_privileged_commands/oval.template b/shared/templates/audit_rules_privileged_commands/oval.template
+index cba62e6e..ae1db793 100644
+--- a/shared/templates/audit_rules_privileged_commands/oval.template
++++ b/shared/templates/audit_rules_privileged_commands/oval.template
+@@ -1,4 +1,4 @@
+-{{%- if product in ["rhel8", "rhel9", "sle12", "sle15", "ubuntu2004"] %}}
++{{%- if product in ["rhel8", "rhel9", "almalinux8", "sle12", "sle15", "ubuntu2004"] %}}
+   {{%- set perm_x="(?:[\s]+-F[\s]+perm=x)" %}}
+ {{%- endif %}}
+ 
+diff --git a/shared/templates/audit_rules_syscall_events/ansible.template b/shared/templates/audit_rules_syscall_events/ansible.template
+index 8c6ee906..cac54d94 100644
+--- a/shared/templates/audit_rules_syscall_events/ansible.template
++++ b/shared/templates/audit_rules_syscall_events/ansible.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ # reboot = true
+ # strategy = restrict
+ # complexity = low
+diff --git a/shared/templates/audit_rules_syscall_events/bash.template b/shared/templates/audit_rules_syscall_events/bash.template
+index 65325548..592ec6bd 100644
+--- a/shared/templates/audit_rules_syscall_events/bash.template
++++ b/shared/templates/audit_rules_syscall_events/bash.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ 
+ # Include source function library.
+ . /usr/share/scap-security-guide/remediation_functions
+diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
+index 1e930bcf..58d026a4 100644
+--- a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
++++ b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+ # reboot = true
+ # strategy = restrict
+ # complexity = low
+diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
+index ff9a4f5e..ae7f6000 100644
+--- a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
++++ b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+ 
+ # First perform the remediation of the syscall rule
+ # Retrieve hardware architecture of the underlying system
+diff --git a/shared/templates/audit_rules_usergroup_modification/ansible.template b/shared/templates/audit_rules_usergroup_modification/ansible.template
+index 87c8d2ce..57a2d0c0 100644
+--- a/shared/templates/audit_rules_usergroup_modification/ansible.template
++++ b/shared/templates/audit_rules_usergroup_modification/ansible.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+ # reboot = true
+ # strategy = restrict
+ # complexity = low
+diff --git a/shared/templates/audit_rules_usergroup_modification/bash.template b/shared/templates/audit_rules_usergroup_modification/bash.template
+index 62faac34..3461e4e2 100644
+--- a/shared/templates/audit_rules_usergroup_modification/bash.template
++++ b/shared/templates/audit_rules_usergroup_modification/bash.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+ 
+ # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
+ 
+diff --git a/shared/templates/grub2_bootloader_argument/ansible.template b/shared/templates/grub2_bootloader_argument/ansible.template
+index db3b4430..6d55ca29 100644
+--- a/shared/templates/grub2_bootloader_argument/ansible.template
++++ b/shared/templates/grub2_bootloader_argument/ansible.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+ # reboot = true
+ # strategy = restrict
+ # complexity = medium
+diff --git a/shared/templates/grub2_bootloader_argument/bash.template b/shared/templates/grub2_bootloader_argument/bash.template
+index 5f97efd4..24529bda 100644
+--- a/shared/templates/grub2_bootloader_argument/bash.template
++++ b/shared/templates/grub2_bootloader_argument/bash.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+ {{#
+    See the OVAL template for more comments.
+    Product-specific categorization should be synced across all template content types
+@@ -23,7 +23,7 @@ fi
+ {{% set grub_helper_executable = "update-grub" -%}}
+ {{% endif -%}}
+ 
+-{{% if product in ["rhel8", "ol8"] %}}
++{{% if product in ["rhel8", "almalinux8", "ol8"] %}}
+ {{# Suppress the None output of append -#}}
+ {{{ grub_helper_args.append("--env=/boot/grub2/grubenv") or "" -}}}
+ {{% endif -%}}
+diff --git a/shared/templates/grub2_bootloader_argument/blueprint.template b/shared/templates/grub2_bootloader_argument/blueprint.template
+index e07d5a4f..0c2c56ce 100644
+--- a/shared/templates/grub2_bootloader_argument/blueprint.template
++++ b/shared/templates/grub2_bootloader_argument/blueprint.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+ 
+ [customizations.kernel]
+ append = "{{{ ARG_NAME_VALUE }}}"
+diff --git a/shared/templates/grub2_bootloader_argument/oval.template b/shared/templates/grub2_bootloader_argument/oval.template
+index 71367465..439ac799 100644
+--- a/shared/templates/grub2_bootloader_argument/oval.template
++++ b/shared/templates/grub2_bootloader_argument/oval.template
+@@ -16,7 +16,7 @@
+ {{% set system_with_expanded_kernel_options_in_loader_entries = true %}}
+ {{%- endif -%}}
+ 
+-{{% if product in ["rhel8"] -%}}
++{{% if product in ["rhel8", "almalinux8"] -%}}
+ {{% set system_with_referenced_kernel_options_in_loader_entries = true %}}
+ {{% set system_with_kernel_options_in_grubenv = true %}}
+ {{%- endif -%}}
+diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh
+index a270be45..0844a6d7 100644
+--- a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh
++++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ # Removes argument from kernel command line in /etc/default/grub
+ if grep -q '^GRUB_CMDLINE_LINUX=.*{{{ARG_NAME}}}=.*"'  '/etc/default/grub' ; then
+diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh
+index fdf2a5d4..0e0e7297 100644
+--- a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh
++++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-# platform = Red Hat Enterprise Linux 8
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+ 
+ # Removes audit argument from kernel command line in /boot/grub2/grubenv
+ file="/boot/grub2/grubenv"
+diff --git a/shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh b/shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh
+index 5a97ec25..c679b04a 100644
+--- a/shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh
++++ b/shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
+ 
+ # Break the argument in kernel command line in /boot/grub2/grubenv
+ file="/boot/grub2/grubenv"
 diff --git a/shared/templates/kernel_module_disabled/ansible.template b/shared/templates/kernel_module_disabled/ansible.template
 index 2526baf7..7962d86b 100644
 --- a/shared/templates/kernel_module_disabled/ansible.template
@@ -31784,6 +36249,16 @@ index fdcb4ee3..0d1d8dc2 100644
  # reboot = false
  # strategy = enable
  # complexity = low
+diff --git a/shared/templates/mount/blueprint.template b/shared/templates/mount/blueprint.template
+index 56617467..3cdacd4d 100644
+--- a/shared/templates/mount/blueprint.template
++++ b/shared/templates/mount/blueprint.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ 
+ [[customizations.filesystem]]
+ mountpoint = "{{{ MOUNTPOINT }}}"
 diff --git a/shared/templates/mount_option/anaconda.template b/shared/templates/mount_option/anaconda.template
 index 083b0ef0..14f7018a 100644
 --- a/shared/templates/mount_option/anaconda.template
@@ -31835,31 +36310,22 @@ index 489f9bb0..0120d927 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/sebool/ansible.template b/shared/templates/sebool/ansible.template
-index 38d7c7c3..0ae3e60b 100644
+index 0b523cde..70198115 100644
 --- a/shared/templates/sebool/ansible.template
 +++ b/shared/templates/sebool/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
  # reboot = false
  # strategy = enable
  # complexity = low
-@@ -13,7 +13,7 @@
- {{% else %}}
- - (xccdf-var var_{{{ SEBOOLID }}})
- 
--{{% if product == "rhel8" %}}
-+{{% if product == "rhel8" or product == "almalinux8" %}}
- - name: Ensure python3-libsemanage installed
-   package:
-     name: python3-libsemanage
 diff --git a/shared/templates/sebool/bash.template b/shared/templates/sebool/bash.template
-index e9aab9d9..b01beace 100644
+index 9af01925..dcab0090 100644
 --- a/shared/templates/sebool/bash.template
 +++ b/shared/templates/sebool/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
  # reboot = false
  # strategy = enable
  # complexity = low
@@ -31894,12 +36360,12 @@ index 5571989a..8d3ea035 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/sysctl/bash.template b/shared/templates/sysctl/bash.template
-index a762794a..bd3f2d9c 100644
+index 6c82e6e3..f50f0147 100644
 --- a/shared/templates/sysctl/bash.template
 +++ b/shared/templates/sysctl/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
  # reboot = true
  # strategy = disable
  # complexity = low
@@ -31924,18 +36390,18 @@ index 25cd7432..a415f2a3 100644
  # Correct BLS option using grubby, which is a thin wrapper around BLS operations
  grubby --update-kernel=ALL --args="{{{ ARG_NAME }}}={{{ ARG_VALUE }}}"
 diff --git a/ssg/constants.py b/ssg/constants.py
-index e2d30772..6138b9a4 100644
+index a2f66c55..4e9f667c 100644
 --- a/ssg/constants.py
 +++ b/ssg/constants.py
-@@ -6,6 +6,7 @@ import os
- import time
+@@ -38,6 +38,7 @@ SSG_REF_URIS = {
+ }
  
  product_directories = [
 +    'almalinux8',
      'chromium',
-     'debian9', 'debian10',
+     'debian9', 'debian10', 'debian11',
      'example',
-@@ -153,6 +154,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
+@@ -194,6 +195,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
  }
  
  FULL_NAME_TO_PRODUCT_MAPPING = {
@@ -31943,40 +36409,33 @@ index e2d30772..6138b9a4 100644
      "Chromium": "chromium",
      "Debian 9": "debian9",
      "Debian 10": "debian10",
-@@ -194,10 +196,11 @@ REF_PREFIX_MAP = {
-     "stigid": "DISA-STIG",
- }
+@@ -261,11 +263,12 @@ REFERENCES = dict(
+ )
+ 
  
 -MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhosp", "rhv", "debian", "ubuntu",
 +MULTI_PLATFORM_LIST = ["almalinux", "rhel", "fedora", "rhosp", "rhv", "debian", "ubuntu",
-                        "wrlinux", "opensuse", "sle", "ol", "ocp", "rhcos", "example"]
+                        "wrlinux", "opensuse", "sle", "ol", "ocp", "rhcos",
+                        "example", "eks"]
  
  MULTI_PLATFORM_MAPPING = {
 +    "multi_platform_almalinux": ["almalinux8"],
-     "multi_platform_debian": ["debian9", "debian10"],
+     "multi_platform_debian": ["debian9", "debian10", "debian11"],
      "multi_platform_example": ["example"],
-     "multi_platform_fedora": ["fedora"],
-@@ -376,6 +379,7 @@ MAKEFILE_ID_TO_PRODUCT_MAP = {
-     'ol': 'Oracle Linux',
+     "multi_platform_eks": ["eks"],
+@@ -452,6 +455,7 @@ MAKEFILE_ID_TO_PRODUCT_MAP = {
      'ocp': 'Red Hat OpenShift Container Platform',
      'rhcos': 'Red Hat Enterprise Linux CoreOS',
+     'eks': 'Amazon Elastic Kubernetes Service',
 +    'almalinux': 'AlmaLinux',
  }
  
  
-diff --git a/tests/shared/grub2.sh b/tests/shared/grub2.sh
-index bce7683a..9d34864f 100644
---- a/tests/shared/grub2.sh
-+++ b/tests/shared/grub2.sh
-@@ -4,7 +4,7 @@ function set_grub_uefi_root {
- 	if grep NAME /etc/os-release | grep -iq fedora; then
- 		GRUB_CFG_ROOT=/boot/efi/EFI/fedora
- 	else
--		GRUB_CFG_ROOT=/boot/efi/EFI/redhat
-+		GRUB_CFG_ROOT=/boot/efi/EFI/almalinux
- 	fi
- }
- 
+@@ -465,4 +469,3 @@ DEFAULT_AIDE_CONF_PATH = '/etc/aide.conf'
+ DEFAULT_AIDE_BIN_PATH = '/usr/sbin/aide'
+ DEFAULT_SSH_DISTRIBUTED_CONFIG = 'false'
+ DEFAULT_PRODUCT = 'example'
+-
 diff --git a/tests/unit/ssg-module/data/file_owner_grub2_cfg.yml b/tests/unit/ssg-module/data/file_owner_grub2_cfg.yml
 index b0be0b4b..ef41579b 100644
 --- a/tests/unit/ssg-module/data/file_owner_grub2_cfg.yml
@@ -32000,8 +36459,195 @@ index ff0b30f0..0116294f 100644
  # reboot = false
  # strategy = restrict
  # complexity = low
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml
+index 40e55f09..cd8b4c74 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4
++prodtype: fedora,ol8,rhcos4,rhel8,almalinux8,rhel9,rhv4
+ 
+ title: 'Configure System Cryptography Policy'
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
+index efc1cab4..7e7ff6e1 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # packages = crypto-policies-scripts
+ 
+ # IMPORTANT: This is a false negative scenario.
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
+index 46d8e341..3e58358f 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # packages = crypto-policies-scripts
+ 
+ update-crypto-policies --set "DEFAULT"
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
+index a18ad25b..c7a3c469 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_ospp
+ # packages = crypto-policies-scripts
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
+index 04527eb2..7adf3b61 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
+ # packages = crypto-policies-scripts
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
+index 8864a8cd..6597c501 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
+ # packages = crypto-policies-scripts
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
+index 33719ca9..9de20e3c 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_ospp
+ # packages = crypto-policies-scripts
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
+index 6e53c39d..307cfba9 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_ospp
+ # packages = crypto-policies-scripts
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
+index 1cb6ea49..2a5dc207 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis_server_l1,xccdf_org.ssgproject.content_profile_cis_workstation_l1
+ # packages = crypto-policies-scripts
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
+index 51d35ff9..96db9dda 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_e8
+ # packages = crypto-policies-scripts
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
+index 053c5c1a..eafa80bc 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_standard
+ # packages = crypto-policies-scripts
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
+index 07cbb3f6..ae916f02 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_ospp
+ # packages = crypto-policies-scripts
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
+index 99d975bc..125e4ce2 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis,xccdf_org.ssgproject.content_profile_cis_workstation_l2
+ # packages = crypto-policies-scripts
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
+index fc7aeeae..3e831ed3 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
+ # packages = crypto-policies-scripts
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/package_abrt_removed/rule.yml b/tests/unit/ssg-module/test_playbook_builder_data/guide/package_abrt_removed/rule.yml
+index 5becd90b..976bc6a8 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/package_abrt_removed/rule.yml
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/package_abrt_removed/rule.yml
+@@ -1,6 +1,6 @@
+ documentation_complete: true
+ 
+-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
++prodtype: fedora,ol7,ol8,rhel7,rhel8,almalinux8,rhel9
+ 
+ title: 'Uninstall Automatic Bug Reporting Tool (abrt)'
+ 
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
+index 1c1560a8..fc86b614 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
+diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
+index 32baf94a..87ff017b 100644
+--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
++++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
++# platform = multi_platform_wrlinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+ # reboot = true
+ # strategy = restrict
+ # complexity = low
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/rules/selinux_state.yml b/tests/unit/ssg-module/test_playbook_builder_data/rules/selinux_state.yml
-index 2697e7af..c7d0f18d 100644
+index 64e6cee7..7bcd1518 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/rules/selinux_state.yml
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/rules/selinux_state.yml
 @@ -14,7 +14,7 @@ ocil_clause: SELINUX is not set to enforcing
diff --git a/SPECS/scap-security-guide.spec b/SPECS/scap-security-guide.spec
index 57ba3c2..a7c72d3 100644
--- a/SPECS/scap-security-guide.spec
+++ b/SPECS/scap-security-guide.spec
@@ -162,9 +162,7 @@ cd build
 %doc %{_docdir}/%{name}/LICENSE
 %doc %{_docdir}/%{name}/README.md
 %doc %{_docdir}/%{name}/Contributors.md
-%if ( %{defined rhel} && (! %{defined centos}) )
 %exclude %{_datadir}/%{name}/ansible/rule_playbooks
-%endif
 
 %files doc
 %doc %{_docdir}/%{name}/guides/*.html