diff --git a/.gitignore b/.gitignore index 39cf236..a9ce6aa 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ SOURCES/scap-security-guide-0.1.52-2.el7_9-rhel6.tar.bz2 SOURCES/scap-security-guide-0.1.73-1.el7_9-rhel7.tar.bz2 -SOURCES/scap-security-guide-0.1.76.tar.bz2 +SOURCES/scap-security-guide-0.1.77.tar.bz2 diff --git a/.scap-security-guide.metadata b/.scap-security-guide.metadata index ab58d8b..e2773c8 100644 --- a/.scap-security-guide.metadata +++ b/.scap-security-guide.metadata @@ -1,3 +1,3 @@ b22b45d29ad5a97020516230a6ef3140a91d050a SOURCES/scap-security-guide-0.1.52-2.el7_9-rhel6.tar.bz2 17274daaa588330aa4df9a4d8df5ef448e40a696 SOURCES/scap-security-guide-0.1.73-1.el7_9-rhel7.tar.bz2 -f4e1956b455a4c66160229334046efbe297fb001 SOURCES/scap-security-guide-0.1.76.tar.bz2 +3422596a0d3e3c2b68aa33683819b20b9a0c3ab0 SOURCES/scap-security-guide-0.1.77.tar.bz2 diff --git a/SOURCES/fix_scap_delta_tailoring.patch b/SOURCES/fix_scap_delta_tailoring.patch index a146bbc..d97c898 100644 --- a/SOURCES/fix_scap_delta_tailoring.patch +++ b/SOURCES/fix_scap_delta_tailoring.patch @@ -9,19 +9,19 @@ Subject: create_delta_scap_tailoring: pass path to build_config.yml explicitly 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmake/SSGCommon.cmake b/cmake/SSGCommon.cmake -index 337067c215..170ae3d39f 100644 +index c5c2f0d55d..81ff323b82 100644 --- a/cmake/SSGCommon.cmake +++ b/cmake/SSGCommon.cmake @@ -658,7 +658,7 @@ macro(ssg_build_disa_delta PRODUCT PROFILE) add_custom_command( OUTPUT "${CMAKE_BINARY_DIR}/${PRODUCT}/tailoring/${PRODUCT}_${PROFILE}_delta_tailoring.xml" COMMAND ${CMAKE_COMMAND} -E make_directory "${CMAKE_BINARY_DIR}/${PRODUCT}/tailoring" -- COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${PYTHON_EXECUTABLE}" "${CMAKE_SOURCE_DIR}/utils/create_scap_delta_tailoring.py" --root "${CMAKE_SOURCE_DIR}" --product "${PRODUCT}" --manual "${DISA_SCAP_REF}" --profile "${PROFILE}" --reference "stigid" --output "${CMAKE_BINARY_DIR}/${PRODUCT}/tailoring/${PRODUCT}_${PROFILE}_delta_tailoring.xml" --quiet --build-root ${CMAKE_BINARY_DIR} --resolved-rules-dir -+ COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${PYTHON_EXECUTABLE}" "${CMAKE_SOURCE_DIR}/utils/create_scap_delta_tailoring.py" --root "${CMAKE_SOURCE_DIR}" --product "${PRODUCT}" --manual "${DISA_SCAP_REF}" --profile "${PROFILE}" --reference "stigid" --output "${CMAKE_BINARY_DIR}/${PRODUCT}/tailoring/${PRODUCT}_${PROFILE}_delta_tailoring.xml" --quiet --build-root ${CMAKE_BINARY_DIR} --resolved-rules-dir -c ${CMAKE_BINARY_DIR}/build_config.yml +- COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${Python_EXECUTABLE}" "${CMAKE_SOURCE_DIR}/utils/create_scap_delta_tailoring.py" --root "${CMAKE_SOURCE_DIR}" --product "${PRODUCT}" --manual "${DISA_SCAP_REF}" --profile "${PROFILE}" --reference "stigid" --output "${CMAKE_BINARY_DIR}/${PRODUCT}/tailoring/${PRODUCT}_${PROFILE}_delta_tailoring.xml" --quiet --build-root ${CMAKE_BINARY_DIR} --resolved-rules-dir ++ COMMAND env "PYTHONPATH=$ENV{PYTHONPATH}" "${Python_EXECUTABLE}" "${CMAKE_SOURCE_DIR}/utils/create_scap_delta_tailoring.py" --root "${CMAKE_SOURCE_DIR}" --product "${PRODUCT}" --manual "${DISA_SCAP_REF}" --profile "${PROFILE}" --reference "stigid" --output "${CMAKE_BINARY_DIR}/${PRODUCT}/tailoring/${PRODUCT}_${PROFILE}_delta_tailoring.xml" --quiet --build-root ${CMAKE_BINARY_DIR} --resolved-rules-dir -c ${CMAKE_BINARY_DIR}/build_config.yml DEPENDS "${PRODUCT}-content" COMMENT "[${PRODUCT}-generate-ssg-delta] generating disa tailoring file" ) --- +-- 2.48.1 diff --git a/SOURCES/0001-Add-AlmaLinux-8-support.patch b/SOURCES/scap-security-guide-add-almalinux8-product.patch similarity index 86% rename from SOURCES/0001-Add-AlmaLinux-8-support.patch rename to SOURCES/scap-security-guide-add-almalinux8-product.patch index 798859b..fe6a9ec 100644 --- a/SOURCES/0001-Add-AlmaLinux-8-support.patch +++ b/SOURCES/scap-security-guide-add-almalinux8-product.patch @@ -1,9 +1,9 @@ diff --git a/CMakeLists.txt b/CMakeLists.txt -index 699194b97..00d54007e 100644 +index a31014247..ac0084aea 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -87,7 +87,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui - # project. Note that the example product is always disabled unless explicitly asked for. +@@ -90,7 +90,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui + option(SSG_PRODUCT_AL2023 "If enabled, the Amazon Linux 2023 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_ALINUX2 "If enabled, the Alibaba Cloud Linux 2 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_ALINUX3 "If enabled, the Alibaba Cloud Linux 3 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) -option(SSG_PRODUCT_ALMALINUX9 "If enabled, the AlmaLinux OS 9 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) @@ -11,8 +11,8 @@ index 699194b97..00d54007e 100644 option(SSG_PRODUCT_ANOLIS8 "If enabled, the Anolis OS 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_ANOLIS23 "If enabled, the Anolis OS 23 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_CHROMIUM "If enabled, the Chromium SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) -@@ -319,7 +319,7 @@ message(STATUS " ") - message(STATUS "Products:") +@@ -328,7 +328,7 @@ message(STATUS "Products:") + message(STATUS "Amazon Linux 2023: ${SSG_PRODUCT_AL2023}") message(STATUS "Alibaba Cloud Linux 2: ${SSG_PRODUCT_ALINUX2}") message(STATUS "Alibaba Cloud Linux 3: ${SSG_PRODUCT_ALINUX3}") -message(STATUS "AlmaLinux OS 9: ${SSG_PRODUCT_ALMALINUX9}") @@ -20,7 +20,7 @@ index 699194b97..00d54007e 100644 message(STATUS "Anolis OS 8: ${SSG_PRODUCT_ANOLIS8}") message(STATUS "Anolis OS 23: ${SSG_PRODUCT_ANOLIS23}") message(STATUS "Chromium: ${SSG_PRODUCT_CHROMIUM}") -@@ -386,8 +386,8 @@ endif() +@@ -394,8 +394,8 @@ endif() if(SSG_PRODUCT_ALINUX3) add_subdirectory("products/alinux3" "alinux3") endif() @@ -32,94 +32,66 @@ index 699194b97..00d54007e 100644 if(SSG_PRODUCT_ANOLIS8) add_subdirectory("products/anolis8" "anolis8") diff --git a/build_product b/build_product -index 89d967124..c982dabdf 100755 +index 90b25237e..891825861 100755 --- a/build_product +++ b/build_product -@@ -359,7 +359,7 @@ all_cmake_products=( +@@ -364,7 +364,7 @@ all_cmake_products=( AL2023 ALINUX2 ALINUX3 - ALMALINUX9 + ALMALINUX8 - ANOLIS8 ANOLIS23 + ANOLIS8 CHROMIUM diff --git a/cmake/SSGCommon.cmake b/cmake/SSGCommon.cmake -index 170ae3d39..7792051d3 100644 +index 81ff323b8..81458461f 100644 --- a/cmake/SSGCommon.cmake +++ b/cmake/SSGCommon.cmake -@@ -795,7 +795,7 @@ macro(ssg_build_product PRODUCT) +@@ -811,7 +811,7 @@ macro(ssg_build_product PRODUCT) ssg_render_policies_for_product(${PRODUCT}) add_dependencies(render-policies ${PRODUCT}-render-policies) -- if(SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "rhel(8|9)|ol8") -+ if(SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "rhel(8|9)|ol8|almalinux8") +- if(SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "rhel8|ol8") ++ if(SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "rhel8|ol8|almalinux8") ssg_build_disa_delta(${PRODUCT} "stig") add_dependencies(${PRODUCT} generate-ssg-delta-${PRODUCT}-stig) endif() -diff --git a/components/rpm.yml b/components/rpm.yml -index 1523ae90b..303232aca 100644 ---- a/components/rpm.yml -+++ b/components/rpm.yml -@@ -14,9 +14,9 @@ rules: - - ensure_gpgcheck_local_packages - - ensure_gpgcheck_never_disabled - - ensure_gpgcheck_repo_metadata -+- ensure_redhat_gpgkey_installed - - ensure_oracle_gpgkey_installed - - ensure_package_repositories_are_configured --- ensure_redhat_gpgkey_installed - - ensure_amazon_gpgkey_installed - - ensure_suse_gpgkey_installed - - ensure_almalinux_gpgkey_installed diff --git a/controls/anssi.yml b/controls/anssi.yml -index cdcec6573..c5d5087b0 100644 +index 86b84a044..2d04a7814 100644 --- a/controls/anssi.yml +++ b/controls/anssi.yml -@@ -1244,9 +1244,8 @@ controls: +@@ -806,10 +806,8 @@ controls: + ANSSI doesn't specify the length of the inactivity period, we are choosing 10 minutes as reasonable number. + status: automated + rules: +- {{% if "rhel" in product or "ol" in families %}} + - logind_session_timeout + - var_logind_session_timeout=10_minutes +- {{% endif %}} + - accounts_tmout + - var_accounts_tmout=10_min + +@@ -1246,7 +1244,7 @@ controls: - ensure_gpgcheck_never_disabled - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages - - ensure_redhat_gpgkey_installed -- - ensure_oracle_gpgkey_installed ++ - ensure_almalinux_gpgkey_installed + - ensure_oracle_gpgkey_installed - ensure_almalinux_gpgkey_installed -+ - ensure_oracle_gpgkey_installed - - id: R60 - title: Hardened package repositories -@@ -1370,10 +1369,8 @@ controls: - PAM delegates requests for remote authentication to this service through a - local Unix socket. The sssd service can use IPA, AD or LDAP as a remote - database containing information required for authentication. In case IPA or AD is configured through a documented way, the connection is secured by default. In case LDAP is configured manually, there are several configuration options which should be chedked. -- {{% if product in ["rhel8"] %}} - An allternative solution is to use nss-pam-ldapd package. - In case this package is used, we make sure that SSL is turned on and certificate is configured. -- {{% endif %}} - status: automated - rules: - - package_sssd_installed -@@ -1381,10 +1378,8 @@ controls: - - sssd_enable_pam_services - - sssd_ldap_configure_tls_reqcert - - sssd_ldap_start_tls -- {{% if product in ["rhel8","ol8"] %}} - - ldap_client_start_tls - - ldap_client_tls_cacertpath -- {{% endif %}} - related_rules: - - package_sssd-ipa_installed - {{% else %}} -@@ -1427,10 +1422,8 @@ controls: - securely to Samba domains. - Other relevant services are NIS and Hesiod. These should not be used. - status: automated -- {{% if product in ["rhel8","ol8"] %}} - rules: - - no_nis_in_nsswitch -- {{% endif %}} - {{% else %}} - status: pending - {{% endif %}} +@@ -1298,10 +1296,6 @@ controls: + - package_rsh_removed + - package_rsh-server_removed + - package_sendmail_removed +- {{%- if "rhel" not in product %}} +- - package_talk_removed +- - package_talk-server_removed +- {{%- endif %}} + - package_telnet_removed + - package_telnet-server_removed + - package_tftp_removed diff --git a/controls/cis_almalinux9.yml b/controls/cis_almalinux9.yml index 4591f52c6..670d0b14f 100644 --- a/controls/cis_almalinux9.yml @@ -134,10 +106,10 @@ index 4591f52c6..670d0b14f 100644 - id: 1.2.1.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/cis_rhel10.yml b/controls/cis_rhel10.yml -index e35482b2d..029f55f58 100644 +index 8a3fd6b86..e1a46a905 100644 --- a/controls/cis_rhel10.yml +++ b/controls/cis_rhel10.yml -@@ -315,7 +315,7 @@ controls: +@@ -303,7 +303,7 @@ controls: - l1_workstation status: manual related_rules: @@ -147,7 +119,7 @@ index e35482b2d..029f55f58 100644 - id: 1.2.1.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/cis_rhel8.yml b/controls/cis_rhel8.yml -index f2a1e6d3a..2657914ff 100644 +index 05152b5b8..fa73354e0 100644 --- a/controls/cis_rhel8.yml +++ b/controls/cis_rhel8.yml @@ -353,7 +353,7 @@ controls: @@ -160,7 +132,7 @@ index f2a1e6d3a..2657914ff 100644 - id: 1.2.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/cis_rhel9.yml b/controls/cis_rhel9.yml -index 05a3e4ac3..98cb1a49b 100644 +index 017acb8d4..d97bb7c0b 100644 --- a/controls/cis_rhel9.yml +++ b/controls/cis_rhel9.yml @@ -360,7 +360,7 @@ controls: @@ -173,10 +145,10 @@ index 05a3e4ac3..98cb1a49b 100644 - id: 1.2.1.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/e8.yml b/controls/e8.yml -index c3dc27737..3d81cacef 100644 +index dac6a8c85..640cd37c0 100644 --- a/controls/e8.yml +++ b/controls/e8.yml -@@ -22,7 +22,7 @@ controls: +@@ -24,7 +24,7 @@ controls: - service_avahi-daemon_disabled - package_squid_removed - service_squid_disabled @@ -186,66 +158,56 @@ index c3dc27737..3d81cacef 100644 - ensure_gpgcheck_local_packages - ensure_gpgcheck_globally_activated diff --git a/controls/hipaa.yml b/controls/hipaa.yml -index fdd9e8c65..ceefcc875 100644 +index 27895b700..a34683373 100644 --- a/controls/hipaa.yml +++ b/controls/hipaa.yml -@@ -167,9 +167,8 @@ controls: +@@ -167,7 +167,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed -- - ensure_suse_gpgkey_installed ++ - ensure_almalinux_gpgkey_installed + - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed -+ - ensure_suse_gpgkey_installed status: automated - - - id: 164.308(a)(3) -@@ -1393,9 +1392,8 @@ controls: +@@ -1388,7 +1388,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed -- - ensure_suse_gpgkey_installed ++ - ensure_almalinux_gpgkey_installed + - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed -+ - ensure_suse_gpgkey_installed status: automated - - - id: 164.312(c) -@@ -1424,9 +1422,8 @@ controls: +@@ -1419,7 +1419,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed -- - ensure_suse_gpgkey_installed ++ - ensure_almalinux_gpgkey_installed + - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed -+ - ensure_suse_gpgkey_installed status: automated - - - id: 164.312(c)(2) -@@ -1444,9 +1441,8 @@ controls: +@@ -1439,7 +1439,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed -- - ensure_suse_gpgkey_installed ++ - ensure_almalinux_gpgkey_installed + - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed -+ - ensure_suse_gpgkey_installed status: automated - - - id: 164.312(d) -@@ -1725,9 +1721,8 @@ controls: +@@ -1720,7 +1720,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed -- - ensure_suse_gpgkey_installed ++ - ensure_almalinux_gpgkey_installed + - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed -+ - ensure_suse_gpgkey_installed status: automated - - - id: 164.312(e)(2)(ii) diff --git a/controls/ospp.yml b/controls/ospp.yml -index 20ae9fa45..88a5dff83 100644 +index 505f7b2a7..e67bf76d1 100644 --- a/controls/ospp.yml +++ b/controls/ospp.yml @@ -447,7 +447,7 @@ controls: @@ -267,42 +229,20 @@ index 20ae9fa45..88a5dff83 100644 - id: FPT_TST_EXT.1 diff --git a/controls/pcidss_4.yml b/controls/pcidss_4.yml -index 39f47c3c3..99c13d3f4 100644 +index 1bdd27a73..111e3a773 100644 --- a/controls/pcidss_4.yml +++ b/controls/pcidss_4.yml -@@ -1555,9 +1555,8 @@ controls: +@@ -1555,7 +1555,7 @@ controls: - base status: automated rules: - - ensure_redhat_gpgkey_installed -- - ensure_suse_gpgkey_installed ++ - ensure_almalinux_gpgkey_installed + - ensure_suse_gpgkey_installed - ensure_almalinux_gpgkey_installed -+ - ensure_suse_gpgkey_installed - ensure_gpgcheck_globally_activated - - ensure_gpgcheck_never_disabled - - security_patches_up_to_date -diff --git a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml -index dbec9fe45..6ed3ea22d 100644 ---- a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml -+++ b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml -@@ -12,12 +12,12 @@ controls: - - ensure_gpgcheck_globally_activated - - ensure_gpgcheck_local_packages - - ensure_gpgcheck_never_disabled -+ {{% if 'almalinux' in product %}} -+ - ensure_almalinux_gpgkey_installed -+ {{% endif %}} - {{% if 'ubuntu' in product %}} - - apt_conf_disallow_unauthenticated - {{% endif %}} -- {{% if 'rhel' in product %}} -- - ensure_redhat_gpgkey_installed -- {{% endif %}} - {{% if 'ol' in product %}} - - ensure_oracle_gpgkey_installed - {{% endif %}} diff --git a/controls/stig_rhel9.yml b/controls/stig_rhel9.yml -index 32b70f006..37219d207 100644 +index f66299e6f..5448dee70 100644 --- a/controls/stig_rhel9.yml +++ b/controls/stig_rhel9.yml @@ -382,7 +382,7 @@ controls: @@ -315,10 +255,10 @@ index 32b70f006..37219d207 100644 - id: RHEL-09-214015 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml -index 21a6d25d6..9e6b00836 100644 +index 8a54d4697..6abfb9de5 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml -@@ -60,7 +60,7 @@ references: +@@ -58,7 +58,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 stigid@ol8: OL08-00-030490 @@ -328,10 +268,10 @@ index 21a6d25d6..9e6b00836 100644 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml -index c305be5d4..9e8cb614c 100644 +index e94eb91e5..377410917 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml -@@ -60,7 +60,7 @@ references: +@@ -58,7 +58,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 @@ -341,10 +281,10 @@ index c305be5d4..9e8cb614c 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml -index ba44cd4ce..c978b9f81 100644 +index ed9ccaa76..02f8ffca8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml -@@ -57,7 +57,7 @@ references: +@@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 stigid@ol8: OL08-00-030490 @@ -354,10 +294,10 @@ index ba44cd4ce..c978b9f81 100644 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml -index c89f9952e..16f942838 100644 +index f80d38457..2fd6f46d2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml -@@ -57,7 +57,7 @@ references: +@@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 stigid@ol8: OL08-00-030490 @@ -367,10 +307,10 @@ index c89f9952e..16f942838 100644 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml -index 56ec0034d..26c965977 100644 +index fd22549ec..209c4c7e7 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml -@@ -60,7 +60,7 @@ references: +@@ -58,7 +58,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 @@ -380,10 +320,10 @@ index 56ec0034d..26c965977 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml -index 4da5306eb..96780da76 100644 +index 2a85939aa..13daa8af2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml -@@ -57,7 +57,7 @@ references: +@@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 @@ -393,10 +333,10 @@ index 4da5306eb..96780da76 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml -index 01ddcaa79..dc65bd448 100644 +index ec82c00b2..2cf8f93c2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml -@@ -74,7 +74,7 @@ references: +@@ -72,7 +72,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -406,10 +346,10 @@ index 01ddcaa79..dc65bd448 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010147 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml -index 77ede090f..84af9eb21 100644 +index d67e6540a..538c1ac54 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml -@@ -69,7 +69,7 @@ references: +@@ -67,7 +67,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -419,10 +359,10 @@ index 77ede090f..84af9eb21 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010144 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml -index 9b93a4f4a..6db791741 100644 +index cad1fe481..600f7c63c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml -@@ -60,7 +60,7 @@ references: +@@ -58,7 +58,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 @@ -432,10 +372,10 @@ index 9b93a4f4a..6db791741 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml -index eccf126f2..e301893b2 100644 +index 4ee5f6e63..98a3e1acb 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml -@@ -74,7 +74,7 @@ references: +@@ -72,7 +72,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -445,10 +385,10 @@ index eccf126f2..e301893b2 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010146 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml -index 55afc87c7..61a43002c 100644 +index cb73837d1..fcac4c289 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml -@@ -69,7 +69,7 @@ references: +@@ -67,7 +67,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -458,10 +398,10 @@ index 55afc87c7..61a43002c 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010143 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml -index d800a14e3..f586a1eda 100644 +index 5047f8dbb..cc7ef99c9 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml -@@ -73,7 +73,7 @@ references: +@@ -71,7 +71,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -471,10 +411,10 @@ index d800a14e3..f586a1eda 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010145 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml -index 4f709ced1..6cf0fce0e 100644 +index ced035028..295a0bde4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml -@@ -69,7 +69,7 @@ references: +@@ -67,7 +67,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000466-GPOS-00210,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -484,10 +424,10 @@ index 4f709ced1..6cf0fce0e 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010142 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml -index 122e7f039..42e04c66d 100644 +index 1ad9716de..101e985d2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml -@@ -39,7 +39,7 @@ references: +@@ -29,7 +29,7 @@ references: nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol8: OL08-00-030570 @@ -497,10 +437,10 @@ index 122e7f039..42e04c66d 100644 stigid@sle15: SLES-15-030440 stigid@ubuntu2004: UBTU-20-010168 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml -index 2709c0194..34972cd3a 100644 +index 283887b06..d21cac99d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml -@@ -38,7 +38,7 @@ references: +@@ -28,7 +28,7 @@ references: nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol8: OL08-00-030330 @@ -510,10 +450,10 @@ index 2709c0194..34972cd3a 100644 stigid@sle15: SLES-15-030430 stigid@ubuntu2004: UBTU-20-010167 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml -index ba939bd99..f40dfe642 100644 +index d856df92b..893d7c84d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml -@@ -59,7 +59,7 @@ references: +@@ -44,7 +44,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030580 stigid@ol8: OL08-00-030260 @@ -523,10 +463,10 @@ index ba939bd99..f40dfe642 100644 stigid@sle15: SLES-15-030450 stigid@ubuntu2004: UBTU-20-010165 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml -index 7710a16da..b344a039e 100644 +index 3d2d16cbf..bbff02dba 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -41,7 +41,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250 stigid@ol7: OL07-00-030560 stigid@ol8: OL08-00-030313 @@ -536,10 +476,10 @@ index 7710a16da..b344a039e 100644 {{{ ocil_fix_srg_privileged_command("semanage", "/usr/sbin/", "privileged-unix-update") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml -index 5af56b1d2..a5074c050 100644 +index 96d7cc39f..9f17b86c4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml -@@ -46,7 +46,7 @@ references: +@@ -31,7 +31,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250 stigid@ol7: OL07-00-030590 stigid@ol8: OL08-00-030314 @@ -549,10 +489,10 @@ index 5af56b1d2..a5074c050 100644 {{{ ocil_fix_srg_privileged_command("setfiles", "/usr/sbin/", "privileged-unix-update") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml -index 5dafeb060..db55c65eb 100644 +index 64b708da8..ae0fdbb9d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml -@@ -55,7 +55,7 @@ references: +@@ -40,7 +40,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250 stigid@ol7: OL07-00-030570 stigid@ol8: OL08-00-030316 @@ -562,10 +502,10 @@ index 5dafeb060..db55c65eb 100644 {{{ ocil_fix_srg_privileged_command("setsebool", "/usr/sbin/", "privileged") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml -index 3b9508a74..7c11ab9f7 100644 +index d5ea2c39d..0fb547f36 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml -@@ -55,7 +55,7 @@ references: +@@ -53,7 +53,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 @@ -575,10 +515,10 @@ index 3b9508a74..7c11ab9f7 100644 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml -index 1de048100..766168996 100644 +index 1e6abacb0..ee116dee4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml -@@ -52,7 +52,7 @@ references: +@@ -50,7 +50,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 @@ -588,10 +528,10 @@ index 1de048100..766168996 100644 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml -index ab5a8cff6..8b6d610da 100644 +index 355f08fbc..1d3df69df 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml -@@ -49,7 +49,7 @@ references: +@@ -48,7 +48,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 @@ -601,10 +541,10 @@ index ab5a8cff6..8b6d610da 100644 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml -index 5ace03a60..d3eacf1a3 100644 +index b53d4ac72..d7815a931 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml -@@ -55,7 +55,7 @@ references: +@@ -53,7 +53,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 @@ -614,10 +554,10 @@ index 5ace03a60..d3eacf1a3 100644 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml -index 6d609b2eb..1fe02f0d5 100644 +index d3d204917..c4035be9a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml -@@ -52,7 +52,7 @@ references: +@@ -50,7 +50,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 @@ -627,10 +567,10 @@ index 6d609b2eb..1fe02f0d5 100644 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml -index 54002d249..eab8ab594 100644 +index a53d5291d..ef6abb9c6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml -@@ -64,7 +64,7 @@ references: +@@ -62,7 +62,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -640,10 +580,10 @@ index 54002d249..eab8ab594 100644 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml -index 34bc88541..dfe128709 100644 +index aa15c9920..c4d0813a3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml -@@ -64,7 +64,7 @@ references: +@@ -62,7 +62,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -653,10 +593,10 @@ index 34bc88541..dfe128709 100644 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml -index d40e5cecc..74615a3e2 100644 +index ab4461cd1..b5e215743 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml -@@ -66,7 +66,7 @@ references: +@@ -65,7 +65,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -666,10 +606,10 @@ index d40e5cecc..74615a3e2 100644 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml -index 86297fe41..3d17494ac 100644 +index cb5d26e07..d7a3d6d9e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml -@@ -55,7 +55,7 @@ references: +@@ -54,7 +54,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -679,10 +619,10 @@ index 86297fe41..3d17494ac 100644 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml -index 6bf71d78a..cdd5e064e 100644 +index 8ef8b4976..fff4ac288 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml -@@ -64,7 +64,7 @@ references: +@@ -62,7 +62,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -692,10 +632,10 @@ index 6bf71d78a..cdd5e064e 100644 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml -index 1cc55c41c..a6c46912e 100644 +index 24e9792b5..8c5731cfc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml -@@ -63,7 +63,7 @@ references: +@@ -61,7 +61,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -727,10 +667,10 @@ index 7c8e520c1..e5c1d9d93 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml -index 112f91278..14f745cad 100644 +index e50407102..d7042e140 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -54,7 +54,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030830 stigid@ol8: OL08-00-030390 @@ -762,10 +702,10 @@ index 639d76a21..7f4d463d6 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml -index 2756d56fa..a260684e6 100644 +index ba283b1a9..0caadc56b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml -@@ -54,7 +54,7 @@ references: +@@ -53,7 +53,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030820 stigid@ol8: OL08-00-030360 @@ -797,10 +737,10 @@ index 083a612a0..3228b89b7 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml -index 58cd30b2f..da5669b69 100644 +index e75ff68de..9e5917632 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -54,7 +54,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030820 stigid@ol8: OL08-00-030360 @@ -832,10 +772,10 @@ index 009564309..35ad01a74 100644 rm -f /etc/audit/rules.d/* diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml -index 3d2a43291..a91e740bc 100644 +index f86edca7e..71f59dc4a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml -@@ -49,7 +49,7 @@ references: +@@ -39,7 +39,7 @@ references: srg: SRG-OS-000392-GPOS-00172,SRG-OS-000470-GPOS-00214,SRG-OS-000473-GPOS-00218,SRG-APP-000503-CTR-001275,SRG-APP-000506-CTR-001290 stigid@ol7: OL07-00-030610 stigid@ol8: OL08-00-030590 @@ -845,7 +785,7 @@ index 3d2a43291..a91e740bc 100644 ocil_clause: 'the command does not return a line, or the line is commented out' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh -index aa5933406..9d159f0e4 100644 +index 536e45f3a..6fc5182e2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh @@ -1,6 +1,6 @@ @@ -853,11 +793,11 @@ index aa5933406..9d159f0e4 100644 # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux - # profiles = xccdf_org.ssgproject.content_profile_cis + # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh -index 742a8dc93..ebf3e4241 100644 +index e1aedcc12..041b3a99a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh @@ -1,6 +1,6 @@ @@ -865,11 +805,11 @@ index 742a8dc93..ebf3e4241 100644 # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux - # profiles = xccdf_org.ssgproject.content_profile_cis + # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh -index 1b52b43c4..959b8c363 100644 +index 19e56d957..62dc263da 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh @@ -1,6 +1,6 @@ @@ -877,11 +817,11 @@ index 1b52b43c4..959b8c363 100644 # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux - # profiles = xccdf_org.ssgproject.content_profile_cis + # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh -index 6e725d924..003cbad34 100644 +index 03066622a..00b22dffc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh @@ -1,6 +1,6 @@ @@ -889,11 +829,11 @@ index 6e725d924..003cbad34 100644 # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux - # profiles = xccdf_org.ssgproject.content_profile_cis + # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh -index be053a0e4..9ae68c06d 100644 +index 5997a0f4b..f8b934477 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh @@ -1,6 +1,6 @@ @@ -901,11 +841,11 @@ index be053a0e4..9ae68c06d 100644 # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux - # profiles = xccdf_org.ssgproject.content_profile_cis + # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh -index 32a315ee3..ceaa81c5d 100644 +index 6614a0151..2d8a70c4d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh @@ -1,6 +1,6 @@ @@ -913,11 +853,11 @@ index 32a315ee3..ceaa81c5d 100644 # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux - # profiles = xccdf_org.ssgproject.content_profile_cis + # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh -index 900ec1c42..66a26d349 100644 +index ca6cb501c..6e94b709f 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh @@ -1,6 +1,6 @@ @@ -925,11 +865,11 @@ index 900ec1c42..66a26d349 100644 # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux - # profiles = xccdf_org.ssgproject.content_profile_cis + # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh -index 6211dfd8a..0cc9223e1 100644 +index 4cf3be21b..634990a72 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh @@ -1,6 +1,6 @@ @@ -937,11 +877,11 @@ index 6211dfd8a..0cc9223e1 100644 # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux - # profiles = xccdf_org.ssgproject.content_profile_cis + # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh -index 1d00bfac9..41961fe47 100644 +index a943dcd2f..5a5c849c4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh @@ -1,6 +1,6 @@ @@ -949,11 +889,11 @@ index 1d00bfac9..41961fe47 100644 # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux - # profiles = xccdf_org.ssgproject.content_profile_cis + # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh -index a68b4e87a..33230eff8 100644 +index a3feca25d..eb3da476b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh @@ -1,6 +1,6 @@ @@ -961,11 +901,11 @@ index a68b4e87a..33230eff8 100644 # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux - # profiles = xccdf_org.ssgproject.content_profile_cis + # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh -index 97d8f88da..d35376777 100644 +index 4cee4cfb3..09d901e81 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh @@ -1,6 +1,6 @@ @@ -973,11 +913,11 @@ index 97d8f88da..d35376777 100644 # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux - # profiles = xccdf_org.ssgproject.content_profile_cis + # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh -index 43168b5cc..d87e6b3e3 100644 +index b15a095da..44c6a0115 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh @@ -1,6 +1,6 @@ @@ -985,14 +925,14 @@ index 43168b5cc..d87e6b3e3 100644 # packages = audit -# platform = multi_platform_rhel +# platform = multi_platform_rhel,multi_platform_almalinux - # profiles = xccdf_org.ssgproject.content_profile_cis + # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml -index ee68421a4..c2eb04164 100644 +index 5a6250df8..a51eb6d98 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml -@@ -52,7 +52,7 @@ references: +@@ -41,7 +41,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000470-GPOS-00214,SRG-APP-000495-CTR-001235,SRG-APP-000503-CTR-001275,SRG-APP-000506-CTR-001290 stigid@ol7: OL07-00-030620 stigid@ol8: OL08-00-030600 @@ -1214,10 +1154,10 @@ index 2dba37605..c9684121a 100644 ./generate_privileged_commands_rule.sh {{{ uid_min }}} own_key /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml -index ebb130081..5d0f04372 100644 +index e639a5125..73420f9ff 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml -@@ -59,7 +59,7 @@ references: +@@ -44,7 +44,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030660 stigid@ol8: OL08-00-030250 @@ -1227,10 +1167,10 @@ index ebb130081..5d0f04372 100644 stigid@sle15: SLES-15-030120 stigid@ubuntu2004: UBTU-20-010175 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml -index bf9ce6ce9..addc7d1c7 100644 +index fb79534fb..c3e97c421 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml -@@ -59,7 +59,7 @@ references: +@@ -44,7 +44,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030720 stigid@ol8: OL08-00-030410 @@ -1240,10 +1180,10 @@ index bf9ce6ce9..addc7d1c7 100644 stigid@sle15: SLES-15-030100 stigid@ubuntu2004: UBTU-20-010163 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml -index 99a41a0bd..a9aee449a 100644 +index 624cea581..794e22fdf 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml -@@ -58,7 +58,7 @@ references: +@@ -43,7 +43,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030800 stigid@ol8: OL08-00-030400 @@ -1253,10 +1193,10 @@ index 99a41a0bd..a9aee449a 100644 stigid@sle15: SLES-15-030130 stigid@ubuntu2004: UBTU-20-010177 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml -index d86dc06b6..1fcbaded1 100644 +index 4389958b9..a61089411 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml -@@ -59,7 +59,7 @@ references: +@@ -44,7 +44,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030650 stigid@ol8: OL08-00-030370 @@ -1286,10 +1226,10 @@ index f4fff8181..6c379ca01 100644 # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/insmod", "x", "modules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml -index 6b0577551..417636fce 100644 +index 2ff20d0f5..6946a0aa8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml -@@ -46,7 +46,7 @@ references: +@@ -29,7 +29,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030840 stigid@ol8: OL08-00-030580 @@ -1299,10 +1239,10 @@ index 6b0577551..417636fce 100644 stigid@sle15: SLES-15-030410 stigid@ubuntu2004: UBTU-20-010297 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml -index 8c9cda6bc..064be2883 100644 +index 4ea1447b8..3099b843b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml -@@ -48,7 +48,7 @@ references: +@@ -33,7 +33,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085 stigid@ol7: OL07-00-030740 stigid@ol8: OL08-00-030300 @@ -1312,10 +1252,10 @@ index 8c9cda6bc..064be2883 100644 stigid@ubuntu2004: UBTU-20-010138 stigid@ubuntu2204: UBTU-22-654065 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml -index d418cb87e..9367434f4 100644 +index 54d57f16f..3b190cb6e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml -@@ -59,7 +59,7 @@ references: +@@ -44,7 +44,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030710 stigid@ol8: OL08-00-030350 @@ -1325,10 +1265,10 @@ index d418cb87e..9367434f4 100644 stigid@sle15: SLES-15-030090 stigid@ubuntu2004: UBTU-20-010164 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml -index 39a88c457..46e4b7d77 100644 +index 96c78b0cd..4c75b5bb6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml -@@ -63,7 +63,7 @@ references: +@@ -47,7 +47,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030810 stigid@ol8: OL08-00-030340 @@ -1338,10 +1278,10 @@ index 39a88c457..46e4b7d77 100644 stigid@sle15: SLES-15-030510 stigid@ubuntu2004: UBTU-20-010178 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml -index 51384e3ea..bca6c4a7e 100644 +index e484c2ab9..dc9fd0d0a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -42,7 +42,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030630 stigid@ol8: OL08-00-030290 @@ -1351,10 +1291,10 @@ index 51384e3ea..bca6c4a7e 100644 stigid@sle15: SLES-15-030070 stigid@ubuntu2004: UBTU-20-010172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml -index 689846be0..170998446 100644 +index 0648bd704..d97263043 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -41,7 +41,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030760 stigid@ol8: OL08-00-030311 @@ -1364,10 +1304,10 @@ index 689846be0..170998446 100644 {{{ ocil_fix_srg_privileged_command("postdrop") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml -index 081af9c93..d91bd904d 100644 +index 737e2e757..2af34b992 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -41,7 +41,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030770 stigid@ol8: OL08-00-030312 @@ -1377,10 +1317,10 @@ index 081af9c93..d91bd904d 100644 {{{ ocil_fix_srg_privileged_command("postqueue") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml -index 670dc8ffc..4a3f802f0 100644 +index 9f240785c..1976e8d19 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml -@@ -41,7 +41,7 @@ references: +@@ -31,7 +31,7 @@ references: nist@sle12: AU-3,AU-3.1,AU-12(a),AU-12(c),AU-12.1(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol8: OL08-00-030280 @@ -1390,10 +1330,10 @@ index 670dc8ffc..4a3f802f0 100644 stigid@sle15: SLES-15-030370 stigid@ubuntu2004: UBTU-20-010140 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml -index 595e7b6cf..bbb05489f 100644 +index ec3847394..8377f7a4d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml -@@ -66,7 +66,7 @@ references: +@@ -52,7 +52,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030780 stigid@ol8: OL08-00-030320 @@ -1403,11 +1343,11 @@ index 595e7b6cf..bbb05489f 100644 stigid@sle15: SLES-15-030060 stigid@ubuntu2004: UBTU-20-010141 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml -index bf3adae2f..423054155 100644 +index 9c0cf28e1..b0a648750 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml -@@ -57,7 +57,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-0003,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-OS-000755-GPOS-00220 +@@ -43,7 +43,7 @@ references: + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030680 stigid@ol8: OL08-00-030190 - stigid@rhel8: RHEL-08-030190 @@ -1416,10 +1356,10 @@ index bf3adae2f..423054155 100644 stigid@sle15: SLES-15-030550 stigid@ubuntu2004: UBTU-20-010136 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml -index 454f68577..03cc1e157 100644 +index 53462f837..f0bb13d88 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml -@@ -58,7 +58,7 @@ references: +@@ -43,7 +43,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030690 stigid@ol8: OL08-00-030550 @@ -1429,10 +1369,10 @@ index 454f68577..03cc1e157 100644 stigid@sle15: SLES-15-030560 stigid@ubuntu2004: UBTU-20-010161 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml -index ddd2466b3..bc30c6665 100644 +index c394bccca..92abd6cf9 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml -@@ -57,7 +57,7 @@ references: +@@ -42,7 +42,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085 stigid@ol7: OL07-00-030750 stigid@ol8: OL08-00-030301 @@ -1442,10 +1382,10 @@ index ddd2466b3..bc30c6665 100644 stigid@ubuntu2004: UBTU-20-010139 stigid@ubuntu2204: UBTU-22-654115 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml -index d01d81fca..04c930100 100644 +index 8ad16ded9..d383f8bc3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml -@@ -61,7 +61,7 @@ references: +@@ -50,7 +50,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030640 stigid@ol8: OL08-00-030317 @@ -1455,11 +1395,11 @@ index d01d81fca..04c930100 100644 stigid@sle15: SLES-15-030110 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml -index 655f14784..cb8c772ff 100644 +index 58e79855e..1528edc4e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml -@@ -38,7 +38,7 @@ references: - disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 +@@ -28,7 +28,7 @@ identifiers: + references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol8: OL08-00-030310 - stigid@rhel8: RHEL-08-030310 @@ -1468,10 +1408,10 @@ index 655f14784..cb8c772ff 100644 stigid@ubuntu2204: UBTU-22-654120 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml -index 8473b25a0..6ae9e6f22 100644 +index ac93594cd..78144fc87 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml -@@ -54,7 +54,7 @@ references: +@@ -39,7 +39,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030670 stigid@ol8: OL08-00-030315 @@ -1481,10 +1421,10 @@ index 8473b25a0..6ae9e6f22 100644 {{{ ocil_fix_srg_privileged_command("userhelper") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml -index d54a24124..129eaeae3 100644 +index deb5e11e2..9a558e0c8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml -@@ -43,7 +43,7 @@ references: +@@ -33,7 +33,7 @@ references: nist@sle12: AU-3,AU-12(a),AU-12(c),MA-4(1)(a) srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol8: OL08-00-030560 @@ -1505,10 +1445,10 @@ index 26d02c24e..28daa9106 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml -index 3e5198685..7fce51fd8 100644 +index c6a7a6d5b..906e2cf00 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml -@@ -53,7 +53,7 @@ references: +@@ -51,7 +51,7 @@ references: pcidss: Req-10.5.2 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-APP-000119-CTR-000245,SRG-APP-000120-CTR-000250 stigid@ol8: OL08-00-030121 @@ -1518,11 +1458,11 @@ index 3e5198685..7fce51fd8 100644 ocil_clause: 'the audit system is not set to be immutable by adding the "-e 2" option to the end of "/etc/audit/audit.rules"' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml -index ecdc6aa7e..50b9dc000 100644 +index 2bf61cdeb..1cc70952a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml -@@ -32,7 +32,7 @@ references: - disa: CCI-000163,CCI-000172,CCI-000164,CCI-000162 +@@ -31,7 +31,7 @@ identifiers: + references: srg: SRG-OS-000462-GPOS-00206,SRG-OS-000475-GPOS-00220,SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029 stigid@ol8: OL08-00-030122 - stigid@rhel8: RHEL-08-030122 @@ -1542,7 +1482,7 @@ index 889f83178..7896d4cb1 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml -index 96a0fd181..8f8d29987 100644 +index bdaefe847..70f8cd70d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml @@ -53,7 +53,7 @@ references: @@ -1566,11 +1506,11 @@ index 8b2377d44..39c2bba69 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml -index 20c0566d6..c00ed3d39 100644 +index 755ca7cc0..ebb74f2ff 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml -@@ -33,7 +33,7 @@ references: - disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 +@@ -25,7 +25,7 @@ identifiers: + references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol8: OL08-00-030171 - stigid@rhel8: RHEL-08-030171 @@ -1579,11 +1519,11 @@ index 20c0566d6..c00ed3d39 100644 ocil_clause: 'the command does not return a line, or the line is commented out' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml -index 7a7c522d9..3265b03bf 100644 +index 6b62132f1..cb6f8397d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml -@@ -33,7 +33,7 @@ references: - disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 +@@ -25,7 +25,7 @@ identifiers: + references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol8: OL08-00-030172 - stigid@rhel8: RHEL-08-030172 @@ -1592,22 +1532,22 @@ index 7a7c522d9..3265b03bf 100644 ocil_clause: 'the command does not return a line, or the line is commented out' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml -index 3028257be..49e27f007 100644 +index 9c5b7d2eb..cae43ea29 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel -+# platform = multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_rhel,multi_platform_ubuntu ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh -index 15d6fa4e2..7f98c9915 100644 +index d0626b7aa..71cc2ea03 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel -+# platform = multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_rhel,multi_platform_ubuntu ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu # First perform the remediation of the syscall rule # Retrieve hardware architecture of the underlying system @@ -1623,10 +1563,10 @@ index 323a798b1..46fad7416 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml -index fe2ad3850..94e2346e4 100644 +index c3c11058b..69d23bb71 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml -@@ -55,7 +55,7 @@ references: +@@ -54,7 +54,7 @@ references: srg: SRG-OS-000326-GPOS-00126,SRG-OS-000327-GPOS-00127,SRG-APP-000343-CTR-000780,SRG-APP-000381-CTR-000905,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030360 stigid@ol8: OL08-00-030000 @@ -1647,10 +1587,10 @@ index 336beb2b7..26c47e462 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml -index 23b6aa511..b6ccde579 100644 +index d580edfe8..ac09998e1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml -@@ -57,7 +57,7 @@ references: +@@ -42,7 +42,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030871 stigid@ol8: OL08-00-030170 @@ -1660,10 +1600,10 @@ index 23b6aa511..b6ccde579 100644 stigid@sle15: SLES-15-030010 stigid@ubuntu2004: UBTU-20-010101 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml -index 66e53dab5..9c213c8fc 100644 +index 8eace6ca8..c47e005ba 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml -@@ -57,7 +57,7 @@ references: +@@ -42,7 +42,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030872 stigid@ol8: OL08-00-030160 @@ -1673,10 +1613,10 @@ index 66e53dab5..9c213c8fc 100644 stigid@sle15: SLES-15-030040 stigid@ubuntu2004: UBTU-20-010103 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml -index f76934615..504881518 100644 +index 609cb0029..2c250d9ea 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml -@@ -58,7 +58,7 @@ references: +@@ -43,7 +43,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030874 stigid@ol8: OL08-00-030140 @@ -1686,10 +1626,10 @@ index f76934615..504881518 100644 stigid@sle15: SLES-15-030030 stigid@ubuntu2004: UBTU-20-010104 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml -index 45030b4f9..623656779 100644 +index 488adbfd4..c5050080a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml -@@ -57,7 +57,7 @@ references: +@@ -42,7 +42,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-OS-000274-GPOS-00104,SRG-OS-000275-GPOS-00105,SRG-OS-000276-GPOS-00106,SRG-OS-000277-GPOS-00107,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030870 stigid@ol8: OL08-00-030150 @@ -1699,10 +1639,10 @@ index 45030b4f9..623656779 100644 stigid@sle15: SLES-15-030000 stigid@ubuntu2004: UBTU-20-010100 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml -index 01ff15bf6..65d6337f3 100644 +index db94ab154..64e7e2b24 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml -@@ -57,7 +57,7 @@ references: +@@ -42,7 +42,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030873 stigid@ol8: OL08-00-030130 @@ -1751,26 +1691,15 @@ index 8a58bbc38..1a73014dc 100644 @@ -1,5 +1,5 @@ --- -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos - # reboot = true - # strategy = restrict - # complexity = low -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml -index 140506b60..4290a051f 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml -@@ -1,5 +1,5 @@ - --- --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml -index b648f54cc..87157586f 100644 +index cee24a320..b38be8e70 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml -@@ -36,7 +36,7 @@ references: +@@ -35,7 +35,7 @@ references: pcidss: Req-10.5.1 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084 stigid@ol8: OL08-00-030110 @@ -1792,10 +1721,10 @@ index 09d4e8ff5..6a8e8bdab 100644 groupadd group_test diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml -index de4d603cd..a76d9c19b 100644 +index c854a2105..4d0c81ab6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml -@@ -32,7 +32,7 @@ references: +@@ -31,7 +31,7 @@ references: pcidss: Req-10.5.1 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084 stigid@ol8: OL08-00-030100 @@ -1805,7 +1734,7 @@ index de4d603cd..a76d9c19b 100644 ocil_clause: the directory is not owned by root diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml -index b558e92ad..d62740922 100644 +index ea887e926..6b83d3b6b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/rule.yml @@ -3,7 +3,7 @@ documentation_complete: true @@ -1817,7 +1746,7 @@ index b558e92ad..d62740922 100644 Verify the audit log directories have a mode of "0700" or less permissive by first determining where the audit logs are stored with the following command: 
$ sudo grep -iw log_file /etc/audit/auditd.conf
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: DE.AE-3,DE.AE-5,PR.AC-4,PR.DS-5,PR.PT-1,RS.AN-1,RS.AN-4
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029
      stigid@ol8: OL08-00-030120
@@ -1826,7 +1755,7 @@ index b558e92ad..d62740922 100644
      stigid@ubuntu2004: UBTU-20-010128
      stigid@ubuntu2204: UBTU-22-653060
  
-@@ -70,7 +70,7 @@ ocil: |-
+@@ -69,7 +69,7 @@ ocil: |-
  
      Replace "[audit_log_directory]" to the correct audit log directory path, by default this location is "/var/log/audit".
  
@@ -1835,7 +1764,7 @@ index b558e92ad..d62740922 100644
      The correct permissions are 0700
      {{% else %}}
      If the log_group is "root" or is not set, the correct permissions are 0700, otherwise they are 0750.
-@@ -83,7 +83,7 @@ fixtext: |-
+@@ -82,7 +82,7 @@ fixtext: |-
  
      $ sudo grep "^log_file" /etc/audit/auditd.conf
  
@@ -1845,10 +1774,10 @@ index b558e92ad..d62740922 100644
  
      $ sudo chmod 0700 [audit_log_directory]
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
-index cfcf088bd..9bdb0b72a 100644
+index d06c3f256..a2e1d5b76 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
 +++ b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      pcidss: Req-10.5.1
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-030090
@@ -1882,10 +1811,10 @@ index cf4b02b90..cd69f17c2 100644
  if grep -iwq "log_file" /etc/audit/auditd.conf; then
      FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
-index 703a5d470..c8e265b3e 100644
+index ffa92db48..d8802af47 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
 +++ b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      pcidss: Req-10.5.1
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-030080
@@ -1908,10 +1837,10 @@ index d597ca07f..75a41c4fd 100644
  chown testuser_123 $FILE
  {{% else %}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
-index 19e01c03a..9588a89c8 100644
+index 2e7c2a583..d491fcb64 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
 +++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
-@@ -50,7 +50,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-OS-000206-GPOS-00084,SRG-APP-000118-CTR-000240
      stigid@ol7: OL07-00-910055
      stigid@ol8: OL08-00-030070
@@ -1945,10 +1874,10 @@ index 0bfa82083..6ad184b90 100644
  . $SHARED/auditd_utils.sh
  prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
-index 9fdd5f730..dccc1f6b4 100644
+index f2e15ff51..42a638118 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      nist@sle15: AU-4
      srg: SRG-OS-000341-GPOS-00132,SRG-OS-000342-GPOS-00133
      stigid@ol8: OL08-00-030660
@@ -1993,7 +1922,7 @@ index f5932e35a..b5c0dd6d6 100644
  {{% else %}}
      ^[ ]*enable_krb5[ ]+=[ ]+yes[ ]*$
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
-index a08582b06..f0daf5ff4 100644
+index 54f63944c..1f5d7a5c9 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
 @@ -6,7 +6,7 @@ title: 'Encrypt Audit Records Sent With audispd Plugin'
@@ -2005,7 +1934,7 @@ index a08582b06..f0daf5ff4 100644
      Set the transport option in 
{{{ audisp_conf_path }}}/audisp-remote.conf

      to KRB5.
  {{% else %}}
-@@ -43,7 +43,7 @@ ocil_clause: 'audispd is not encrypting audit records when sent over the network
+@@ -42,7 +42,7 @@ ocil_clause: 'audispd is not encrypting audit records when sent over the network
  ocil: |-
      To verify the audispd plugin encrypts audit records off-loaded onto a different
      system or media from the system being audited, run the following command:
@@ -2063,7 +1992,7 @@ index 864e97b31..ee1a0f679 100644
  . $SHARED/auditd_utils.sh
  prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
-index caf9766f5..e38ca2773 100644
+index daceead28..c40548882 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
 @@ -1,6 +1,6 @@
@@ -2071,9 +2000,9 @@ index caf9766f5..e38ca2773 100644
  # packages = audit
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- # remediation = bash
  
  . $SHARED/auditd_utils.sh
+ prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
 index c87268eae..306dcfbce 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
@@ -2110,10 +2039,10 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
-index c3734c2bf..c8547b5eb 100644
+index 375c0c064..b1eaa97f3 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      nist-csf: DE.AE-3,DE.AE-5,PR.DS-4,PR.PT-1,RS.AN-1,RS.AN-4
      srg: SRG-OS-000047-GPOS-00023,SRG-APP-000098-CTR-000185,SRG-APP-000099-CTR-000190,SRG-APP-000100-CTR-000195,SRG-APP-000100-CTR-000200,SRG-APP-000109-CTR-000215,SRG-APP-000290-CTR-000670,SRG-APP-000357-CTR-000800
      stigid@ol8: OL08-00-030040
@@ -2145,10 +2074,10 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
-index 55ec11167..79ab2e8a0 100644
+index 106865c39..f21baac16 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
-@@ -49,7 +49,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      nist@sle12: AU-5(b),AU-5.1(iv)
      srg: SRG-OS-000047-GPOS-00023
      stigid@ol8: OL08-00-030060
@@ -2169,10 +2098,10 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
-index ea6b13852..574d80fac 100644
+index b713fd1f3..6ee35dd27 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      srg: SRG-OS-000046-GPOS-00022,SRG-OS-000343-GPOS-00134
      stigid@ol7: OL07-00-030350
      stigid@ol8: OL08-00-030020
@@ -2270,10 +2199,10 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
-index 30931a5e2..40de099cd 100644
+index 80fe2e195..270d67ddc 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
-@@ -58,7 +58,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      srg: SRG-OS-000343-GPOS-00134
      stigid@ol7: OL07-00-030340
      stigid@ol8: OL08-00-030731
@@ -2283,10 +2212,10 @@ index 30931a5e2..40de099cd 100644
      stigid@ubuntu2204: UBTU-22-653040
  
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
-index a7c0963ac..71fd60240 100644
+index fa227b1e2..3e1908da0 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      srg: SRG-OS-000343-GPOS-00134
      stigid@ol7: OL07-00-030330
      stigid@ol8: OL08-00-030730
@@ -2318,10 +2247,10 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
-index 8aabe5ca5..47fad3734 100644
+index 47c85d958..273b947ce 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml
-@@ -24,7 +24,7 @@ references:
+@@ -23,7 +23,7 @@ references:
      nist: CM-6
      srg: SRG-OS-000062-GPOS-00031,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-030061
@@ -2342,10 +2271,10 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
-index 1e4489ec6..9efec94dd 100644
+index b68991fb0..5efeaa2d1 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml
-@@ -26,7 +26,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      ospp: FAU_GEN.1.2
      srg: SRG-OS-000255-GPOS-00096,SRG-OS-000480-GPOS-00227,SRG-APP-000096-CTR-000175,SRG-APP-000097-CTR-000180,SRG-APP-000098-CTR-000185,SRG-APP-000099-CTR-000190,SRG-APP-000100-CTR-000195,SRG-APP-000100-CTR-000200,SRG-APP-000109-CTR-000215,SRG-APP-000290-CTR-000670,SRG-APP-000357-CTR-000800
      stigid@ol8: OL08-00-030063
@@ -2366,10 +2295,10 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
-index 3adb155e4..6ffb0c791 100644
+index 8d2ade1f0..01df8dc2d 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      srg: SRG-OS-000039-GPOS-00017,SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
      stigid@ol7: OL07-00-030211
      stigid@ol8: OL08-00-030062
@@ -2379,10 +2308,10 @@ index 3adb155e4..6ffb0c791 100644
  ocil_clause: name_format isn't set to {{{ xccdf_value("var_auditd_name_format") }}}
  
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
-index 0182850d3..baf98cc48 100644
+index 24fd62ec9..76099c32d 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/rule.yml
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
      stigid@ol7: OL07-00-030210
      stigid@ol8: OL08-00-030700
@@ -2416,10 +2345,10 @@ index bcafc35b8..1579dc90f 100644
  {{% else %}}
      The setting for remote_server in /etc/audisp/audisp-remote.conf
 diff --git a/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_auditd/rule.yml b/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_auditd/rule.yml
-index 50f9e7742..e60a7155e 100644
+index b7a7425db..b7f5fe021 100644
 --- a/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_auditd/rule.yml
 +++ b/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_auditd/rule.yml
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      nist: AU-12(b)
      srg: SRG-OS-000063-GPOS-00032
      stigid@ol8: OL08-00-030610
@@ -2429,10 +2358,10 @@ index 50f9e7742..e60a7155e 100644
      stigid@ubuntu2204: UBTU-22-653065
  
 diff --git a/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_rulesd/rule.yml b/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_rulesd/rule.yml
-index 47c502bef..3a05556b9 100644
+index 13839f9d4..42c127bf4 100644
 --- a/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_rulesd/rule.yml
 +++ b/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_rulesd/rule.yml
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      nist: AU-12(b)
      srg: SRG-OS-000063-GPOS-00032
      stigid@ol8: OL08-00-030610
@@ -2442,10 +2371,10 @@ index 47c502bef..3a05556b9 100644
      stigid@ubuntu2204: UBTU-22-653065
  
 diff --git a/linux_os/guide/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/auditing/grub2_audit_argument/rule.yml
-index e53a46352..48cb9c37d 100644
+index aa6e2fd46..396d74ba7 100644
 --- a/linux_os/guide/auditing/grub2_audit_argument/rule.yml
 +++ b/linux_os/guide/auditing/grub2_audit_argument/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      pcidss: Req-10.3
      srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000254-GPOS-00095
      stigid@ol8: OL08-00-030601
@@ -2466,10 +2395,10 @@ index 065c1d459..3915234ff 100644
  # Break the audit argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml
-index 3caeb9ae7..d759aa716 100644
+index b9e9d9fee..77a5843bf 100644
 --- a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml
 +++ b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      ospp: FAU_STG.1,FAU_STG.3
      srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000254-GPOS-00095,SRG-OS-000341-GPOS-00132,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215
      stigid@ol8: OL08-00-030602
@@ -2478,32 +2407,11 @@ index 3caeb9ae7..d759aa716 100644
  
  ocil_clause: 'audit backlog limit is not configured'
  
-diff --git a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
-index aaffbf476..dd784d58c 100644
---- a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
-+++ b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/correct_grubenv.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
- 
- grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) audit_backlog_limit=8192"
-diff --git a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/wrong_value_rhel8.fail.sh b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/wrong_value_rhel8.fail.sh
-index f93dc5644..13ab00c1b 100644
---- a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/wrong_value_rhel8.fail.sh
-+++ b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/tests/wrong_value_rhel8.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
- 
- # Break the audit_backlog_limit argument in kernel command line in /boot/grub2/grubenv
- file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/auditing/package_audit_installed/rule.yml b/linux_os/guide/auditing/package_audit_installed/rule.yml
-index 6353d9d95..12a9aced8 100644
+index d7e7d5882..1ac81775f 100644
 --- a/linux_os/guide/auditing/package_audit_installed/rule.yml
 +++ b/linux_os/guide/auditing/package_audit_installed/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      pcidss: Req-10.1
      srg: SRG-OS-000062-GPOS-00031,SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000475-GPOS-00220
      stigid@ol8: OL08-00-030180
@@ -2799,10 +2707,10 @@ index 23940aca3..8775144da 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/auditing/service_auditd_enabled/rule.yml b/linux_os/guide/auditing/service_auditd_enabled/rule.yml
-index 675afac32..db22141bb 100644
+index 70100ca64..985020423 100644
 --- a/linux_os/guide/auditing/service_auditd_enabled/rule.yml
 +++ b/linux_os/guide/auditing/service_auditd_enabled/rule.yml
-@@ -56,7 +56,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      srg: SRG-OS-000062-GPOS-00031,SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000475-GPOS-00220,SRG-APP-000095-CTR-000170,SRG-APP-000409-CTR-000990,SRG-APP-000508-CTR-001300,SRG-APP-000510-CTR-001310
      stigid@ol7: OL07-00-030000
      stigid@ol8: OL08-00-030181
@@ -2812,11 +2720,11 @@ index 675afac32..db22141bb 100644
      stigid@sle15: SLES-15-030050
      stigid@ubuntu2004: UBTU-20-010182
 diff --git a/linux_os/guide/services/base/package_abrt_removed/rule.yml b/linux_os/guide/services/base/package_abrt_removed/rule.yml
-index 4613ec199..1e9063ce9 100644
+index c06c5a45f..b06d38ab3 100644
 --- a/linux_os/guide/services/base/package_abrt_removed/rule.yml
 +++ b/linux_os/guide/services/base/package_abrt_removed/rule.yml
-@@ -26,7 +26,7 @@ references:
-     disa: CCI-000381
+@@ -25,7 +25,7 @@ identifiers:
+ references:
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
@@ -2825,10 +2733,10 @@ index 4613ec199..1e9063ce9 100644
  {{{ complete_ocil_entry_package(package="abrt") }}}
  
 diff --git a/linux_os/guide/services/base/service_kdump_disabled/rule.yml b/linux_os/guide/services/base/service_kdump_disabled/rule.yml
-index 6ac54b57b..bb599fdaa 100644
+index 8ee783afd..98ede1a6f 100644
 --- a/linux_os/guide/services/base/service_kdump_disabled/rule.yml
 +++ b/linux_os/guide/services/base/service_kdump_disabled/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000269-GPOS-00103,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021300
      stigid@ol8: OL08-00-010670
@@ -2838,7 +2746,7 @@ index 6ac54b57b..bb599fdaa 100644
      stigid@sle15: SLES-15-040190
      stigid@ubuntu2004: UBTU-20-010413
 diff --git a/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml b/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml
-index 617dc8b2a..f1a6aa4ae 100644
+index 1e53d881f..9f512382c 100644
 --- a/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml
 +++ b/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml
 @@ -1,4 +1,4 @@
@@ -2858,7 +2766,7 @@ index 7977cba9f..2f6eb4edf 100644
  {{% else %}}
  {{% set service_name = "cron" %}}
 diff --git a/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml b/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml
-index 67fc86c42..a397633e8 100644
+index 04032738f..2e8afbf93 100644
 --- a/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml
 +++ b/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml
 @@ -25,7 +25,7 @@ references:
@@ -2889,10 +2797,10 @@ index 67fc86c42..a397633e8 100644
      Build the whitelist in the "/etc/fapolicyd/fapolicyd.rules" file ensuring the last rule is "deny perm=any all : all".
  
 diff --git a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
-index 5149ccb54..ba4119ca0 100644
+index 1cd3362af..da9359f9a 100644
 --- a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
 +++ b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
-@@ -24,7 +24,7 @@ references:
+@@ -23,7 +23,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230
      stigid@ol8: OL08-00-040135
@@ -2902,10 +2810,10 @@ index 5149ccb54..ba4119ca0 100644
  ocil_clause: 'the fapolicyd package is not installed'
  
 diff --git a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
-index d1b5254d2..828ac2fd7 100644
+index 0103276fa..9b6a98b60 100644
 --- a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
 +++ b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230
      stigid@ol8: OL08-00-040136
@@ -2915,10 +2823,10 @@ index d1b5254d2..828ac2fd7 100644
  ocil_clause: 'the service is not enabled'
  
 diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
-index fecfd7986..6a7709ea2 100644
+index 04137daf7..f6493dc07 100644
 --- a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
 +++ b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      srg: SRG-OS-000074-GPOS-00042,SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040690
      stigid@ol8: OL08-00-040360
@@ -2928,10 +2836,10 @@ index fecfd7986..6a7709ea2 100644
      stigid@sle15: SLES-15-010030
  
 diff --git a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
-index a68fa90a8..5cd576d4e 100644
+index afb4c4283..074514570 100644
 --- a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
 +++ b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      ism: 0418,1055,1402
      srg: SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010161
@@ -2941,10 +2849,10 @@ index a68fa90a8..5cd576d4e 100644
  platforms:
      - krb5_server_older_than_1_17-18 and krb5_workstation_older_than_1_17-18
 diff --git a/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml b/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml
-index 36dc8de85..e64652a1b 100644
+index a05bf0ab7..6fe35f2ab 100644
 --- a/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml
 +++ b/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      nist: IA-7,IA-7.1
      srg: SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010163
@@ -2954,10 +2862,10 @@ index 36dc8de85..e64652a1b 100644
  platforms:
      - krb5_server_older_than_1_17-18
 diff --git a/linux_os/guide/services/mail/package_mailx_installed/rule.yml b/linux_os/guide/services/mail/package_mailx_installed/rule.yml
-index ac5972341..4328c61b2 100644
+index 6813cbd04..b253e2d71 100644
 --- a/linux_os/guide/services/mail/package_mailx_installed/rule.yml
 +++ b/linux_os/guide/services/mail/package_mailx_installed/rule.yml
-@@ -24,7 +24,7 @@ references:
+@@ -23,7 +23,7 @@ references:
      srg: SRG-OS-000363-GPOS-00150
      stigid@ol7: OL07-00-020028
      stigid@ol8: OL08-00-010358
@@ -2967,12 +2875,12 @@ index ac5972341..4328c61b2 100644
      stigid@sle15: SLES-15-010418
  
 diff --git a/linux_os/guide/services/mail/package_postfix_installed/rule.yml b/linux_os/guide/services/mail/package_postfix_installed/rule.yml
-index 6ba5bd00e..e0188820d 100644
+index a2b8325d2..1b7a24e1f 100644
 --- a/linux_os/guide/services/mail/package_postfix_installed/rule.yml
 +++ b/linux_os/guide/services/mail/package_postfix_installed/rule.yml
-@@ -19,7 +19,7 @@ identifiers:
+@@ -18,7 +18,7 @@ identifiers:
+ 
  references:
-     disa: CCI-000139
      srg: SRG-OS-000046-GPOS-00022
 -    stigid@rhel8: RHEL-08-030030
 +    stigid@almalinux8: RHEL-08-030030
@@ -2980,10 +2888,10 @@ index 6ba5bd00e..e0188820d 100644
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
-index 8b23a9474..87280428f 100644
+index e8a1d74e8..e3a36fed3 100644
 --- a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
 +++ b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040002
@@ -3013,10 +2921,10 @@ index 001ead7d6..1fc220d8a 100644
  {{{ bash_instantiate_variables("var_postfix_root_mail_alias") }}}
  
 diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml
-index 6b5349b41..1873724cd 100644
+index 5e8bccde0..80f2add37 100644
 --- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml
 +++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      nist: AU-5(a),AU-5.1(ii)
      srg: SRG-OS-000046-GPOS-00022
      stigid@ol8: OL08-00-030030
@@ -3026,10 +2934,10 @@ index 6b5349b41..1873724cd 100644
  ocil_clause: 'the alias is not set or is not root'
  
 diff --git a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
-index b66afbaae..b0dab5753 100644
+index a2bdd6f43..21f0b5b77 100644
 --- a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
 +++ b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
-@@ -26,7 +26,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040680
      stigid@ol8: OL08-00-040290
@@ -3039,10 +2947,10 @@ index b66afbaae..b0dab5753 100644
  ocil_clause: 'the "smtpd_client_restrictions" parameter contains any entries other than "permit_mynetworks" and "reject"'
  
 diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
-index eaee5b233..41c58ffc4 100644
+index 481dc9e6a..29172bde0 100644
 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
 +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010640
@@ -3052,10 +2960,10 @@ index eaee5b233..41c58ffc4 100644
  ocil_clause: 'the setting does not show'
  
 diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
-index 6673f2b5b..abeb64446 100644
+index 75ce5867c..2e17f1cb5 100644
 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
 +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021021
      stigid@ol8: OL08-00-010630
@@ -3065,10 +2973,10 @@ index 6673f2b5b..abeb64446 100644
      stigid@sle15: SLES-15-040170
  
 diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
-index 11ef40a64..ddc51b730 100644
+index 1c8d98fcb..0a6f42ea6 100644
 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
 +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021020
      stigid@ol8: OL08-00-010650
@@ -3113,10 +3021,10 @@ index c435df983..b80ffbf7b 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
-index b37e8c606..e38d1ae22 100644
+index 2c0c6ea89..5e7d1c16b 100644
 --- a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
 +++ b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-030741
@@ -3137,10 +3045,10 @@ index c435df983..b80ffbf7b 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
-index 7a926f6fe..5d9485f1b 100644
+index 74f052e77..7c9bf38dc 100644
 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
 +++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      nist: CM-7(1)
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-030742
@@ -3161,10 +3069,10 @@ index c435df983..b80ffbf7b 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
-index 33ac6c19a..b3de88fff 100644
+index 36dfcb701..184fd87bc 100644
 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
 +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
-@@ -93,7 +93,7 @@ references:
+@@ -92,7 +92,7 @@ references:
      srg: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144,SRG-OS-000359-GPOS-00146
      stigid@ol7: OL07-00-040500
      stigid@ol8: OL08-00-030740
@@ -3232,11 +3140,11 @@ index c435df983..b80ffbf7b 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml
-index 353812b08..2eb12a06e 100644
+index 55ade0342..524ebff75 100644
 --- a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml
 +++ b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml
-@@ -25,7 +25,7 @@ references:
-     disa: CCI-001890,CCI-004926,CCI-004923
+@@ -24,7 +24,7 @@ identifiers:
+ references:
      srg: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144,SRG-OS-000359-GPOS-00146
      stigid@ol8: OL08-00-030740
 -    stigid@rhel8: RHEL-08-030740
@@ -3245,10 +3153,10 @@ index 353812b08..2eb12a06e 100644
  ocil_clause: 'an authoritative remote time server is not configured or configured with pool directive'
  
 diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml b/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml
-index 516a57a68..1b36373e5 100644
+index 08a94cbe4..34e23459b 100644
 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml
 +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      nist: CM-6(a),AU-8(1)(a)
      pcidss: Req-10.4.3
      srg: SRG-OS-000355-GPOS-00143
@@ -3291,10 +3199,10 @@ index 722c975d6..e171b138c 100644
      - general:
          The 
ntp
 package is not available in {{{ full_name }}}. Please
 diff --git a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
-index 8ea49101f..7d4e47fb9 100644
+index 51d236af8..bf0d9c0ec 100644
 --- a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
 +++ b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040550
      stigid@ol8: OL08-00-010460
@@ -3304,10 +3212,10 @@ index 8ea49101f..7d4e47fb9 100644
      stigid@sle15: SLES-15-040030
  
 diff --git a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
-index e6cce8607..cb93701a4 100644
+index 40d562c8b..3ca683178 100644
 --- a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
 +++ b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040540
      stigid@ol8: OL08-00-010470
@@ -3317,10 +3225,10 @@ index e6cce8607..cb93701a4 100644
      stigid@sle15: SLES-15-040020
  
 diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
-index 3c2b23136..44a4266fb 100644
+index 417b18c5f..06188458a 100644
 --- a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol7: OL07-00-020000
      stigid@ol8: OL08-00-040010
@@ -3329,7 +3237,7 @@ index 3c2b23136..44a4266fb 100644
      stigid@ubuntu2004: UBTU-20-010406
      stigid@ubuntu2204: UBTU-22-215030
  
-@@ -47,7 +47,7 @@ template:
+@@ -46,7 +46,7 @@ template:
      vars:
          pkgname: rsh-server
  
@@ -3339,10 +3247,10 @@ index 3c2b23136..44a4266fb 100644
      - general:
          The package is not available in {{{ full_name }}}.
 diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
-index 011a419a9..de86972f8 100644
+index 725bde26d..b28992711 100644
 --- a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
-@@ -59,7 +59,7 @@ template:
+@@ -58,7 +58,7 @@ template:
          pkgname@ubuntu2204: rsh-client
          pkgname@ubuntu2404: rsh-client
  
@@ -3365,10 +3273,10 @@ index a820ba060..2b38dc61f 100644
      - general:
          The package is not available in {{{ full_name }}}.
 diff --git a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
-index 58c464869..4c9d3a00c 100644
+index c64a7a41a..8e56b0fa3 100644
 --- a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
-@@ -40,7 +40,7 @@ template:
+@@ -39,7 +39,7 @@ template:
      vars:
          pkgname: talk
  
@@ -3378,10 +3286,10 @@ index 58c464869..4c9d3a00c 100644
      - general:
          The package is not available in {{{ full_name }}}.
 diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
-index eb3db257a..e1affb1e8 100644
+index 6a75cc624..4e5df259d 100644
 --- a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol7: OL07-00-021710
      stigid@ol8: OL08-00-040000
@@ -3391,10 +3299,10 @@ index eb3db257a..e1affb1e8 100644
      stigid@sle15: SLES-15-010180
  
 diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
-index 3f6b4f8cb..b2ded3e59 100644
+index af692d8b8..8e67c7591 100644
 --- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040700
      stigid@ol8: OL08-00-040190
@@ -3403,8 +3311,18 @@ index 3f6b4f8cb..b2ded3e59 100644
  
  {{{ complete_ocil_entry_package(package=package_name) }}}
  
+diff --git a/linux_os/guide/services/obsolete/tftp/tftp_uses_secure_mode_systemd/rule.yml b/linux_os/guide/services/obsolete/tftp/tftp_uses_secure_mode_systemd/rule.yml
+index 8cad348d7..7b726486f 100644
+--- a/linux_os/guide/services/obsolete/tftp/tftp_uses_secure_mode_systemd/rule.yml
++++ b/linux_os/guide/services/obsolete/tftp/tftp_uses_secure_mode_systemd/rule.yml
+@@ -46,4 +46,4 @@ identifiers:
+ references:
+     nist: IA-5 (1) (c)
+     srg: SRG-OS-000074-GPOS-00042
+-    stigid@rhel8: RHEL-08-040350
++    stigid@almalinux8: RHEL-08-040350
 diff --git a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
-index 8b3864392..0c9ad8711 100644
+index ae4633025..fd77672ef 100644
 --- a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
 +++ b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
 @@ -6,7 +6,7 @@ title: 'Ensure tftp Daemon Uses Secure Mode'
@@ -3416,12 +3334,8 @@ index 8b3864392..0c9ad8711 100644
      ensure /etc/xinetd.d/tftp includes -s as a command line argument,
      as shown in the following example:
      
server_args = -s {{{ xccdf_value("var_tftpd_secure_directory") }}}

-@@ -45,10 +45,10 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
-     stigid@ol7: OL07-00-040720
+@@ -46,7 +46,7 @@ references:
      stigid@ol8: OL08-00-040350
--    stigid@rhel8: RHEL-08-040350
-+    stigid@almalinux8: RHEL-08-040350
  
  ocil_clause: |-
 -{{%- if product in ["ol7","rhel8","ol8","rhv4"] %}}
@@ -3429,7 +3343,7 @@ index 8b3864392..0c9ad8711 100644
      '"server_args" line does not have a "-s" option, and a subdirectory is not assigned'
  {{%- else %}}
      'the "ExecStart" line does not have a "-s" option, and a subdirectory is not assigned'
-@@ -58,7 +58,7 @@ ocil: |-
+@@ -56,7 +56,7 @@ ocil: |-
      Verify the TFTP daemon is configured to operate in secure mode.
  
      Check if a TFTP server is installed with the following command:
@@ -3438,7 +3352,7 @@ index 8b3864392..0c9ad8711 100644
      
$ rpm -qa | grep tftp

      {{% else %}}
      
$ sudo dnf list --installed tftp-server
-@@ -68,7 +68,7 @@ ocil: |-
+@@ -66,7 +66,7 @@ ocil: |-
  
      If a TFTP server is not installed, this is Not Applicable.
      


@@ -3447,7 +3361,7 @@ index 8b3864392..0c9ad8711 100644
      If a TFTP server is installed, verify TFTP is configured by with
      the -s option by running the following command:
  
-@@ -82,7 +82,7 @@ ocil: |-
+@@ -80,7 +80,7 @@ ocil: |-
      {{% endif %}}
  
  fixtext: |-
@@ -3457,11 +3371,11 @@ index 8b3864392..0c9ad8711 100644
  
      server_args = -s {{{ xccdf_value("var_tftpd_secure_directory") }}}
 diff --git a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
-index df5f18c3b..d4339ebfd 100644
+index 6e3b6bce2..56a4eb7eb 100644
 --- a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
 +++ b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
-@@ -23,7 +23,7 @@ references:
-     disa: CCI-000366
+@@ -22,7 +22,7 @@ identifiers:
+ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010473
 -    stigid@rhel8: RHEL-08-010471
@@ -3520,10 +3434,10 @@ index c54b259d0..78a682cc8 100644
  {{{ bash_instantiate_variables("var_snmpd_ro_string", "var_snmpd_rw_string") }}}
  
 diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml
-index 8e73eb2e5..ecdc62c46 100644
+index b84a52d6f..ab1bbf555 100644
 --- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml
 +++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml
-@@ -54,7 +54,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040420
      stigid@ol8: OL08-00-010490
@@ -3533,10 +3447,10 @@ index 8e73eb2e5..ecdc62c46 100644
      stigid@sle15: SLES-15-040250
  
 diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
-index 9e802982d..20d9545a2 100644
+index 36d0e74f9..febf1a858 100644
 --- a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
 +++ b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040410
      stigid@ol8: OL08-00-010480
@@ -3546,10 +3460,10 @@ index 9e802982d..20d9545a2 100644
      stigid@sle15: SLES-15-040240
  
 diff --git a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml
-index 27e2fe7ba..5cfd5d9c9 100644
+index d4198b6bf..002f6ab65 100644
 --- a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml
 +++ b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      srg: SRG-OS-000423-GPOS-00187,SRG-OS-000424-GPOS-00188,SRG-OS-000425-GPOS-00189,SRG-OS-000426-GPOS-00190
      stigid@ol7: OL07-00-040300
      stigid@ol8: OL08-00-040159
@@ -3559,10 +3473,10 @@ index 27e2fe7ba..5cfd5d9c9 100644
      stigid@ubuntu2204: UBTU-22-255010
  
 diff --git a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
-index 46d2a4599..4ad07b099 100644
+index 9abc9978b..5d0dd8ce0 100644
 --- a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
 +++ b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      srg: SRG-OS-000423-GPOS-00187,SRG-OS-000424-GPOS-00188,SRG-OS-000425-GPOS-00189,SRG-OS-000426-GPOS-00190
      stigid@ol7: OL07-00-040310
      stigid@ol8: OL08-00-040160
@@ -3612,11 +3526,11 @@ index 13306db45..22d8b4ee0 100644
  # put line into the file
  echo "export SSH_USE_STRONG_RNG=32" > /etc/profile.d/cc-ssh-strong-rng.sh
 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
-index 022d46803..1c9c8880b 100644
+index 2b759401c..c522d36a4 100644
 --- a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
-@@ -26,7 +26,7 @@ references:
-     disa: CCI-000186
+@@ -25,7 +25,7 @@ identifiers:
+ references:
      srg: SRG-OS-000067-GPOS-00035
      stigid@ol8: OL08-00-010100
 -    stigid@rhel8: RHEL-08-010100
@@ -3636,10 +3550,10 @@ index 5a97f74df..104b27f3f 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
-index 3f4b9fb42..df175a70c 100644
+index 253ab5b5f..31dc2b85d 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
-@@ -53,7 +53,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      srg: SRG-OS-000106-GPOS-00053,SRG-OS-000480-GPOS-00229,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-010300
      stigid@ol8: OL08-00-020330
@@ -3649,10 +3563,10 @@ index 3f4b9fb42..df175a70c 100644
      stigid@sle15: SLES-15-040440
      stigid@ubuntu2004: UBTU-20-010047
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
-index 45010c036..2aca7eeb8 100644
+index c6b99c6d1..5f1367e5c 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      srg: SRG-OS-000364-GPOS-00151,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040430
      stigid@ol8: OL08-00-010522
@@ -3662,10 +3576,10 @@ index 45010c036..2aca7eeb8 100644
  {{{ complete_ocil_entry_sshd_option(default="yes", option="GSSAPIAuthentication", value="no") }}}
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
-index baa1a8c31..9591371cc 100644
+index bc9ed8989..8003a519d 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000364-GPOS-00151,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040440
      stigid@ol8: OL08-00-010521
@@ -3675,10 +3589,10 @@ index baa1a8c31..9591371cc 100644
  {{{ complete_ocil_entry_sshd_option(default="yes", option="KerberosAuthentication", value="no") }}}
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
-index 5ef44759f..0ec26af63 100644
+index bcd1f8664..a8e444e01 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
-@@ -50,7 +50,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      srg: SRG-OS-000109-GPOS-00056,SRG-OS-000480-GPOS-00227,SRG-APP-000148-CTR-000335,SRG-APP-000190-CTR-000500
      stigid@ol7: OL07-00-040370
      stigid@ol8: OL08-00-010550
@@ -3688,10 +3602,10 @@ index 5ef44759f..0ec26af63 100644
      stigid@sle15: SLES-15-020040
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
-index 362fe2673..a091f8c9b 100644
+index cb85e9b9f..ea32f0ddc 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040380
      stigid@ol8: OL08-00-010520
@@ -3701,10 +3615,10 @@ index 362fe2673..a091f8c9b 100644
      stigid@sle15: SLES-15-040230
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
-index 9fa2cb3cd..cdd5e9a94 100644
+index 0348c8fa8..5048e8d2d 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040710
      stigid@ol8: OL08-00-040340
@@ -3714,10 +3628,10 @@ index 9fa2cb3cd..cdd5e9a94 100644
      stigid@ubuntu2004: UBTU-20-010048
      stigid@ubuntu2204: UBTU-22-255040
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
-index 6c1a29f3f..ba96ded74 100644
+index 30fb39d46..09a484514 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000480-GPOS-00229
      stigid@ol7: OL07-00-010460
      stigid@ol8: OL08-00-010830
@@ -3727,10 +3641,10 @@ index 6c1a29f3f..ba96ded74 100644
      stigid@sle15: SLES-15-040440
      stigid@ubuntu2004: UBTU-20-010047
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
-index 3320ebf99..15111b069 100644
+index 41813a145..5f623c635 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040450
      stigid@ol8: OL08-00-010500
@@ -3740,10 +3654,10 @@ index 3320ebf99..15111b069 100644
      stigid@sle15: SLES-15-040260
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
-index 2437b9f0f..f845afee1 100644
+index 3dc5d4b69..e1e9d1c00 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088
      stigid@ol7: OL07-00-040170
      stigid@ol8: OL08-00-010040
@@ -3753,10 +3667,10 @@ index 2437b9f0f..f845afee1 100644
      stigid@sle15: SLES-15-010040
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml
-index ef2ba3929..c0cbe8629 100644
+index c50e74d6a..f2b911a88 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040360
      stigid@ol8: OL08-00-020350
@@ -3766,10 +3680,10 @@ index ef2ba3929..c0cbe8629 100644
      stigid@sle15: SLES-15-020120
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml
-index 897603d8f..8d4d45030 100644
+index 0c5cee4d3..a15692234 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      ospp: FCS_SSH_EXT.1.8
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000033-GPOS-00014
      stigid@ol8: OL08-00-040161
@@ -3779,20 +3693,21 @@ index 897603d8f..8d4d45030 100644
  ocil_clause: 'it is commented out or is not set'
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
-index a31a14f8a..c0c2d6725 100644
+index d2d6b5cdc..8bbe0381b 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
-@@ -1,4 +1,4 @@
+@@ -1,5 +1,5 @@
+ #!/bin/bash
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  
  mkdir -p /etc/ssh/sshd_config.d
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
-index 1e9c04404..262cf38a6 100644
+index 1f5a8ad84..6e04908e9 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
-@@ -54,7 +54,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      srg: SRG-OS-000126-GPOS-00066,SRG-OS-000163-GPOS-00072,SRG-OS-000279-GPOS-00109,SRG-OS-000395-GPOS-00175
      stigid@ol7: OL07-00-040320
      stigid@ol8: OL08-00-010201
@@ -3802,10 +3717,10 @@ index 1e9c04404..262cf38a6 100644
      stigid@sle15: SLES-15-010280
      stigid@ubuntu2004: UBTU-20-010037
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
-index 56e90a9e5..f8cc88f4c 100644
+index c070ef735..877addf58 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
-@@ -53,7 +53,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      pcidss: Req-8.1.8
      srg: SRG-OS-000163-GPOS-00072,SRG-OS-000279-GPOS-00109
      stigid@ol8: OL08-00-010200
@@ -3815,10 +3730,10 @@ index 56e90a9e5..f8cc88f4c 100644
      stigid@sle15: SLES-15-010320
      stigid@ubuntu2004: UBTU-20-010036
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml
-index 8a48ac77d..3bb124d42 100644
+index 474574c71..f46a68fbf 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000250-GPOS-00093
      stigid@ol7: OL07-00-040712
      stigid@ol8: OL08-00-040342
@@ -3839,11 +3754,11 @@ index 3fd2901a9..82981db09 100644
  source common.sh
  
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
-index 20d36dd38..5f1cc3ab5 100644
+index d14c9a95a..49dd4c6b9 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
-@@ -29,7 +29,7 @@ references:
-     disa: CCI-000366
+@@ -28,7 +28,7 @@ identifiers:
+ references:
      srg: SRG-OS-000480-GPOS-00232,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010292
 -    stigid@rhel8: RHEL-08-010292
@@ -3852,10 +3767,10 @@ index 20d36dd38..5f1cc3ab5 100644
  ocil: |-
      To determine whether the SSH service is configured to use strong entropy seed,
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
-index 6fb515baf..62d97825a 100644
+index 6ad7267d4..ce0943438 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040711
      stigid@ol8: OL08-00-040341
@@ -3865,10 +3780,10 @@ index 6fb515baf..62d97825a 100644
      stigid@ubuntu2004: UBTU-20-010049
      stigid@ubuntu2204: UBTU-22-255045
 diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
-index abff8a19d..cb6b4e213 100644
+index 72fef8496..2b1f36863 100644
 --- a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      nist: IA-2(11)
      srg: SRG-OS-000375-GPOS-00160,SRG-OS-000377-GPOS-00162
      stigid@ol8: OL08-00-010400
@@ -3878,10 +3793,10 @@ index abff8a19d..cb6b4e213 100644
  ocil_clause: 'certificate_verification in sssd is not configured'
  
 diff --git a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
-index 0c4a9a86a..1c957d991 100644
+index a789a2154..fca2acf51 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ references:
     nist: IA-5 (2) (c)
     srg: SRG-OS-000068-GPOS-00036
     stigid@ol8: OL08-00-020090
@@ -3913,10 +3828,19 @@ index b8ebf0eb5..b6ce47ea9 100644
    comment="tests the presence of try_cert_auth or require_cert_auth in /etc/pam.d/system-auth"
    id="test_sssd_enable_smartcards_cert_auth_system_auth" version="2">
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
-index 4054fdd24..b1cc5b4bf 100644
+index 261bbb8ff..80517bddf 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -10,7 +10,7 @@ description: |-
+     
[pam]
+     pam_cert_auth = True
+     

+-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
++    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
+     Add or update "pam_sss.so" line in auth section of "/etc/pam.d/system-auth" file to include
+     "try_cert_auth" or "require_cert_auth" option, like in the following example:
+     
+@@ -49,7 +49,7 @@ references:
      pcidss: Req-8.3
      srg: SRG-OS-000375-GPOS-00160,SRG-OS-000105-GPOS-00052,SRG-OS-000106-GPOS-00053,SRG-OS-000107-GPOS-00054,SRG-OS-000108-GPOS-00055
      stigid@ol8: OL08-00-020250
@@ -4034,10 +3958,10 @@ index 456f06484..e6fb4c857 100644
  SSSD_FILE="/etc/sssd/sssd.conf"
  rm -f $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
-index ceeecb8cb..09ff7a09b 100644
+index c9ea75be4..da9d57791 100644
 --- a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
    nist: IA-5 (2) (a)
    srg: SRG-OS-000066-GPOS-00034,SRG-OS-000384-GPOS-00167
    stigid@ol8: OL08-00-010090
@@ -4046,30 +3970,8 @@ index ceeecb8cb..09ff7a09b 100644
  
  warnings:
      - general: |-
-diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
-index 89bba2055..e5967d9dd 100644
---- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
-+++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
-@@ -4,7 +4,7 @@
-     
-       
--      {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
-+      {{% if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
-       
-       {{% endif %}}
-@@ -25,7 +25,7 @@
-   
-     1
-   
--  {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
-+  {{% if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
-   
 diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
-index dfa576a1c..311e0cafa 100644
+index aa18d4e35..0cb6f4880 100644
 --- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
 @@ -5,7 +5,7 @@ title: 'Configure SSSD to Expire Offline Credentials'
@@ -4081,7 +3983,7 @@ index dfa576a1c..311e0cafa 100644
      Check if SSSD allows cached authentications with the following command:
      
      $ sudo grep cache_credentials /etc/sssd/sssd.conf
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.AC-1,PR.AC-6,PR.AC-7
      srg: SRG-OS-000383-GPOS-00166
      stigid@ol8: OL08-00-020290
@@ -4090,7 +3992,7 @@ index dfa576a1c..311e0cafa 100644
      stigid@sle12: SLES-12-010680
      stigid@sle15: SLES-15-010500
      stigid@ubuntu2004: UBTU-20-010441
-@@ -54,7 +54,7 @@ references:
+@@ -53,7 +53,7 @@ references:
  ocil_clause: 'it does not exist or is not configured properly'
  
  ocil: |-
@@ -4112,11 +4014,44 @@ index 7bf7526b9..418158aab 100644
  source common.sh
  
  echo -e "[pam]\noffline_credentials_expiration = 2" >> $SSSD_CONF
+diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/correct_value_conf_d.pass.sh b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/correct_value_conf_d.pass.sh
+index 6c41a9f1a..e4d84fc8e 100644
+--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/correct_value_conf_d.pass.sh
++++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/correct_value_conf_d.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-{{%- if product in ["rhel8"] %}}
++{{%- if product in ["rhel8", "almalinux8"] %}}
+ # platform = Not Applicable
+ {{%- endif %}}
+ # packages = sssd
+diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/correct_value_dropin.pass.sh b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/correct_value_dropin.pass.sh
+index 88eb4681a..24544b9c5 100644
+--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/correct_value_dropin.pass.sh
++++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/correct_value_dropin.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-{{%- if product in ["rhel8"] %}}
++{{%- if product in ["rhel8", "almalinux8"] %}}
+ # platform = Not Applicable
+ {{%- endif %}}
+ # packages = sssd
+diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/wrong_value_conf_d.fail.sh b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/wrong_value_conf_d.fail.sh
+index eab3590a9..f9b8c15de 100644
+--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/wrong_value_conf_d.fail.sh
++++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/tests/wrong_value_conf_d.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-{{%- if product in ["rhel8"] %}}
++{{%- if product in ["rhel8", "almalinux8"] %}}
+ # platform = Not Applicable
+ {{%- endif %}}
+ # packages = sssd
 diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
-index c1e549877..611b62e64 100644
+index 8a770f083..d8ee4b792 100644
 --- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
 +++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000062-GPOS-00031,SRG-OS-000471-GPOS-00215,SRG-APP-000141-CTR-000315
      stigid@ol8: OL08-00-030603
@@ -4126,10 +4061,10 @@ index c1e549877..611b62e64 100644
  platform: package[usbguard]
  
 diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
-index 0ee956052..552fb175e 100644
+index 8db664879..453c9b916 100644
 --- a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
 +++ b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
-@@ -50,7 +50,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000378-GPOS-00163,SRG-APP-000141-CTR-000315
      stigid@ol8: OL08-00-040139
@@ -4139,10 +4074,10 @@ index 0ee956052..552fb175e 100644
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
-index e8112110a..b42279c97 100644
+index 429bf35a0..265f33eb4 100644
 --- a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
 +++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
-@@ -26,7 +26,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000378-GPOS-00163,SRG-APP-000141-CTR-000315
      stigid@ol8: OL08-00-040141
@@ -4152,10 +4087,10 @@ index e8112110a..b42279c97 100644
  ocil_clause: 'the service is not enabled'
  
 diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
-index c5d5738db..f1010c040 100644
+index c645bb0b2..0eb2b1f56 100644
 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
 +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      nist: CM-8(3)(a),IA-3
      srg: SRG-OS-000378-GPOS-00163
      stigid@ol8: OL08-00-040140
@@ -4165,20 +4100,20 @@ index c5d5738db..f1010c040 100644
  ocil_clause: 'there is no evidence that unauthorized peripherals are being blocked before establishing a connection'
  
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
-index 2a8bebbe1..cd47ddf3f 100644
+index 58d9ff9dc..6ac924253 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_almalinux
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_ol,multi_platform_almalinux
+-# platform = Red Hat Enterprise Linux 8,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
++# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
-index 5d3f071b2..52c14053a 100644
+index 35b8388e2..a4e603bc6 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040730
      stigid@ol8: OL08-00-040320
@@ -4188,10 +4123,10 @@ index 5d3f071b2..52c14053a 100644
  ocil_clause: 'xorg related packages are not removed and run level is not correctly configured'
  
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
-index cdf17da62..5725f1cc9 100644
+index 1d7d94ae3..02b34e53c 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      nist-csf: PR.AC-3,PR.PT-4
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040321
@@ -4240,26 +4175,6 @@ index d3da2f113..a90d73d4b 100644
 +# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
  
  ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target
-diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
-index 58d38f9a2..4eea80461 100644
---- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
-index bfa9ddc92..cd29e3739 100644
---- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("login_banner_text") }}}
- 
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml
 index c2feb1fbc..116c6cde5 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml
@@ -4272,10 +4187,10 @@ index c2feb1fbc..116c6cde5 100644
  kind: MachineConfig
  metadata:
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
-index 88aa853a5..faf29e85a 100644
+index 7a84cd09a..1abcaefdb 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
-@@ -121,7 +121,7 @@ references:
+@@ -119,7 +119,7 @@ references:
      srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088
      stigid@ol7: OL07-00-010050
      stigid@ol8: OL08-00-010060
@@ -4284,41 +4199,11 @@ index 88aa853a5..faf29e85a 100644
      stigid@sle12: SLES-12-010030
      stigid@sle15: SLES-15-010020
  
-diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
-index 2a975b00b..09ecda363 100644
---- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
-index 632aa10fd..b2ce651cd 100644
---- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("motd_banner_text") }}}
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
-index 5814a30bd..aa4aa4c5c 100644
---- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
-index a1f30e5c3..62a7e0658 100644
+index 5220efa10..8bcc08af3 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
-@@ -53,7 +53,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088
      stigid@ol7: OL07-00-010030
      stigid@ol8: OL08-00-010049
@@ -4327,21 +4212,11 @@ index a1f30e5c3..62a7e0658 100644
      stigid@sle12: SLES-12-010040
      stigid@sle15: SLES-15-010080
      stigid@ubuntu2004: UBTU-20-010002
-diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
-index 86aff54f9..b295782b0 100644
---- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
-index 6be15fae6..afe502fd9 100644
+index 73a117135..0b809f579 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
-@@ -57,7 +57,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088
      stigid@ol7: OL07-00-010040
      stigid@ol8: OL08-00-010050
@@ -4351,54 +4226,54 @@ index 6be15fae6..afe502fd9 100644
      stigid@sle15: SLES-15-010090
      stigid@ubuntu2004: UBTU-20-010003
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
-index 1b2e46eff..6c22561e3 100644
+index 6a271415e..db0169ab1 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
-+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ncp
  # packages = dconf,gdm
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
-index a3e7ebc0e..c65609786 100644
+index 814770179..c8048d4c7 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
-+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_stig
  # packages = dconf,gdm
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
-index 4af47e3e0..0fe73b672 100644
+index 39efbc8ba..fd836684b 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
-+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_stig
  # packages = dconf,gdm
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
-index e1abf408e..ea28b1697 100644
+index 7c4c9bb29..477057df2 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
-+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_stig
  # packages = dconf,gdm
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml b/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml
-index b789b906e..18feffa3d 100644
+index 6b5b1a246..45eb0c5dc 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      srg: SRG-OS-000373-GPOS-00156,SRG-OS-000373-GPOS-00157,SRG-OS-000373-GPOS-00158
      stigid@ol7: OL07-00-010344
      stigid@ol8: OL08-00-010385
@@ -4408,10 +4283,10 @@ index b789b906e..18feffa3d 100644
      stigid@sle15: SLES-15-020104
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
-index 60b2ae3a3..9d9f27880 100644
+index 380448538..aee22f515 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
-@@ -54,7 +54,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040530
      stigid@ol8: OL08-00-020340
@@ -4457,10 +4332,10 @@ index 325d5860a..68371758c 100644
  if authselect list-features sssd | grep -q with-silent-lastlog; then
      authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
-index 533db0328..ef8174729 100644
+index 3b21d8cfd..af684690b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
-@@ -21,7 +21,7 @@ references:
+@@ -20,7 +20,7 @@ references:
      nist: AC-7 (a)
      srg: SRG-OS-000021-GPOS-00005
      stigid@ol8: OL08-00-020026
@@ -4494,10 +4369,10 @@ index 077479b8a..7be653143 100644
  authselect create-profile test_profile -b sssd
  authselect select "custom/test_profile" --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
-index 5be40f349..0d7ca9097 100644
+index de067ad49..b98fb378d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
-@@ -21,7 +21,7 @@ references:
+@@ -20,7 +20,7 @@ references:
      nist: AC-7 (a)
      srg: SRG-OS-000021-GPOS-00005
      stigid@ol8: OL08-00-020025
@@ -4531,10 +4406,10 @@ index 077479b8a..7be653143 100644
  authselect create-profile test_profile -b sssd
  authselect select "custom/test_profile" --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
-index e46b40d68..77a2a4d91 100644
+index 4ee5fd8dc..1d411a7ac 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
-@@ -23,7 +23,7 @@ references:
+@@ -22,7 +22,7 @@ references:
      nist: AC-7 (a)
      srg: SRG-OS-000021-GPOS-00005
      stigid@ol8: OL08-00-020027,OL08-00-020028
@@ -4544,11 +4419,10 @@ index e46b40d68..77a2a4d91 100644
  platform: system_with_kernel
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
-index 5e75c996c..b1a17491a 100644
+index d805aa018..e8fe8823a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
-@@ -1,7 +1,7 @@
- 
+@@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
@@ -4928,10 +4802,10 @@ index 253d50de1..44cb00aed 100644
  
  remember_cnt=3
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml
-index a25e3c01a..0beff3a62 100644
+index b3cd63014..81e021cdd 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml
-@@ -20,7 +20,7 @@ references:
+@@ -19,7 +19,7 @@ references:
      nist: AC-7 (a)
      srg: SRG-OS-000021-GPOS-00005
      stigid@ol8: OL08-00-020020,OL08-00-020021
@@ -4965,10 +4839,10 @@ index bcfa1a721..2cb77dd13 100644
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
-index 52107ee48..9e8005709 100644
+index b71608c90..62730a33d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
-@@ -49,7 +49,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
      stigid@ol7: OL07-00-010320
      stigid@ol8: OL08-00-020010,OL08-00-020011
@@ -4978,10 +4852,10 @@ index 52107ee48..9e8005709 100644
      stigid@ubuntu2204: UBTU-22-411045
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
-index 002a81b2f..3e374d471 100644
+index 381b1d893..67dba184b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
      stigid@ol7: OL07-00-010330
      stigid@ol8: OL08-00-020022,OL08-00-020023
@@ -5050,10 +4924,10 @@ index 7c702d669..c362b825c 100644
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
-index 586a32611..98880bb53 100644
+index 98e77d7a8..8759c2f04 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      nist: AC-7(b),AC-7(a),AC-7.1(ii)
      srg: SRG-OS-000021-GPOS-00005,SRG-OS-000329-GPOS-00128
      stigid@ol8: OL08-00-020016,OL08-00-020017
@@ -5215,10 +5089,10 @@ index 053f91100..d707b423b 100644
  
  # This test scenario manually modify the pam_faillock.so entries in auth section from
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
-index bea8688ac..c51ab4edf 100644
+index 04eb9926d..3eac3dc24 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
      stigid@ol7: OL07-00-010320
      stigid@ol8: OL08-00-020012,OL08-00-020013
@@ -5228,11 +5102,11 @@ index bea8688ac..c51ab4edf 100644
      stigid@ubuntu2204: UBTU-22-411045
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
-index 71ca92bfa..4e6b05a6f 100644
+index e0eaa73dd..3df3ee14a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
-@@ -29,7 +29,7 @@ references:
-     disa: CCI-002238,CCI-000044
+@@ -28,7 +28,7 @@ identifiers:
+ references:
      srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
      stigid@ol8: OL08-00-020018,OL08-00-020019
 -    stigid@rhel8: RHEL-08-020018,RHEL-08-020019
@@ -5277,10 +5151,10 @@ index 514b2bb37..96c299dca 100644
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
-index e52bd8b76..517b16e01 100644
+index c9e7ad8fb..3812ab2f1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
-@@ -50,7 +50,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
      stigid@ol7: OL07-00-010320
      stigid@ol8: OL08-00-020014,OL08-00-020015
@@ -5289,11 +5163,22 @@ index e52bd8b76..517b16e01 100644
      stigid@ubuntu2004: UBTU-20-010072
      stigid@ubuntu2204: UBTU-22-411045
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/tests/custom-package-removed.fail.sh b/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/tests/custom-package-removed.fail.sh
+index e82ecb7f5..7386d3217 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/tests/custom-package-removed.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/tests/custom-package-removed.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ 
+ # Package libpwquality cannot be uninstalled normally
+ # as it would cause removal of sudo package which is
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
-index 567144b30..b7a49ab06 100644
+index f9427f397..ba502d6e2 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      srg: SRG-OS-000071-GPOS-00039
      stigid@ol7: OL07-00-010140
      stigid@ol8: OL08-00-020130
@@ -5303,10 +5188,10 @@ index 567144b30..b7a49ab06 100644
      stigid@ubuntu2204: UBTU-22-611020
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
-index c4c55f3e1..5a6e73f66 100644
+index 37e664bf5..7e9ead14b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      nist: IA-5(c),IA-5(1)(a),CM-6(a),IA-5(4)
      srg: SRG-OS-000480-GPOS-00225,SRG-OS-000072-GPOS-00040
      stigid@ol8: OL08-00-020300
@@ -5316,10 +5201,10 @@ index c4c55f3e1..5a6e73f66 100644
      stigid@ubuntu2204: UBTU-22-611030
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
-index b63e93fc0..371477acc 100644
+index 2f6f53281..af98c217a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      srg: SRG-OS-000072-GPOS-00040
      stigid@ol7: OL07-00-010160
      stigid@ol8: OL08-00-020170
@@ -5329,10 +5214,10 @@ index b63e93fc0..371477acc 100644
      stigid@ubuntu2204: UBTU-22-611040
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
-index 0c3e42332..ab86031c9 100644
+index 73c72410e..257eac0b8 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      srg: SRG-OS-000070-GPOS-00038
      stigid@ol7: OL07-00-010130
      stigid@ol8: OL08-00-020120
@@ -5342,10 +5227,10 @@ index 0c3e42332..ab86031c9 100644
      stigid@ubuntu2204: UBTU-22-611015
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
-index b8eed2243..e246512fb 100644
+index 19557a54f..d94d2da10 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000072-GPOS-00040,SRG-OS-000730-GPOS-00190
      stigid@ol7: OL07-00-010190
      stigid@ol8: OL08-00-020140
@@ -5355,10 +5240,10 @@ index b8eed2243..e246512fb 100644
  ocil_clause: the value of "maxclassrepeat" is set to "0", more than "{{{ xccdf_value("var_password_pam_maxclassrepeat") }}}" or is commented out
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
-index 157b451d6..6a035cef9 100644
+index ca0b15bd5..f1d047e63 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      srg: SRG-OS-000072-GPOS-00040
      stigid@ol7: OL07-00-010180
      stigid@ol8: OL08-00-020150
@@ -5368,10 +5253,10 @@ index 157b451d6..6a035cef9 100644
  ocil_clause: the value of "maxrepeat" is set to more than "{{{ xccdf_value("var_password_pam_maxrepeat") }}}" or is commented out
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
-index 4905d163d..46efc5f68 100644
+index 846188050..284dfc230 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
-@@ -55,7 +55,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      srg: SRG-OS-000072-GPOS-00040
      stigid@ol7: OL07-00-010170
      stigid@ol8: OL08-00-020160
@@ -5381,10 +5266,10 @@ index 4905d163d..46efc5f68 100644
  ocil_clause: the value of "minclass" is set to less than "{{{ xccdf_value("var_password_pam_minclass") }}}" or is commented out
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
-index 3d4440cda..8bb8c77e6 100644
+index 5b73e03f9..4bc36643c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      srg: SRG-OS-000078-GPOS-00046
      stigid@ol7: OL07-00-010280
      stigid@ol8: OL08-00-020230
@@ -5394,10 +5279,10 @@ index 3d4440cda..8bb8c77e6 100644
      stigid@ubuntu2204: UBTU-22-611035
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
-index 84ee603a8..813faf411 100644
+index 15f7dd546..b65ccdfb7 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
-@@ -49,7 +49,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      srg: SRG-OS-000266-GPOS-00101
      stigid@ol7: OL07-00-010150
      stigid@ol8: OL08-00-020280
@@ -5407,11 +5292,11 @@ index 84ee603a8..813faf411 100644
      stigid@ubuntu2204: UBTU-22-611025
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
-index 482760bcc..996b89192 100644
+index 5798e3c0d..e44e5b113 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
-@@ -24,7 +24,7 @@ references:
-     disa: CCI-004066
+@@ -28,7 +28,7 @@ identifiers:
+ references:
      srg: SRG-OS-000069-GPOS-00037,SRG-OS-000070-GPOS-00038,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020100
 -    stigid@rhel8: RHEL-08-020100
@@ -5480,11 +5365,11 @@ index 61c28f2d6..5b42939c5 100644
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
-index ce5973eaf..40ff808eb 100644
+index 879fc68ec..d0801dd7f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
-@@ -24,7 +24,7 @@ references:
-     disa: CCI-000366
+@@ -28,7 +28,7 @@ identifiers:
+ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020101
 -    stigid@rhel8: RHEL-08-020101
@@ -5553,10 +5438,10 @@ index 60ebfdeba..83086ac66 100644
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
-index 1fe3c52f0..302cff28b 100644
+index 54992b9af..108b11e5c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000069-GPOS-00037,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-010119
      stigid@ol8: OL08-00-020102,OL08-00-020103,OL08-00-020104
@@ -5626,10 +5511,10 @@ index dc7fe32d1..3313d5dea 100644
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
-index fa55c67d0..aa1626c3c 100644
+index 23db94fa1..66340188d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000069-GPOS-00037,SRG-OS-000070-GPOS-00038
      stigid@ol7: OL07-00-010120
      stigid@ol8: OL08-00-020110
@@ -5639,10 +5524,10 @@ index fa55c67d0..aa1626c3c 100644
      stigid@ubuntu2204: UBTU-22-611010
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
-index 8b667cc7a..f97c98f35 100644
+index fb1111dfe..e1f6dc2a1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      srg: SRG-OS-000073-GPOS-00041
      stigid@ol7: OL07-00-010210
      stigid@ol8: OL08-00-010110
@@ -5652,10 +5537,10 @@ index 8b667cc7a..f97c98f35 100644
      stigid@sle15: SLES-15-010260
      stigid@ubuntu2004: UBTU-20-010404
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
-index d03a7af44..6c7b680dd 100644
+index d09169119..8abf507e1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
-@@ -50,7 +50,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
      stigid@ol7: OL07-00-010200
      stigid@ol8: OL08-00-010160
@@ -5737,10 +5622,10 @@ index 10a02eb86..77029c277 100644
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
-index dbc370188..bf39a6136 100644
+index d273c009b..224ff9e93 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
-@@ -65,7 +65,7 @@ references:
+@@ -64,7 +64,7 @@ references:
      srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
      stigid@ol7: OL07-00-010200
      stigid@ol8: OL08-00-010159
@@ -5822,10 +5707,10 @@ index a1a9ec1ec..c273c78f4 100644
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
-index 28426471d..39b28a4db 100644
+index 379cc1410..eedf81885 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      nist@sle12: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1
      srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010130
@@ -5846,10 +5731,10 @@ index 3045574e5..7ce6bb466 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
-index 33db7fb17..de7bf122c 100644
+index 809c41946..97a8d4c1e 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
-@@ -71,7 +71,7 @@ references:
+@@ -70,7 +70,7 @@ references:
      ospp: FAU_GEN.1.2
      srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040172
@@ -5870,10 +5755,10 @@ index 517c83c6e..041e9a29c 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
-index ae3a3ab28..1449c55de 100644
+index b80e9dd72..cb7fadc80 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
-@@ -76,7 +76,7 @@ references:
+@@ -75,7 +75,7 @@ references:
      srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020230
      stigid@ol8: OL08-00-040170
@@ -5904,10 +5789,10 @@ index 41eed9737..992dc2304 100644
  
  systemctl unmask ctrl-alt-del.target
 diff --git a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
-index 6dc5eae7e..fbf4edf7b 100644
+index 38e49c15d..41bd95b7d 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      pcidss: Req-8.1.8
      srg: SRG-OS-000163-GPOS-00072
      stigid@ol8: OL08-00-020035
@@ -5917,10 +5802,10 @@ index 6dc5eae7e..fbf4edf7b 100644
  ocil_clause: "the option is not configured"
  
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
-index f3473796d..2f77035b4 100644
+index 3da668880..b87bbc285 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010481
      stigid@ol8: OL08-00-010152
@@ -5929,7 +5814,7 @@ index f3473796d..2f77035b4 100644
  
  ocil_clause: 'the output is different'
  
-@@ -52,7 +52,7 @@ ocil: |-
+@@ -50,7 +50,7 @@ ocil: |-
      To check if authentication is required for emergency mode, run the following command:
      
$ grep sulogin /usr/lib/systemd/system/emergency.service

      The output should be similar to the following, and the line must begin with
@@ -5938,7 +5823,7 @@ index f3473796d..2f77035b4 100644
          ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
          
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency

      {{%- else -%}}
-@@ -80,7 +80,7 @@ fixtext: |-
+@@ -78,7 +78,7 @@ fixtext: |-
      Configure {{{ full_name }}} to require authentication for system emergency mode.
  
      Add or edit the following line in "/usr/lib/systemd/system/emergency.service":
@@ -5969,17 +5854,6 @@ index 19345cfcf..374e76ec6 100644
  rm -f /etc/systemd/system/emergency.service
  mkdir -p /etc/systemd/system/emergency.service.d/
  cat << EOF > /etc/systemd/system/emergency.service.d/10-automatus.conf
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
-index d9fdc678f..a4f6ea6a9 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- service_file="/usr/lib/systemd/system/emergency.service"
- sulogin="/bin/bash"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
 index da0d857f6..a7d75247c 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
@@ -5992,10 +5866,10 @@ index da0d857f6..a7d75247c 100644
  mkdir -p /etc/systemd/system/emergency.service.d/
  cat << EOF > /etc/systemd/system/emergency.service.d/10-oscap.conf
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
-index bc0beb98a..808242a86 100644
+index 11b455051..8e459f0b2 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010481
      stigid@ol8: OL08-00-010151
@@ -6037,17 +5911,6 @@ index 4557b0512..043753f03 100644
  
  rm -rf /etc/systemd/system/rescue.service.d
  mkdir -p /etc/systemd/system/rescue.service.d
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
-index 63b9b08b5..15abe6cec 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- service_file="/usr/lib/systemd/system/rescue.service"
- sulogin="/bin/bash"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
 index 75395cf61..1dcee69f3 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
@@ -6196,21 +6059,11 @@ index 6b2d6cd5e..c20712c9f 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
-index 1a9d35f69..9a5753d98 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
-index 0e85d913e..73feb8d95 100644
+index 6410036a5..ee9a40b1e 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
-@@ -55,7 +55,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      srg: SRG-OS-000105-GPOS-00052,SRG-OS-000375-GPOS-00160,SRG-OS-000375-GPOS-00161,SRG-OS-000377-GPOS-00162
      stigid@ol7: OL07-00-041001
      stigid@ol8: OL08-00-010390
@@ -6220,10 +6073,10 @@ index 0e85d913e..73feb8d95 100644
      stigid@sle15: SLES-15-010460
      stigid@ubuntu2004: UBTU-20-010063
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
-index 7ee9a73fd..ae05d045b 100644
+index 0eb85d5fc..cd2b02c71 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      nist: CM-6(a)
      srg: SRG-OS-000375-GPOS-00160,SRG-OS-000376-GPOS-00161
      stigid@ol8: OL08-00-010410
@@ -6243,53 +6096,31 @@ index 08b89bf8f..cea27ab4d 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh
-index 2efee65ed..7d6faf484 100644
+index 42d60efc4..11654401c 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
+-# platform = Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
++# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
  
  {{{ bash_package_install("pam_pkcs11") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
-index c2afecc19..652fbedb7 100644
+index 8d59d36d3..526165afe 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_ubuntu,multi_platform_rhel
 +# platform = multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
- # packages = openssl-pkcs11
- 
- if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
-index d7103cc0a..68c252f78 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = openssl-pkcs11
- 
- if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
-index c0cc3c94f..6db041b04 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = openssl-pkcs11
+ # packages = openssl-pkcs11,libpam-pkcs11
  
  if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
 diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
-index ee3d8e635..d4a3a520e 100644
+index f3afea3e2..b1672d15b 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      ospp: FIA_UAU.1
      srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040180
@@ -6298,31 +6129,11 @@ index ee3d8e635..d4a3a520e 100644
  
  ocil_clause: |-
      {{{ ocil_clause_service_disabled(service="debug-shell") }}}
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
-index 84f13bfea..709b9e923 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
-index 77aa71dd9..b3bfff528 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
- 
- {{{ bash_instantiate_variables("var_account_disable_post_pw_expiration") }}}
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
-index 5b61d3b83..dea58e7bd 100644
+index 917fc304d..02504b964 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
-@@ -53,7 +53,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      srg: SRG-OS-000118-GPOS-00060
      stigid@ol7: OL07-00-010310
      stigid@ol8: OL08-00-020260
@@ -6332,10 +6143,10 @@ index 5b61d3b83..dea58e7bd 100644
      stigid@sle15: SLES-15-020050
      stigid@ubuntu2004: UBTU-20-010409
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
-index 96ae3e33c..6b1558013 100644
+index 52238d37b..7fff90e39 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000123-GPOS-00064,SRG-OS-000002-GPOS-00002
      stigid@ol7: OL07-00-010271
      stigid@ol8: OL08-00-020000,OL08-00-020270
@@ -6345,10 +6156,10 @@ index 96ae3e33c..6b1558013 100644
      stigid@sle15: SLES-15-020061
      stigid@ubuntu2004: UBTU-20-010000
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
-index cc677e619..d97703614 100644
+index ea00038a1..c44c6c01e 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
-@@ -28,7 +28,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      pcidss: Req-8.1.1
      srg: SRG-OS-000104-GPOS-00051,SRG-OS-000121-GPOS-00062
      stigid@ol8: OL08-00-020240
@@ -6358,10 +6169,10 @@ index cc677e619..d97703614 100644
      stigid@sle15: SLES-15-010230
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
-index de8bfee0f..08390822e 100644
+index d1909d635..e1f5e2dbb 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020270
      stigid@ol8: OL08-00-020320
@@ -6370,32 +6181,11 @@ index de8bfee0f..08390822e 100644
      stigid@sle12: SLES-12-010630
      stigid@sle15: SLES-15-020090
  
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
-index aa147fdce..bb8288f5b 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
-@@ -1,5 +1,5 @@
- #! /bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_authorized_local_users_regex=^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$
- 
- var_accounts_authorized_local_users_regex="^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$"
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
-index c4c2f7ba0..e03ccee7a 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
- # reboot = false
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
-index cd2f88ecd..66ffb0802 100644
+index 5055fc114..374a3d115 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
-@@ -53,7 +53,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      srg: SRG-OS-000076-GPOS-00044
      stigid@ol7: OL07-00-010250
      stigid@ol8: OL08-00-020200
@@ -6404,21 +6194,11 @@ index cd2f88ecd..66ffb0802 100644
      stigid@sle12: SLES-12-010280
      stigid@sle15: SLES-15-020220
      stigid@ubuntu2004: UBTU-20-010008
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
-index 6e22e90d7..bfd7508ad 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
-index 3ae34ae92..0305558ac 100644
+index 2ca3febf0..2368d03ac 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      srg: SRG-OS-000075-GPOS-00043
      stigid@ol7: OL07-00-010230
      stigid@ol8: OL08-00-020190
@@ -6427,31 +6207,11 @@ index 3ae34ae92..0305558ac 100644
      stigid@sle12: SLES-12-010260
      stigid@sle15: SLES-15-020200
      stigid@ubuntu2004: UBTU-20-010007
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
-index b04d7cdb8..0d5a5831e 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
-index dcc5de3f1..268aafbab 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- 
- {{{ bash_instantiate_variables("var_accounts_password_minlen_login_defs") }}}
- {{{ bash_replace_or_append('/etc/login.defs', '^PASS_MIN_LEN', "$var_accounts_password_minlen_login_defs", '%s %s') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
-index 2abaa2581..71f3d6a22 100644
+index 9d672d1ac..5bc8f6038 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist-csf: PR.AC-1,PR.AC-6,PR.AC-7
      srg: SRG-OS-000078-GPOS-00046
      stigid@ol8: OL08-00-020231
@@ -6523,31 +6283,11 @@ index 3772aee13..543968f0c 100644
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora
  
  sed -i "/^PASS_MIN_LEN.*/d" /etc/login.defs
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
-index 18974ea6c..d72de8a97 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ol
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
-index 7d6bc11f9..0a8561b81 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = false
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
-index 19d5c5245..99c9a6284 100644
+index 5a63d42b4..deab64ae2 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      srg: SRG-OS-000076-GPOS-00044
      stigid@ol7: OL07-00-010260
      stigid@ol8: OL08-00-020210
@@ -6577,10 +6317,10 @@ index 7bdb759f6..dd157f1e3 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
-index 9214435a8..53db14105 100644
+index 06465d05d..f8c8d3726 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      srg: SRG-OS-000075-GPOS-00043
      stigid@ol7: OL07-00-010240
      stigid@ol8: OL08-00-020180
@@ -6589,21 +6329,11 @@ index 9214435a8..53db14105 100644
      stigid@sle12: SLES-12-010270
      stigid@sle15: SLES-15-020210
  
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
-index 8df20d253..ad8320347 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
-index 984b43911..d7330ce74 100644
+index 374a37dba..8d8fc938e 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      nist: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1
      srg:  SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010120
@@ -6612,26 +6342,6 @@ index 984b43911..d7330ce74 100644
      stigid@sle12: SLES-12-010220
      stigid@sle15: SLES-15-020180
  
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
-index 82110016d..2a73ed386 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
-index 7374c21e8..0a9f303d4 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
- 
- {{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
 index 3e24ba16a..288476511 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
@@ -6704,26 +6414,6 @@ index 96bcc3e23..916696231 100644
  # variables = var_password_pam_unix_rounds=65536
  
  ROUNDS=4000
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
-index c0b520bdf..70ab14cba 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
-index 8316e495a..bf8a4c240 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- {{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
 index 3da866412..4f0f07d9c 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
@@ -6796,42 +6486,11 @@ index 244799045..9757a3ee8 100644
  # variables = var_password_pam_unix_rounds=65536
  
  ROUNDS=4000
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
-index 117a42585..b41d01a89 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
-index 9c097499f..2c80371bc 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
-index ad3133b1f..eac1b843a 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
-index d148d9a9f..9eb5f7177 100644
+index f9ed55768..77ff08b42 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
-@@ -53,7 +53,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-010290
      stigid@ol8: OL08-00-020331,OL08-00-020332
@@ -6877,10 +6536,10 @@ index 9dc5d7677..337522d82 100644
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml
-index 55c7149f5..861c85d5f 100644
+index 67a77d00a..296e74f32 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-010291
      stigid@ol8: OL08-00-010121
@@ -6890,10 +6549,10 @@ index 55c7149f5..861c85d5f 100644
      stigid@sle15: SLES-15-020181
      stigid@ubuntu2004: UBTU-20-010462
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
-index bf1f82e2c..4367b1109 100644
+index b7b00fbfc..2570ccdc7 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020310
      stigid@ol8: OL08-00-040200
@@ -6944,46 +6603,6 @@ index 8f87bf06e..6bed5ef5a 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
-index 5f9c92aac..119219eb0 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
-index 429a8dcd1..8cafea67b 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
-index e7f5c730c..8f06c6cfa 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
-index bd1ba1ccb..d139fdda4 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- # uncomment the option if commented
- sed '/^[[:space:]]*#[[:space:]]*auth[[:space:]]\+required[[:space:]]\+pam_wheel\.so[[:space:]]\+use_uid$/s/^[[:space:]]*#//' -i /etc/pam.d/su
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
 index 9bbbb9585..766df9993 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
@@ -7005,10 +6624,10 @@ index cb7530b38..c33fd385c 100644
  
  PAM_CONF=/etc/pam.d/su
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
-index 1c0e2ca28..54ebaf547 100644
+index 2e307c76d..e93883e93 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020610
      stigid@ol8: OL08-00-010760
@@ -7018,10 +6637,10 @@ index 1c0e2ca28..54ebaf547 100644
      stigid@sle15: SLES-15-020110
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml
-index 0b8be731c..03bb75239 100644
+index 0edacb272..07845d6d5 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      srg: SRG-OS-000480-GPOS-00226
      stigid@ol7: OL07-00-010430
      stigid@ol8: OL08-00-020310
@@ -7031,10 +6650,10 @@ index 0b8be731c..03bb75239 100644
  
  ocil_clause: 'the value of "FAIL_DELAY" is not set to "{{{ xccdf_value("var_accounts_fail_delay") }}}" or greater, or the line is commented out'
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
-index 477afdbe7..1ccd6d5c0 100644
+index 1c9f0b0ad..1a1f1f553 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000027-GPOS-00008
      stigid@ol7: OL07-00-040000
      stigid@ol8: OL08-00-020024
@@ -7064,10 +6683,10 @@ index da628bc5e..90f23cb90 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
-index ebab6010f..edb1e218c 100644
+index 84a8060c6..cedad6e9f 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020730
      stigid@ol8: OL08-00-010660
@@ -7077,10 +6696,10 @@ index ebab6010f..edb1e218c 100644
      stigid@sle15: SLES-15-040130
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
-index a59cb8c08..efdacd07b 100644
+index e6e284cdf..396344224 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020720
      stigid@ol8: OL08-00-010690
@@ -7090,11 +6709,11 @@ index a59cb8c08..efdacd07b 100644
      stigid@sle15: SLES-15-040120
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
-index 4cc4bd31d..ab4719ded 100644
+index e0909e308..d021fd23b 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
-@@ -30,7 +30,7 @@ references:
-     disa: CCI-000366
+@@ -29,7 +29,7 @@ identifiers:
+ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010720
 -    stigid@rhel8: RHEL-08-010720
@@ -7103,10 +6722,10 @@ index 4cc4bd31d..ab4719ded 100644
      stigid@sle15: SLES-15-040070
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
-index aa2283271..eb22b9c2a 100644
+index b77a2f227..60ac0a5e2 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020620
      stigid@ol8: OL08-00-010750
@@ -7116,10 +6735,10 @@ index aa2283271..eb22b9c2a 100644
      stigid@sle15: SLES-15-040080
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
-index 71cb3ec5d..da5ade2a6 100644
+index 549ecb72f..e86593cb9 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020670
      stigid@ol8: OL08-00-010741
@@ -7129,10 +6748,10 @@ index 71cb3ec5d..da5ade2a6 100644
  ocil_clause: 'the group ownership is incorrect'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
-index e04ce08d0..cbc6752ad 100644
+index 7c3afdd2e..f84f0371a 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
-@@ -31,7 +31,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020680
      stigid@ol8: OL08-00-010731
@@ -7142,10 +6761,10 @@ index e04ce08d0..cbc6752ad 100644
  ocil_clause: 'home directory files or folders have incorrect permissions'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
-index efd83d032..4043bc31e 100644
+index 887d86eeb..d0c823da9 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020650
      stigid@ol8: OL08-00-010740
@@ -7155,12 +6774,12 @@ index efd83d032..4043bc31e 100644
      stigid@sle15: SLES-15-040100
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml
-index 40ab5475c..e1f07da16 100644
+index fa1807425..15cf9b391 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml
-@@ -25,7 +25,7 @@ identifiers:
+@@ -24,7 +24,7 @@ identifiers:
+ 
  references:
-     disa: CCI-000366
      srg: SRG-OS-000480-GPOS-00227
 -    stigid@rhel8: RHEL-08-010770
 +    stigid@almalinux8: RHEL-08-010770
@@ -7168,10 +6787,10 @@ index 40ab5475c..e1f07da16 100644
  ocil_clause: 'they are not 0740 or more permissive'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
-index ddc2943a9..8d71a23f6 100644
+index 54dc785f5..090e97440 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020630
      stigid@ol8: OL08-00-010730
@@ -7181,10 +6800,10 @@ index ddc2943a9..8d71a23f6 100644
      stigid@sle15: SLES-15-040090
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
-index f0f585a72..990c857e9 100644
+index 5ce2ccf7a..f96d468ef 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist-csf: PR.IP-2
      srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020353
@@ -7206,10 +6825,10 @@ index 5dac9eec3..7e31e6291 100644
  
  sed -i '/umask/d' /etc/bashrc
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
-index 07be79451..07193cc9f 100644
+index e49569122..65803d2ff 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      nist-csf: PR.IP-2
      srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020353
@@ -7231,10 +6850,10 @@ index 04f6247a8..c81ef7ee7 100644
  sed -i '/umask/d' /etc/csh.cshrc
  echo "umask 077" >> /etc/csh.cshrc
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
-index 223eb3926..77c8898c7 100644
+index f350abfe6..71ac555b5 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000480-GPOS-00228
      stigid@ol7: OL07-00-020240
      stigid@ol8: OL08-00-020351
@@ -7244,10 +6863,10 @@ index 223eb3926..77c8898c7 100644
      stigid@sle15: SLES-15-040420
      stigid@ubuntu2004: UBTU-20-010016
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
-index 3a6b2ea70..c4d1fa151 100644
+index 9abf1e488..a0945232f 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      nist-csf: PR.IP-2
      srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020353
@@ -7257,10 +6876,10 @@ index 3a6b2ea70..c4d1fa151 100644
  ocil_clause: |-
      the value for the "umask" parameter is not "{{{ xccdf_value("var_accounts_user_umask") }}}",
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
-index 29c5612cc..5d5c3f6fe 100644
+index a7a0370fd..b1dc8fea5 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00228
      stigid@ol7: OL07-00-021040
      stigid@ol8: OL08-00-020352
@@ -7280,25 +6899,40 @@ index 7f399477a..0c427d51c 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
-index 53528d634..c9e459347 100644
+index 91f429a34..9c89749b0 100644
 --- a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
 +++ b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
-@@ -1,4 +1,4 @@
+@@ -1,5 +1,5 @@
+ #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
 +# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
  # packages = authselect,pam
  # remediation = none
  
 diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
-index 468c958cb..156cc6191 100644
+index 15a64d147..e1c3c4680 100644
 --- a/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
 +++ b/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
-@@ -1,4 +1,4 @@
+@@ -1,5 +1,5 @@
+ #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
 +# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
  # packages = authselect,pam
  
  rm -f /etc/pam.d/{fingerprint-auth,password-auth,postlogin,smartcard-auth,system-auth}
+diff --git a/linux_os/guide/system/bootloader-grub2/grub2_init_on_free/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_init_on_free/rule.yml
+index a897008f7..ad34afed0 100644
+--- a/linux_os/guide/system/bootloader-grub2/grub2_init_on_free/rule.yml
++++ b/linux_os/guide/system/bootloader-grub2/grub2_init_on_free/rule.yml
+@@ -21,7 +21,7 @@ references:
+     nist: SC-3
+     srg: SRG-OS-000134-GPOS-00068
+     stigid@ol8: OL08-00-010423
+-    stigid@rhel8: RHEL-08-010423
++    stigid@almalinux8: RHEL-08-010423
+ 
+ platform: grub2
+ 
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
 index 50abc5732..06507fba6 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/arg_not_there.fail.sh
@@ -7335,10 +6969,10 @@ index c4213caf8..2248a137c 100644
  # Break the argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
-index 43ac06be3..66e36e2fb 100644
+index 0a49dc260..bbade243a 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      nist: SI-16
      srg: SRG-OS-000433-GPOS-00193,SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040004
@@ -7348,10 +6982,10 @@ index 43ac06be3..66e36e2fb 100644
  ocil_clause: 'Kernel page-table isolation is not enabled'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
-index 28da623cf..1ff7ac639 100644
+index c71431c29..c2778763e 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
-@@ -26,7 +26,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      ospp: FPT_ASLR_EXT.1
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
      stigid@ol8: OL08-00-010422
@@ -7361,10 +6995,10 @@ index 28da623cf..1ff7ac639 100644
  ocil_clause: 'vsyscalls are enabled'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
-index 9f8cc264b..a09401d2b 100644
+index 652423d95..e475b99bb 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010483
      stigid@ol8: OL08-00-010149
@@ -7387,10 +7021,10 @@ index f5b957e88..b678a4e70 100644
        {{% else %}}
        
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
-index a2b97c4ee..b47703542 100644
+index 477129bc4..6aac4770a 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
-@@ -65,7 +65,7 @@ references:
+@@ -68,7 +68,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010482
      stigid@ol8: OL08-00-010150
@@ -7400,10 +7034,10 @@ index a2b97c4ee..b47703542 100644
      stigid@sle15: SLES-15-010190
      stigid@ubuntu2004: UBTU-20-010009
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
-index 83be376b8..e2e004587 100644
+index 686370abc..45d712cf4 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010492
      stigid@ol8: OL08-00-010141
@@ -7413,10 +7047,10 @@ index 83be376b8..e2e004587 100644
  ocil_clause: 'superuser account is not set or is set to an existing name or to a common name'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
-index 831aa6ec3..4ac763e2a 100644
+index 24f45e8a8..1a3cb0b84 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
-@@ -67,7 +67,7 @@ references:
+@@ -69,7 +69,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010491
      stigid@ol8: OL08-00-010140
@@ -7470,16 +7104,16 @@ index e3adb9963..a32311839 100644
  
  # Make sure no image configured in zipl config file
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/no_image.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/no_image.pass.sh
-index 47626442f..a983219d0 100644
+index 5f482b284..27e1e9ac7 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/no_image.pass.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/tests/no_image.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Red Hat Enterprise Linux 8
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
- # remediation = none
  
  # Make sure no image configured in zipl config file
+ sed -Ei '/^image\s*=/d' /etc/zipl.conf
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh
 index 728c6b7bd..2eb819c46 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/newer_boot_entry.fail.sh
@@ -7503,16 +7137,16 @@ index 1ae4d631e..2388eb880 100644
  
  touch /boot/loader/entries/*.conf # Update current existing entries
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/up_to_date.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/up_to_date.pass.sh
-index 7981ba8c5..41d205b33 100644
+index d2dc938ff..05819feb7 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/up_to_date.pass.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/tests/up_to_date.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Red Hat Enterprise Linux 8
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
- # remediation = none
  
  touch /etc/zipl.conf
+ touch /boot/loader/entries/*.conf # Update current existing entries
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
 index 50cf1b78f..bbf06f220 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
@@ -7610,21 +7244,11 @@ index 0c2febb03..5b5dbf360 100644
  
  # Make sure boot loader entries doesn't contain systemd.debug-shell
  sed -Ei 's/(^options.*)\s\bsystemd.debug-shell\b\S*(.*?)$/\1\2/' /boot/loader/entries/*
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
-index 8fa32223f..89e411a7f 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- if ! grep -s "^\s*cron\.\*\s*/var/log/cron$" /etc/rsyslog.conf /etc/rsyslog.d/*.conf; then
- 	mkdir -p /etc/rsyslog.d
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
-index 3be9ad9b1..3e3d91f5d 100644
+index 26fdf83a0..16d8d4693 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021100
      stigid@ol8: OL08-00-030010
@@ -7633,31 +7257,11 @@ index 3be9ad9b1..3e3d91f5d 100644
  
  ocil_clause: 'cron is not logging to rsyslog'
  
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
-index 4e321fecb..2818c4ca1 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
-index 3933f28b4..d71a075f1 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = configure
- # complexity = low
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
-index 4ee12c8cf..09ff8638c 100644
+index 0c307a545..0c5f4197f 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      nist: AU-4(1)
      srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
      stigid@ol8: OL08-00-030720
@@ -7667,10 +7271,10 @@ index 4ee12c8cf..09ff8638c 100644
  ocil_clause: '$ActionSendStreamDriverAuthMode in /etc/rsyslog.conf is not set to x509/name'
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
-index 564ec19cc..c9cbe3e4f 100644
+index dc188c60b..31afcc4dc 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      nist: AU-4(1)
      srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
      stigid@ol8: OL08-00-030710
@@ -7680,10 +7284,10 @@ index 564ec19cc..c9cbe3e4f 100644
  ocil_clause: 'rsyslogd ActionSendStreamDriverMode is not set to 1'
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
-index 7b9dcc0be..20aa3afaf 100644
+index 4e83436a9..6d6117637 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      nist: AU-4(1)
      srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224
      stigid@ol8: OL08-00-030710
@@ -7693,10 +7297,10 @@ index 7b9dcc0be..20aa3afaf 100644
  ocil_clause: 'rsyslogd DefaultNetstreamDriver not set to gtls'
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
-index c1f2165a1..d92008f40 100644
+index bea3d658d..08c9d75d2 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      nist: AC-17(1)
      srg: SRG-OS-000032-GPOS-00013
      stigid@ol8: OL08-00-010070
@@ -7706,10 +7310,10 @@ index c1f2165a1..d92008f40 100644
      stigid@ubuntu2204: UBTU-22-652015
  
 diff --git a/linux_os/guide/system/logging/journald/journald_disable_forward_to_syslog/rule.yml b/linux_os/guide/system/logging/journald/journald_disable_forward_to_syslog/rule.yml
-index 6b1f74424..b514ff79d 100644
+index 78cbee326..30b54f1eb 100644
 --- a/linux_os/guide/system/logging/journald/journald_disable_forward_to_syslog/rule.yml
 +++ b/linux_os/guide/system/logging/journald/journald_disable_forward_to_syslog/rule.yml
-@@ -13,7 +13,7 @@ platform: package[systemd]
+@@ -17,7 +17,7 @@ platform: package[systemd]
  
  severity: medium
  
@@ -7730,10 +7334,10 @@ index 892523fc4..9fbba1ccb 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml b/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
-index ef960d4ab..4d6eaa42e 100644
+index 03353d5fa..e768443cb 100644
 --- a/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
 +++ b/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
-@@ -53,7 +53,7 @@ template:
+@@ -51,7 +51,7 @@ template:
          timername: logrotate
          packagename: logrotate
  
@@ -7743,11 +7347,11 @@ index ef960d4ab..4d6eaa42e 100644
      - general:
          The Systemd unit logrotate.timer does not exist in
 diff --git a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
-index 14abf739b..f41d894f3 100644
+index d1a844fab..95b823e82 100644
 --- a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
 +++ b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
-@@ -28,7 +28,7 @@ references:
-     disa: CCI-000366,CCI-000803
+@@ -27,7 +27,7 @@ identifiers:
+ references:
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-030680
 -    stigid@rhel8: RHEL-08-030680
@@ -7756,10 +7360,10 @@ index 14abf739b..f41d894f3 100644
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
-index 54fe1e568..fd6124899 100644
+index 45dab8d41..e9d176369 100644
 --- a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
 +++ b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      nist-csf: PR.PT-1
      srg: SRG-OS-000479-GPOS-00224,SRG-OS-000051-GPOS-00024,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-030670
@@ -7768,31 +7372,11 @@ index 54fe1e568..fd6124899 100644
  
  ocil_clause: 'the package is not installed'
  
-diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
-index f42709ef5..8b35da68b 100644
---- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
-+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
-index f2019bb9a..a12ceb5c1 100644
---- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
-+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("rsyslog_remote_loghost_address") }}}
- 
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
-index 58909be6e..9cf411641 100644
+index c8620ef65..288d3df2f 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
 +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
-@@ -61,7 +61,7 @@ references:
+@@ -69,7 +69,7 @@ references:
      srg: SRG-OS-000479-GPOS-00224,SRG-OS-000480-GPOS-00227,SRG-OS-000342-GPOS-00133
      stigid@ol7: OL07-00-031000
      stigid@ol8: OL08-00-030690
@@ -7801,31 +7385,11 @@ index 58909be6e..9cf411641 100644
      stigid@sle12: SLES-12-030340
      stigid@sle15: SLES-15-010580
  
-diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
-index d6e2b2564..323d3ffaa 100644
---- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
-+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
-index ee1cbf7ea..eb4e5adc4 100644
---- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
-+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
 diff --git a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
-index 5a6036bac..706df5c2d 100644
+index 50c27e2b4..28b036eb1 100644
 --- a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
 +++ b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.DS-4,PR.PT-1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010561
@@ -7835,10 +7399,10 @@ index 5a6036bac..706df5c2d 100644
      stigid@ubuntu2204: UBTU-22-652010
  
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
-index c1bec3fa3..8d459b934 100644
+index 0748fbe6a..2eba9d806 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      nist: SC-5
      srg: SRG-OS-000420-GPOS-00186
      stigid@ol8: OL08-00-040150
@@ -7848,10 +7412,10 @@ index c1bec3fa3..8d459b934 100644
  ocil_clause: 'the "nftables" is not set as the "firewallbackend"'
  
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
-index a6e40a13b..d2099cef4 100644
+index 53457370a..3c7cdbc6c 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115,SRG-OS-000298-GPOS-00116,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00232
      stigid@ol7: OL07-00-040520
      stigid@ol8: OL08-00-040100
@@ -7861,10 +7425,10 @@ index a6e40a13b..d2099cef4 100644
  
  ocil_clause: 'the package is not installed'
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
-index b8ee45417..ed5a13255 100644
+index 5df3a9f7e..0bb8677d4 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00231,SRG-OS-000480-GPOS-00232
      stigid@ol7: OL07-00-040520
      stigid@ol8: OL08-00-040101
@@ -7874,10 +7438,10 @@ index b8ee45417..ed5a13255 100644
  
  ocil_clause: '{{{ ocil_clause_service_enabled("firewalld") }}}'
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
-index 8b5f098f8..d09fa36b6 100644
+index 385ae418d..3f736e882 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
-@@ -49,7 +49,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115
      stigid@ol7: OL07-00-040100
      stigid@ol8: OL08-00-040030
@@ -7887,20 +7451,20 @@ index 8b5f098f8..d09fa36b6 100644
  ocil_clause: 'there are additional ports, protocols, or services that are not in the PPSM CLSA, or there are ports, protocols, or services that are prohibited by the PPSM Category Assurance List (CAL), or there are no firewall rules configured'
  
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml
-index b136bce25..84b4e1cca 100644
+index 9dcd519ae..b1d824cfa 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ol
+-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ol,multi_platform_almalinux
++# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ol,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
-index 9c8e18823..b4fd81cf7 100644
+index 9dab45fda..67a7b329e 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
-@@ -24,7 +24,7 @@ references:
+@@ -23,7 +23,7 @@ references:
      nist: AC-17 (1)
      srg: SRG-OS-000297-GPOS-00115
      stigid@ol8: OL08-00-040090
@@ -7910,10 +7474,10 @@ index 9c8e18823..b4fd81cf7 100644
  ocil_clause: 'no zones are active on the interfaces or if the target is set to a different option other than "DROP"'
  
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
-index 6c2b02d72..ed3ecc734 100644
+index 735302bf1..f1141827a 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      pcidss: Req-1.4
      srg: SRG-OS-000480-GPOS-00227
@@ -7945,45 +7509,38 @@ index b2a8e350c..e97d0f4a5 100644
  
  result=$XCCDF_RESULT_PASS
 diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
-index 784d5722b..26c869e22 100644
+index cfb1cd690..a89ef4dcc 100644
 --- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
 +++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
-@@ -1,4 +1,4 @@
+@@ -1,5 +1,5 @@
+ #!/bin/bash
 -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- #!/bin/bash
  
  mkdir -p "/etc"
+ filepath="/etc/os-release"
 diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
-index 3b1d0fafd..1fa04dced 100644
+index 52c2500cb..702369f66 100644
 --- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
 +++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
-@@ -1,4 +1,4 @@
+@@ -1,5 +1,5 @@
+ #!/bin/bash
 -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- #!/bin/bash
  
  mkdir -p "/etc"
+ filepath="/etc/os-release"
 diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
-index d6394d7b1..8ed3c31ff 100644
+index 207bfac32..f5e12fe63 100644
 --- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
 +++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
-@@ -1,4 +1,4 @@
+@@ -1,5 +1,5 @@
+ #!/bin/bash
 -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- #!/bin/bash
  
  mkdir -p "/etc"
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
-index d787fbbbf..d209806d8 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- # enable randomness in ipv6 address generation
- for interface in /etc/sysconfig/network-scripts/ifcfg-*
+ filepath="/etc/os-release"
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
 index 87306fedb..88e2884bc 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
@@ -7996,10 +7553,10 @@ index 87306fedb..88e2884bc 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
-index 828c4a36e..79d9b9105 100644
+index 06c00495b..5e8c30e9b 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040261
@@ -8020,10 +7577,10 @@ index 8792fc668..2c7c4b025 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
-index fbe90dd61..f121e9287 100644
+index 50feb8ea8..be6135293 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040280
@@ -8044,10 +7601,10 @@ index e222b1c88..85b92ce90 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
-index 70f3f6e3e..1a1cf4ebd 100644
+index af9d2bae0..3d22faf8e 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040830
      stigid@ol8: OL08-00-040240
@@ -8057,10 +7614,10 @@ index 70f3f6e3e..1a1cf4ebd 100644
      stigid@sle15: SLES-15-040310
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
-index ad75ea331..0dbf6969a 100644
+index 98f028634..a490e7986 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      nist-csf: DE.CM-1,PR.DS-4,PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040260
@@ -8081,10 +7638,10 @@ index 4ed2c480c..f59b6d7c3 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
-index cd8d1b6d1..158c2f42e 100644
+index 765c117ea..29b6e394a 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040262
@@ -8105,10 +7662,10 @@ index 845b013ed..063776b85 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
-index eee34c1fb..fbaa2b4e7 100644
+index 253504442..b70ac8cd3 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      nist@slmicro5: CM-6(b),CM-6.1(iv)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040210
@@ -8129,10 +7686,10 @@ index e2951d845..0335df123 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
-index 5769dbd05..da095360f 100644
+index 40faa8c90..3e38e3bb1 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      pcidss: Req-1.4.3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040250
@@ -8173,16 +7730,6 @@ index db339c353..dc0a3890c 100644
  
  # Break the ipv6.disable argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
-diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
-index 2bd1bdbca..63ab3fe59 100644
---- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
-+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- # Drop 'tcp6' and 'udp6' entries from /etc/netconfig to prevent RPC
- # services for NFSv4 from attempting to start IPv6 network listeners
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
 index 6bb6de134..1f0664a02 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
@@ -8195,10 +7742,10 @@ index 6bb6de134..1f0664a02 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
-index df7f490e8..09f2ff035 100644
+index 606b45f2a..3e09ff541 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040641
      stigid@ol8: OL08-00-040279
@@ -8219,10 +7766,10 @@ index b3d72bb4a..b89b8a35a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
-index c961e0c3b..0e49daf93 100644
+index 444427b88..6e82f0da6 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040610
      stigid@ol8: OL08-00-040239
@@ -8232,10 +7779,10 @@ index c961e0c3b..0e49daf93 100644
      stigid@sle15: SLES-15-040300
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
-index f1ed28560..2e9441e35 100644
+index 039b2fc1a..3bb95737f 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
-@@ -22,7 +22,7 @@ references:
+@@ -21,7 +21,7 @@ references:
      nist: CM-6(b)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040259
@@ -8267,10 +7814,10 @@ index c64da37a3..08535e5a1 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
-index 40c6dceaa..079130101 100644
+index 3a119705f..339db5a6d 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040611
      stigid@ol8: OL08-00-040285
@@ -8279,28 +7826,6 @@ index 40c6dceaa..079130101 100644
  
  ocil: |-
      The runtime status of the net.ipv4.conf.all.rp_filter parameter can be queried
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
-index 583b70a3b..d9bca3de6 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- # Clean sysctl config directories
- rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
-index ef545976d..bf1ccb250 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- # Clean sysctl config directories
- rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
 index 8b075d55e..0dd17a34b 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
@@ -8324,10 +7849,10 @@ index 2bfbd9e46..8ea37100a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
-index 510267791..85f40cc6b 100644
+index 013604800..ecabe0cdb 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040640
      stigid@ol8: OL08-00-040209
@@ -8348,10 +7873,10 @@ index aa7d1562b..08668d03c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
-index f8c615f97..3d3426e6f 100644
+index 7a8c3f22e..e120e306a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040620
      stigid@ol8: OL08-00-040249
@@ -8405,10 +7930,10 @@ index 52d74441b..08c8c256d 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
-index 994d5b677..5cbc5bd7c 100644
+index 99820e36b..7829b61bf 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040630
      stigid@ol8: OL08-00-040230
@@ -8451,10 +7976,10 @@ index ea1db12fe..5d8b19f68 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
-index 5568a6bf3..46d4b3346 100644
+index b78553833..2f932ba0d 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040660
      stigid@ol8: OL08-00-040220
@@ -8475,10 +8000,10 @@ index b54e3d12b..125464d7a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
-index 1d18537ff..cb247969e 100644
+index f7739e381..289522c4a 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040650
      stigid@ol8: OL08-00-040270
@@ -8499,10 +8024,10 @@ index 89d344c4f..1a926adaa 100644
  
  tbl_output=$(nft list tables | grep inet)
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
-index 6e06e0c6d..b228978f3 100644
+index a9117da8f..1f2175950 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
-@@ -26,7 +26,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      nist: AC-18
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040021
@@ -8512,10 +8037,10 @@ index 6e06e0c6d..b228978f3 100644
  {{{ complete_ocil_entry_module_disable(module="atm") }}}
  
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
-index 433d01012..63ad0a2c4 100644
+index ffe4cc358..5112b0218 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040022
@@ -8524,22 +8049,11 @@ index 433d01012..63ad0a2c4 100644
  
  {{{ complete_ocil_entry_module_disable(module="can") }}}
  
-diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
-index 57cc29270..4b1b2805e 100644
---- a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
-+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- rm -f /etc/modprobe.d/dccp-blacklist.conf
- echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
-index c4b6bb2e8..61804c3ed 100644
+index 0f149d8b9..443fd3259 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
-@@ -25,7 +25,7 @@ references:
+@@ -24,7 +24,7 @@ references:
      nist: AC-18
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040026
@@ -8549,10 +8063,10 @@ index c4b6bb2e8..61804c3ed 100644
  {{{ complete_ocil_entry_module_disable(module="firewire-core") }}}
  
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
-index 5894d44b8..aff09bca3 100644
+index 4d5256401..5d532c285 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      pcidss: Req-1.4.2
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040023
@@ -8562,10 +8076,10 @@ index 5894d44b8..aff09bca3 100644
  {{{ complete_ocil_entry_module_disable(module="sctp") }}}
  
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
-index 3d0417c01..bbae29491 100644
+index 9611fd778..e05a2c73e 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_tipc_disabled/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040024
@@ -8575,10 +8089,10 @@ index 3d0417c01..bbae29491 100644
  {{{ complete_ocil_entry_module_disable(module="tipc") }}}
  
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
-index 69f5aac25..862928602 100644
+index e83b04eaa..c4c7272e9 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000300-GPOS-00118
      stigid@ol8: OL08-00-040111
@@ -8588,11 +8102,11 @@ index 69f5aac25..862928602 100644
  {{{ complete_ocil_entry_module_disable(module="bluetooth") }}}
  
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
-index 256ab8558..1b614d432 100644
+index b466147d6..029443c1b 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
-@@ -64,7 +64,7 @@ references:
-     srg: SRG-OS-000299-GPOS-00117,SRG-OS-000300-GPOS-00118,SRG-OS-000424-GPOS-00188,SRG-OS-000481-GPOS-000481
+@@ -62,7 +62,7 @@ references:
+     srg: SRG-OS-000299-GPOS-00117,SRG-OS-000300-GPOS-00118,SRG-OS-000424-GPOS-00188,SRG-OS-000481-GPOS-00481
      stigid@ol7: OL07-00-041010
      stigid@ol8: OL08-00-040110
 -    stigid@rhel8: RHEL-08-040110
@@ -8601,10 +8115,10 @@ index 256ab8558..1b614d432 100644
      stigid@sle15: SLES-15-010380
      stigid@ubuntu2004: UBTU-20-010455
 diff --git a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
-index 171d87a34..6fbdacd90 100644
+index 721dec3f7..ccda3da28 100644
 --- a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
 +++ b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040600
      stigid@ol8: OL08-00-010680
@@ -8613,25 +8127,6 @@ index 171d87a34..6fbdacd90 100644
  
  ocil_clause: 'less than two lines are returned that are not commented out'
  
-diff --git a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
-index 0f2d15979..27572472b 100644
---- a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
-+++ b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- source common.sh
-diff --git a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
-index 469db24e9..671a4d019 100644
---- a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
-+++ b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- source common.sh
- 
 diff --git a/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh b/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh
 index 7e8b5abc0..63e5790c3 100644
 --- a/linux_os/guide/system/network/network_disable_zeroconf/bash/shared.sh
@@ -8640,21 +8135,11 @@ index 7e8b5abc0..63e5790c3 100644
 -# platform = Red Hat Enterprise Linux 8
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8
  echo "NOZEROCONF=yes" >> /etc/sysconfig/network
-diff --git a/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml b/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
-index 045befe2b..315b51926 100644
---- a/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
-+++ b/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 10,multi_platform_ol,multi_platform_rhv,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 10,multi_platform_ol,multi_platform_rhv,multi_platform_fedora
- # reboot = false
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
-index df4ca9bba..260aba38b 100644
+index 440092fee..3d37f4ff9 100644
 --- a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040670
      stigid@ol8: OL08-00-040330
@@ -8664,43 +8149,23 @@ index df4ca9bba..260aba38b 100644
      stigid@sle15: SLES-15-040390
  
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
-index de314e8b2..aa32dfeba 100644
+index 783653bd4..148ab9d43 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
-@@ -25,7 +25,7 @@ identifiers:
+@@ -24,7 +24,7 @@ identifiers:
+ 
  references:
-     disa: CCI-000366,CCI-001090
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000138-GPOS-00069
 -    stigid@rhel8: RHEL-08-010700
 +    stigid@almalinux8: RHEL-08-010700
  
  ocil_clause: 'there are world-writable directories not owned by root'
  
-diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
-index 33caa81c9..df5b4eacb 100644
---- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
-index e488cceeb..f36b06f69 100644
---- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- df --local -P | awk '{if (NR!=1) print $6}' \
- | xargs -I '$6' find '$6' -xdev -type d \
- \( -perm -0002 -a ! -perm -1000 \) 2>/dev/null \
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
-index 9859dc367..f8fc1b274 100644
+index 16bb4555b..60b5b5539 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000138-GPOS-00069
      stigid@ol8: OL08-00-010190
@@ -8710,10 +8175,10 @@ index 9859dc367..f8fc1b274 100644
      stigid@sle15: SLES-15-010300
      stigid@ubuntu2004: UBTU-20-010411
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
-index 7a11abcd6..78cee0a4f 100644
+index 9782b2dc0..0a56376ec 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021030
      stigid@ol8: OL08-00-010710
@@ -8723,10 +8188,10 @@ index 7a11abcd6..78cee0a4f 100644
      stigid@sle15: SLES-15-040180
  
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
-index ab43399f3..47441d49e 100644
+index 3f171b7d9..5e060cca9 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
-@@ -51,7 +51,7 @@ references:
+@@ -49,7 +49,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020330
      stigid@ol8: OL08-00-010790
@@ -8736,10 +8201,10 @@ index ab43399f3..47441d49e 100644
      stigid@sle15: SLES-15-040410
  
 diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
-index 3dd27b8e2..23c09f7fe 100644
+index 9b788d56e..795e4d5c3 100644
 --- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
 +++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020320
      stigid@ol8: OL08-00-010780
@@ -8749,11 +8214,11 @@ index 3dd27b8e2..23c09f7fe 100644
      stigid@sle15: SLES-15-040400
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
-index c85245e66..0b39eac37 100644
+index b4c59242a..cae0931a4 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log/rule.yml
-@@ -28,7 +28,7 @@ references:
-     disa: CCI-001314
+@@ -27,7 +27,7 @@ identifiers:
+ references:
      srg: SRG-OS-000206-GPOS-00084,SRG-APP-000118-CTR-000240
      stigid@ol8: OL08-00-010260
 -    stigid@rhel8: RHEL-08-010260
@@ -8762,24 +8227,24 @@ index c85245e66..0b39eac37 100644
      stigid@ubuntu2204: UBTU-22-232125
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
-index 68849bd25..69c223210 100644
+index 8d2f3da96..1b1633efa 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_groupowner_var_log_messages/rule.yml
-@@ -19,7 +19,7 @@ references:
-     disa: CCI-001314
+@@ -22,7 +22,7 @@ identifiers:
+ references:
      srg: SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-010230
 -    stigid@rhel8: RHEL-08-010230
 +    stigid@almalinux8: RHEL-08-010230
  
- ocil_clause: '{{{ ocil_clause_file_group_owner(file="/var/log/messages", group="root") }}}'
- 
+ {{%- if product in ['ubuntu2404'] %}}
+ ocil_clause: '{{{ ocil_clause_file_group_owner(file="/var/log/messages", group="adm|root") }}}'
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
-index c098f043b..45b57fc15 100644
+index 1e8a07187..edcb32528 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml
-@@ -21,7 +21,7 @@ references:
-     disa: CCI-001314
+@@ -20,7 +20,7 @@ identifiers:
+ references:
      srg: SRG-OS-000206-GPOS-00084,SRG-APP-000118-CTR-000240
      stigid@ol8: OL08-00-010250
 -    stigid@rhel8: RHEL-08-010250
@@ -8788,24 +8253,24 @@ index c098f043b..45b57fc15 100644
      stigid@ubuntu2204: UBTU-22-232120
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
-index b17311a24..70dafa9d8 100644
+index 8c79597b0..1430d1b8f 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml
-@@ -19,7 +19,7 @@ references:
-     disa: CCI-001314
+@@ -23,7 +23,7 @@ identifiers:
+ references:
      srg: SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-010220
 -    stigid@rhel8: RHEL-08-010220
 +    stigid@almalinux8: RHEL-08-010220
  
- ocil_clause: '{{{ ocil_clause_file_owner(file="/var/log/messages", owner="root") }}}'
- 
+ {{%- if product in ['ubuntu2404'] %}}
+ ocil_clause: '{{{ ocil_clause_file_owner(file="/var/log/messages", owner="syslog|root") }}}'
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
-index 54ff93140..217aa64e9 100644
+index b5794e3f5..ed95eebe3 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log/rule.yml
-@@ -22,7 +22,7 @@ references:
-     disa: CCI-001314
+@@ -21,7 +21,7 @@ identifiers:
+ references:
      srg: SRG-OS-000206-GPOS-00084,SRG-APP-000118-CTR-000240
      stigid@ol8: OL08-00-010240
 -    stigid@rhel8: RHEL-08-010240
@@ -8814,23 +8279,23 @@ index 54ff93140..217aa64e9 100644
      stigid@ubuntu2204: UBTU-22-232025
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
-index a764107f5..550e23636 100644
+index d6bcde8ff..d6bca6feb 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
-@@ -20,7 +20,7 @@ references:
-     disa: CCI-001314
+@@ -27,7 +27,7 @@ identifiers:
+ references:
      srg: SRG-OS-000206-GPOS-00084
      stigid@ol8: OL08-00-010210
 -    stigid@rhel8: RHEL-08-010210
 +    stigid@almalinux8: RHEL-08-010210
  
- ocil_clause: '{{{ ocil_clause_file_permissions(file="/var/log/messages", perms="-rw-------") }}}'
+ ocil_clause: '{{{ ocil_clause_file_permissions(file="/var/log/messages", perms=target_perms) }}}'
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
-index b06834e4f..fe1277bff 100644
+index 143dadf52..63d51f40f 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010351
@@ -8840,10 +8305,10 @@ index b06834e4f..fe1277bff 100644
      stigid@sle15: SLES-15-010356
      stigid@ubuntu2004: UBTU-20-010431
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
-index 3fcdad610..b44ebf7de 100644
+index 079484a50..fc28c01f4 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010341
@@ -8852,31 +8317,11 @@ index 3fcdad610..b44ebf7de 100644
      stigid@sle12: SLES-12-010874
      stigid@sle15: SLES-15-010354
      stigid@ubuntu2004: UBTU-20-010429
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
-index d2b47d989..9f25146b9 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- DIRS="/lib /lib64 /usr/lib /usr/lib64"
- for dirPath in $DIRS; do
- 	find "$dirPath" -type d -exec chown root '{}' \;
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
-index 542184ae8..9cdfbf737 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- groupadd nogroup
- DIRS="/lib /lib64"
- for dirPath in $DIRS; do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
-index f76b5b354..3abf4036c 100644
+index e4968a684..160216355 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist: CM-5,CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010331
@@ -8885,71 +8330,11 @@ index f76b5b354..3abf4036c 100644
      stigid@sle12: SLES-12-010872
      stigid@sle15: SLES-15-010352
      stigid@ubuntu2004: UBTU-20-010427
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
-index 5f8dcd2eb..7980d87b5 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- DIRS="/lib /lib64 /usr/lib /usr/lib64"
- for dirPath in $DIRS; do
- 	find "$dirPath" -perm /022 -type d -exec chmod go-w '{}' \;
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
-index c3cd0944b..3c41df40c 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- DIRS="/lib /lib64 /usr/lib /usr/lib64"
- for dirPath in $DIRS; do
-     chmod -R 755 "$dirPath"
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
-index 90ae74be6..243a8e16e 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- DIRS="/lib /lib64"
- for dirPath in $DIRS; do
- 	mkdir -p "$dirPath/testme" && chmod 777  "$dirPath/testme"
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
-index ebaf9b766..858020d51 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- DIRS="/usr/lib /usr/lib64"
- for dirPath in $DIRS; do
- 	mkdir -p "$dirPath/testme" && chmod 777 "$dirPath/testme"
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
-index 8e9fc7b8b..7ce862d34 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = medium
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
-index 126824999..853c50bb1 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- 
- for SYSCMDFILES in /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin
- do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
-index 11733e096..d8d55c32e 100644
+index 9fd99cb15..f64bb1fb4 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010320
@@ -8958,31 +8343,11 @@ index 11733e096..d8d55c32e 100644
      stigid@sle12: SLES-12-010882
      stigid@sle15: SLES-15-010361
      stigid@ubuntu2004: UBTU-20-010458
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
-index bfa87de9e..8e2e64479 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = medium
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
-index c01f262cb..2f899a4ae 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
- find /bin/ \
- /usr/bin/ \
- /usr/local/bin/ \
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
-index 563c8a91b..82d19056c 100644
+index 44a6ce121..5e5e48804 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010310
@@ -8992,10 +8357,10 @@ index 563c8a91b..82d19056c 100644
      stigid@sle15: SLES-15-010359
      stigid@ubuntu2004: UBTU-20-010457
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
-index 2f00b19b3..6d4a7e6b0 100644
+index fc6d9385d..8996ca632 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010340
@@ -9004,71 +8369,11 @@ index 2f00b19b3..6d4a7e6b0 100644
      stigid@sle12: SLES-12-010873
      stigid@sle15: SLES-15-010353
      stigid@ubuntu2004: UBTU-20-010428
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
-index 9c3fa6fe9..78ab97152 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
- do
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
-index 02867684c..8b274eded 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- useradd user_test
- for TESTFILE in /lib/test_me /lib64/test_me /usr/lib/test_me /usr/lib64/test_me
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
-index 81d8a339e..70345d4e7 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- useradd user_test
- 
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
-index 3382568ce..b4f4bd0a0 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- useradd user_test
- 
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
-index ab6d35c79..f37c06f86 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = medium
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
-index 6eef84def..984fb7f55 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- DIRS="/bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin /usr/libexec"
- for dirPath in $DIRS; do
- 	find "$dirPath" -perm /022 -exec chmod go-w '{}' \;
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
-index bc98cf038..196623fa3 100644
+index 203410aef..712f35549 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010300
@@ -9078,10 +8383,10 @@ index bc98cf038..196623fa3 100644
      stigid@sle15: SLES-15-010358
      stigid@ubuntu2004: UBTU-20-010456
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
-index 82aad077f..03f3313c2 100644
+index 7b1d3a081..5d2e252c2 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010330
@@ -9091,10 +8396,10 @@ index 82aad077f..03f3313c2 100644
      stigid@sle15: SLES-15-010351
      stigid@ubuntu2004: UBTU-20-010426
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
-index 7dc898b83..285bc507a 100644
+index 21c9a91d2..836697714 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010350
@@ -9104,25 +8409,40 @@ index 7dc898b83..285bc507a 100644
      stigid@sle15: SLES-15-010355
      stigid@ubuntu2004: UBTU-20-010430
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
-index 5356d3742..a85c88001 100644
+index af967f535..4847d0c3c 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
-@@ -1,4 +1,4 @@
+@@ -1,5 +1,5 @@
+ #!/bin/bash
 -# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
 +# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
  
  for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
  do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
-index 7352b60aa..fc84e065c 100644
+index 1fd8fe347..5dc9e9538 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
-@@ -1,4 +1,4 @@
+@@ -1,5 +1,5 @@
+ #!/bin/bash
 -# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
 +# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
  
  groupadd group_test
  for TESTFILE in /lib/test_me /lib64/test_me /usr/lib/test_me /usr/lib64/test_me
+diff --git a/linux_os/guide/system/permissions/files/rootfiles/rootfiles_configured/rule.yml b/linux_os/guide/system/permissions/files/rootfiles/rootfiles_configured/rule.yml
+index 5bee83fa2..ebfe1729f 100644
+--- a/linux_os/guide/system/permissions/files/rootfiles/rootfiles_configured/rule.yml
++++ b/linux_os/guide/system/permissions/files/rootfiles/rootfiles_configured/rule.yml
+@@ -26,7 +26,7 @@ identifiers:
+ 
+ references:
+     srg: SRG-OS-000480-GPOS-00227
+-    stigid@rhel8: RHEL-08-010770
++    stigid@almalinux8: RHEL-08-010770
+ 
+ ocil_clause: 'that rootfiles are not configured correctly'
+ 
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
 index b0d594003..4a71eccda 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
@@ -9135,10 +8455,10 @@ index b0d594003..4a71eccda 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
-index 52d4fa75d..44ec247a9 100644
+index 57bb2b44d..803c58227 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
 +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
-@@ -26,7 +26,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      nist: CM-6(a),AC-6(1)
      srg: SRG-OS-000312-GPOS-00122,SRG-OS-000312-GPOS-00123,SRG-OS-000324-GPOS-00125
      stigid@ol8: OL08-00-010374
@@ -9159,10 +8479,10 @@ index 5ce0decba..b7a4243e4 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
-index a3c4423d3..3570174cd 100644
+index 426934e4d..8666d405c 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
 +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      nist: CM-6(a),AC-6(1)
      srg: SRG-OS-000312-GPOS-00122,SRG-OS-000312-GPOS-00123,SRG-OS-000324-GPOS-00125
      stigid@ol8: OL08-00-010373
@@ -9172,10 +8492,10 @@ index a3c4423d3..3570174cd 100644
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="fs.protected_symlinks", value="1") }}}
  
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
-index 6665bc106..64fcfd1c6 100644
+index 28a1717b0..106537e90 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040025
@@ -9185,10 +8505,10 @@ index 6665bc106..64fcfd1c6 100644
  {{{ complete_ocil_entry_module_disable(module="cramfs") }}}
  
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
-index 41cc22203..fa358683f 100644
+index 047b74a20..f9afe95e0 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      srg: SRG-OS-000114-GPOS-00059,SRG-OS-000378-GPOS-00163,SRG-OS-000480-GPOS-00227,SRG-APP-000141-CTR-000315
      stigid@ol7: OL07-00-020100
      stigid@ol8: OL08-00-040080
@@ -9198,10 +8518,10 @@ index 41cc22203..fa358683f 100644
      stigid@sle15: SLES-15-010480
      stigid@ubuntu2004: UBTU-20-010461
 diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
-index 821fe53eb..cb21162df 100644
+index e9f2e6a4e..465fa5f52 100644
 --- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      srg: SRG-OS-000114-GPOS-00059,SRG-OS-000378-GPOS-00163,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020110
      stigid@ol8: OL08-00-040070
@@ -9211,23 +8531,23 @@ index 821fe53eb..cb21162df 100644
      stigid@sle15: SLES-15-010240
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
-index 27488ed67..f8721eeaf 100644
+index abf49782a..da17a4eaf 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
-@@ -26,7 +26,7 @@ references:
+@@ -25,7 +25,7 @@ references:
      nist: CM-6(b),CM-6.1(iv)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010572
 -    stigid@rhel8: RHEL-08-010572
 +    stigid@almalinux8: RHEL-08-010572
  
- template:
-     name: mount_option
+ platform: mount[boot-efi]
+ 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
-index ab03c0740..0290b265c 100644
+index 034711b00..c9fc80cb3 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010571
@@ -9237,10 +8557,10 @@ index ab03c0740..0290b265c 100644
  
  template:
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
-index cb069b664..7f7c7344a 100644
+index de9b8baa6..cac949ced 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol7: OL07-00-021024
      stigid@ol8: OL08-00-040120
@@ -9250,10 +8570,10 @@ index cb069b664..7f7c7344a 100644
  
  template:
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
-index 85814150c..54da72820 100644
+index 5b5c3bea4..476e3afb6 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol7: OL07-00-021024
      stigid@ol8: OL08-00-040122
@@ -9263,10 +8583,10 @@ index 85814150c..54da72820 100644
  
  fixtext: |-
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
-index 3b082433e..70b12f809 100644
+index 6df669124..e20bda87d 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol7: OL07-00-021024
      stigid@ol8: OL08-00-040121
@@ -9276,10 +8596,10 @@ index 3b082433e..70b12f809 100644
  
  template:
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
-index 6890b0be5..065a41791 100644
+index 4df0d576b..8a07ea6c2 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      nist: CM-6(b)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010590
@@ -9289,10 +8609,10 @@ index 6890b0be5..065a41791 100644
  
  {{{ complete_ocil_entry_mount_option("/home", "noexec") }}}
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
-index 3e6f52571..21762a831 100644
+index 9055d8fa9..abc6ef00f 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021000
      stigid@ol8: OL08-00-010570
@@ -9302,10 +8622,10 @@ index 3e6f52571..21762a831 100644
      stigid@sle15: SLES-15-040140
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
-index d40dfb95b..d5a41d09a 100644
+index 664ab3db8..76100739f 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010580
@@ -9315,10 +8635,10 @@ index d40dfb95b..d5a41d09a 100644
  
  fixtext: |-
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
-index 614f3f509..99a15bf85 100644
+index 3ea8f6a78..657a05cf0 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      nist-csf: PR.AC-3,PR.AC-6,PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010600
@@ -9328,10 +8648,10 @@ index 614f3f509..99a15bf85 100644
  
  ocil_clause: 'a file system found in "/etc/fstab" refers to removable media and it does not have the "nodev" option set'
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
-index fdab534f2..85e964135 100644
+index 36afd8b75..2dd5caa59 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      nist-csf: PR.AC-3,PR.AC-6,PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010610
@@ -9341,10 +8661,10 @@ index fdab534f2..85e964135 100644
  ocil_clause: 'removable media partitions are present'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
-index 94b0d8c9b..ba4747ff8 100644
+index d9430f612..7c0fae699 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021010
      stigid@ol8: OL08-00-010620
@@ -9354,10 +8674,10 @@ index 94b0d8c9b..ba4747ff8 100644
      stigid@sle15: SLES-15-040150
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
-index dc812a92e..7ed0cedca 100644
+index 672bfaffd..286f8430e 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040123
@@ -9367,10 +8687,10 @@ index dc812a92e..7ed0cedca 100644
  platform: mount[tmp]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
-index 46aedbad4..f999bcbe7 100644
+index e59e9891b..78c8ecb19 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040125
@@ -9380,10 +8700,10 @@ index 46aedbad4..f999bcbe7 100644
  platform: mount[tmp]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
-index 3a16538b1..b8f9c393e 100644
+index 678d4134d..7826d5ab6 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040124
@@ -9393,10 +8713,10 @@ index 3a16538b1..b8f9c393e 100644
  platform: mount[tmp]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
-index a0afbcf72..6a6e2295d 100644
+index 6941648ec..1518c08b4 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040129
@@ -9406,10 +8726,10 @@ index a0afbcf72..6a6e2295d 100644
  platform: mount[var-log-audit]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
-index eeb5906df..89c74f415 100644
+index c9944fa73..23d5c1bb0 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040131
@@ -9419,10 +8739,10 @@ index eeb5906df..89c74f415 100644
  platform: mount[var-log-audit]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
-index bd5ed3cea..35e9e12fd 100644
+index 6e4c8c72b..875b70642 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040130
@@ -9432,10 +8752,10 @@ index bd5ed3cea..35e9e12fd 100644
  platform: mount[var-log-audit]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
-index 442b0a1e1..c5315f31d 100644
+index 603590750..6460d2ea2 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040126
@@ -9445,10 +8765,10 @@ index 442b0a1e1..c5315f31d 100644
  platform: mount[var-log]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
-index e827606dd..cbc9b46ce 100644
+index a91fa4b14..5f3e1c8ab 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040128
@@ -9458,10 +8778,10 @@ index e827606dd..cbc9b46ce 100644
  platform: mount[var-log]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
-index c83aad907..461b4b057 100644
+index da230c6cc..77bd74653 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040127
@@ -9481,11 +8801,11 @@ index 59e39270d..5c154d333 100644
  # Delete particular /etc/fstab's row if /var/tmp is already configured to
  # represent a mount point (for some device or filesystem other than /tmp)
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
-index 50d698334..69da8f741 100644
+index 44743f89f..e457fa6d7 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
-@@ -34,7 +34,7 @@ references:
-     disa: CCI-001764
+@@ -33,7 +33,7 @@ references:
+     cis@ubuntu2204: 1.1.4.4
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040132
 -    stigid@rhel8: RHEL-08-040132
@@ -9494,11 +8814,11 @@ index 50d698334..69da8f741 100644
  platform: mount[var-tmp]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
-index 86ee15056..ba75368df 100644
+index d897bb82f..d5905470c 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
-@@ -34,7 +34,7 @@ references:
-     disa: CCI-001764
+@@ -33,7 +33,7 @@ references:
+     cis@ubuntu2204: 1.1.4.2
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040134
 -    stigid@rhel8: RHEL-08-040134
@@ -9507,11 +8827,11 @@ index 86ee15056..ba75368df 100644
  platform: mount[var-tmp]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
-index 100582899..a91f84707 100644
+index eb4c872b1..1c47e4963 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
-@@ -34,7 +34,7 @@ references:
-     disa: CCI-001764
+@@ -33,7 +33,7 @@ references:
+     cis@ubuntu2204: 1.1.4.3
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040133
 -    stigid@rhel8: RHEL-08-040133
@@ -9531,10 +8851,10 @@ index d94802273..554e34e00 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
-index 2b0604d10..ba1290f14 100644
+index bb7b13db0..136ef4934 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      pcidss: Req-3.2
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010675
@@ -9555,10 +8875,10 @@ index d94802273..554e34e00 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
-index 3ba3a22cf..a54e77860 100644
+index ef51bdb74..59579139d 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      pcidss: Req-3.2
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010674
@@ -9567,16 +8887,6 @@ index 3ba3a22cf..a54e77860 100644
  
  ocil_clause: Storage is not set to none or is commented out and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core" item assigned
  
-diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
-index c57a01958..f75667220 100644
---- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- SECURITY_LIMITS_FILE="/etc/security/limits.conf"
- 
- if grep -qE '^\s*\*\s+hard\s+core' $SECURITY_LIMITS_FILE; then
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
 index 41cbd1197..481afa583 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
@@ -9589,10 +8899,10 @@ index 41cbd1197..481afa583 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
-index af0fcf370..78d0ce41a 100644
+index d49563ab9..fed70f09c 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      nist-csf: DE.CM-1,PR.DS-4
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010673
@@ -9602,10 +8912,10 @@ index af0fcf370..78d0ce41a 100644
  ocil_clause: 'the "core" item is missing, commented out, or the value is anything other than "0" and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core"'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
-index 429f6fe9c..245a55c5a 100644
+index 505c638c0..59b320d04 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010672
@@ -9614,7 +8924,7 @@ index 429f6fe9c..245a55c5a 100644
  
  ocil_clause: unit systemd-coredump.socket is not masked or running
  
-@@ -51,7 +51,7 @@ template:
+@@ -50,7 +50,7 @@ template:
      name: socket_disabled
      vars:
          socketname: systemd-coredump
@@ -9645,10 +8955,10 @@ index 415b0486d..02b1e991a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
-index 95f13e13b..58e9d0573 100644
+index e70e0db7c..700a65e1d 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000433-GPOS-00192,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040283
@@ -9657,28 +8967,6 @@ index 95f13e13b..58e9d0573 100644
      stigid@sle12: SLES-12-030320
      stigid@sle15: SLES-15-010540
  
-diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
-index 70189666c..22f9e966b 100644
---- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
-+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- # Clean sysctl config directories
- rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
-diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
-index 209395fa9..23cce30a8 100644
---- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
-+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- # Clean sysctl config directories
- rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
 index 7a4c107b2..22e209120 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
@@ -9691,10 +8979,10 @@ index 7a4c107b2..22e209120 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
-index 061d44762..17c71d655 100644
+index acd3b3b1c..43ea4f5be 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      srg: SRG-OS-000433-GPOS-00193,SRG-OS-000480-GPOS-00227,SRG-APP-000450-CTR-001105
      stigid@ol7: OL07-00-040201
      stigid@ol8: OL08-00-010430
@@ -9704,10 +8992,10 @@ index 061d44762..17c71d655 100644
      stigid@sle15: SLES-15-010550
      stigid@ubuntu2004: UBTU-20-010448
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
-index 9b2f76c37..0bd35153b 100644
+index ea64fdae9..19f027642 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      nist-csf: PR.IP-1
      srg: SRG-OS-000433-GPOS-00192,SRG-APP-000450-CTR-001105
      stigid@ol8: OL08-00-010420
@@ -9716,33 +9004,11 @@ index 9b2f76c37..0bd35153b 100644
      stigid@ubuntu2004: UBTU-20-010447
      stigid@ubuntu2204: UBTU-22-213025
  
-diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
-index 6d87da5f2..021acd31f 100755
---- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
-+++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- cp /proc/cpuinfo /tmp/cpuinfo
-diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
-index 3260539b3..29d22d491 100755
---- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
-+++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- cp /proc/cpuinfo /tmp/cpuinfo
 diff --git a/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
-index 8507ac283..5bed242df 100644
+index debd5bf4f..a89681387 100644
 --- a/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
-@@ -20,7 +20,7 @@ references:
+@@ -19,7 +19,7 @@ references:
      nist: CM-7 (a),CM-7 (5) (b)
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000370-GPOS-00155
      stigid@ol8: OL08-00-040020
@@ -9752,10 +9018,10 @@ index 8507ac283..5bed242df 100644
  platform: system_with_kernel
  
 diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
-index 5140236fd..0ebe35402 100644
+index ac6aa8404..3607d8da8 100644
 --- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      nist: CM-6(a)
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
      stigid@ol8: OL08-00-010421
@@ -9765,10 +9031,10 @@ index 5140236fd..0ebe35402 100644
  ocil_clause: 'page allocator poisoning is not enabled'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
-index c2ea1a898..46a463b73 100644
+index 955baed18..8899dd9aa 100644
 --- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      nist: CM-6(a)
      srg: SRG-OS-000433-GPOS-00192,SRG-OS-000134-GPOS-00068
      stigid@ol8: OL08-00-010423
@@ -9789,10 +9055,10 @@ index 88c683445..fa9b2020d 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-index b555eca8f..3aa33caff 100644
+index a94218c1b..4ca1cf722 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-@@ -28,7 +28,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      nist: SC-7(10)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010671
@@ -9813,10 +9079,10 @@ index 36e025cc3..e97acde11 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
-index 651e3bc35..c90a6b377 100644
+index ed853b05e..828361fe7 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069,SRG-APP-000243-CTR-000600
      stigid@ol7: OL07-00-010375
      stigid@ol8: OL08-00-010375
@@ -9837,10 +9103,10 @@ index 505b3c12b..cdf18e6dd 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
-index c763c7d05..dc016bd74 100644
+index 26fab4fd1..52e06e4ed 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
-@@ -23,7 +23,7 @@ references:
+@@ -22,7 +22,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000366-GPOS-00153
      stigid@ol8: OL08-00-010372
@@ -9861,10 +9127,10 @@ index 0541e59a7..50020c28c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
-index d4143e029..4b95ee738 100644
+index d5971cc24..52daadd1d 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
-@@ -24,7 +24,7 @@ references:
+@@ -23,7 +23,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069,SRG-APP-000243-CTR-000600
      stigid@ol8: OL08-00-010376
@@ -9885,10 +9151,10 @@ index 2e24d9211..7b706bb32 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
-index 874bc113e..19d513681 100644
+index 52ab8ee5d..c1c55c06d 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
-@@ -22,7 +22,7 @@ references:
+@@ -21,7 +21,7 @@ references:
      nist: AC-6,SC-7(10)
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040281
@@ -9909,10 +9175,10 @@ index ceafd4839..7006e2066 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
-index 498e93e15..b3b830191 100644
+index dd9484433..db70a21f7 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -26,7 +26,7 @@ references:
      ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040282
@@ -9933,10 +9199,10 @@ index 7519b7740..af6c30abd 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
-index 2b4394608..c94003cf9 100644
+index dcb8ba2e0..35be777df 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
-@@ -23,7 +23,7 @@ references:
+@@ -22,7 +22,7 @@ references:
      nist: CM-6,SC-7(10)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040286
@@ -9956,21 +9222,21 @@ index fdd4fb83e..3274d5b36 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
-index ae6678e66..dd45e6327 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
-@@ -35,7 +35,7 @@ references:
-     ospp: FMT_SMF_EXT.1
+diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces_no_remediation/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces_no_remediation/rule.yml
+index fcb356e7c..201bed021 100644
+--- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces_no_remediation/rule.yml
++++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces_no_remediation/rule.yml
+@@ -31,7 +31,7 @@ identifiers:
+ 
+ references:
      srg: SRG-OS-000480-GPOS-00227
-     stigid@ol8: OL08-00-040284
 -    stigid@rhel8: RHEL-08-040284
 +    stigid@almalinux8: RHEL-08-040284
  
  ocil: |
      Verify that {{{ full_name }}} disables the use of user namespaces with the following commands:
 diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
-index 2520d3dcc..ed0bc9538 100644
+index 9558acad7..52cc0a789 100644
 --- a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
 +++ b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
 @@ -1,5 +1,5 @@
@@ -9981,11 +9247,11 @@ index 2520d3dcc..ed0bc9538 100644
  # Package libselinux cannot be uninstalled normally
  # as it would cause removal of sudo package which is
 diff --git a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
-index 5c6e7417e..93471f2bb 100644
+index 3a853c067..e9a5a08bf 100644
 --- a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
 +++ b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
-@@ -32,7 +32,7 @@ references:
-     disa: CCI-000366,CCI-001084
+@@ -31,7 +31,7 @@ identifiers:
+ references:
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
      stigid@ol8: OL08-00-010171
 -    stigid@rhel8: RHEL-08-010171
@@ -9993,11 +9259,24 @@ index 5c6e7417e..93471f2bb 100644
  
  ocil_clause: 'the policycoreutils package is not installed'
  
+diff --git a/linux_os/guide/system/selinux/selinux_context_elevation_for_sudo/rule.yml b/linux_os/guide/system/selinux/selinux_context_elevation_for_sudo/rule.yml
+index 6d8605cba..8e195bdd5 100644
+--- a/linux_os/guide/system/selinux/selinux_context_elevation_for_sudo/rule.yml
++++ b/linux_os/guide/system/selinux/selinux_context_elevation_for_sudo/rule.yml
+@@ -36,7 +36,7 @@ references:
+     nist: AC-3(4),AC-6(10)
+     srg: SRG-OS-000324-GPOS-00125
+     stigid@ol7: OL07-00-020023
+-    stigid@rhel8: RHEL-08-010455
++    stigid@almalinux8: RHEL-08-010455
+ 
+ ocil_clause: 'selinux context does not elevate when running sudo command'
+ 
 diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
-index 0ce6648a9..a16729287 100644
+index 729d1728f..e2c97598e 100644
 --- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
-@@ -51,7 +51,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      srg: SRG-OS-000445-GPOS-00199,SRG-APP-000233-CTR-000585
      stigid@ol7: OL07-00-020220
      stigid@ol8: OL08-00-010450
@@ -10007,10 +9286,10 @@ index 0ce6648a9..a16729287 100644
  ocil_clause: 'the loaded policy name is not "{{{ xccdf_value("var_selinux_policy_name") }}}"'
  
 diff --git a/linux_os/guide/system/selinux/selinux_state/rule.yml b/linux_os/guide/system/selinux/selinux_state/rule.yml
-index ba0a43a4a..edbcdfa2b 100644
+index 56903e6c1..e7e547dee 100644
 --- a/linux_os/guide/system/selinux/selinux_state/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_state/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      srg: SRG-OS-000445-GPOS-00199,SRG-OS-000134-GPOS-00068
      stigid@ol7: OL07-00-020210
      stigid@ol8: OL08-00-010170
@@ -10020,10 +9299,10 @@ index ba0a43a4a..edbcdfa2b 100644
  ocil_clause: 'SELINUX is not set to enforcing'
  
 diff --git a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
-index 9d751d635..058fc3bf6 100644
+index 9e2266885..cddf41fd6 100644
 --- a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      srg: SRG-OS-000324-GPOS-00125
      stigid@ol7: OL07-00-020020
      stigid@ol8: OL08-00-040400
@@ -10033,10 +9312,10 @@ index 9d751d635..058fc3bf6 100644
  ocil_clause: 'non-admin users are not confined correctly'
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
-index 50884551a..0b81bbf55 100644
+index 6cfb138e1..ce269b047 100644
 --- a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
-@@ -80,7 +80,7 @@ references:
+@@ -79,7 +79,7 @@ references:
      nist@sle15: SC-28,SC-28.1
      srg: SRG-OS-000405-GPOS-00184,SRG-OS-000185-GPOS-00079,SRG-OS-000404-GPOS-00183
      stigid@ol8: OL08-00-010030
@@ -10046,10 +9325,10 @@ index 50884551a..0b81bbf55 100644
      stigid@sle15: SLES-15-010330
      stigid@ubuntu2004: UBTU-20-010414
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
-index 1539bc866..17093daf8 100644
+index 67cbbc42d..fb7a57fce 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021310
      stigid@ol8: OL08-00-010800
@@ -10059,10 +9338,10 @@ index 1539bc866..17093daf8 100644
      stigid@sle15: SLES-15-040200
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
-index 4ac7375e0..7d8c344ef 100644
+index 59cab71f3..1ce7c07ca 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021340
      stigid@ol8: OL08-00-010543
@@ -10072,10 +9351,10 @@ index 4ac7375e0..7d8c344ef 100644
  {{{ complete_ocil_entry_separate_partition(part="/tmp") }}}
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
-index f74455ae9..76897321e 100644
+index 951a223ef..f72388b91 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021320
      stigid@ol8: OL08-00-010540
@@ -10085,10 +9364,10 @@ index f74455ae9..76897321e 100644
      stigid@sle15: SLES-15-040210
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
-index 2aa64e3b0..838ff5c90 100644
+index 99d575d7d..b49da6d2a 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      nist-csf: PR.PT-1,PR.PT-4
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010541
@@ -10098,10 +9377,10 @@ index 2aa64e3b0..838ff5c90 100644
  {{{ complete_ocil_entry_separate_partition(part="/var/log") }}}
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
-index 1cbfe4024..1f18a3ba2 100644
+index b9333aa7b..e176ca849 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      srg: SRG-OS-000341-GPOS-00132,SRG-OS-000480-GPOS-00227,SRG-APP-000357-CTR-000800
      stigid@ol7: OL07-00-021330
      stigid@ol8: OL08-00-010542
@@ -10111,11 +9390,11 @@ index 1cbfe4024..1f18a3ba2 100644
      stigid@sle15: SLES-15-030810
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
-index 0fe3f728a..b78fd700f 100644
+index e607f1ab9..40bbfbb49 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
-@@ -32,7 +32,7 @@ references:
-     disa: CCI-000366
+@@ -31,7 +31,7 @@ references:
+     cis@ubuntu2204: 1.1.4.1
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010544
 -    stigid@rhel8: RHEL-08-010544
@@ -10123,31 +9402,11 @@ index 0fe3f728a..b78fd700f 100644
  
  {{{ complete_ocil_entry_separate_partition(part="/var/tmp") }}}
  
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
-index c3baa1b80..be83f158f 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
-index 917fc7dc4..bc1d7c63c 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
-index 1f62e436c..10278a708 100644
+index 0c1f1e2f1..69d5901bb 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-010063
      stigid@ol8: OL08-00-020032
@@ -10156,22 +9415,12 @@ index 1f62e436c..10278a708 100644
  
  ocil_clause: 'disable-user-list has not been configured or is not disabled'
  
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
-index f5d68f1c3..91f02c0d4 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
-index ea6da5dbd..3d2395dd0 100644
+index 3829aa092..1211f58ab 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
-@@ -33,7 +33,7 @@ references:
-     disa: CCI-000057,CCI-000056
+@@ -32,7 +32,7 @@ identifiers:
+ references:
      srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol8: OL08-00-020050
 -    stigid@rhel8: RHEL-08-020050
@@ -10179,31 +9428,11 @@ index ea6da5dbd..3d2395dd0 100644
  
  ocil_clause: 'removal-action has not been configured'
  
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
-index 45e6c24aa..e06d9600f 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
-index 6b19c8138..1f656f5a8 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
-index 163bc2196..255da2cff 100644
+index 58c24a33e..e632a351c 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      srg: SRG-OS-000480-GPOS-00229
      stigid@ol7: OL07-00-010440
      stigid@ol8: OL08-00-010820
@@ -10212,151 +9441,11 @@ index 163bc2196..255da2cff 100644
  
  ocil_clause: 'GDM allows users to automatically login'
  
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
-index ef2933c52..0d72f6f65 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/bash/shared.sh b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/bash/shared.sh
-index 52d6589cb..34b6cab0d 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/bash/shared.sh
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,multi_platform_fedora,multi_platform_ol
- 
- if rpm --quiet -q gdm
- then
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
-index 0ca67c74a..332a5018a 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
-index 60417ff4e..0af05e798 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
-index ac168ef9f..69ecfa6a7 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
-index 51e4063c3..3591b7266 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
-index 33460b61c..04074e66b 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
-index 4e389aa5c..254db9bfe 100644
---- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
-index c3922e5b0..40515598a 100644
---- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
-index 09eed8367..601191b49 100644
---- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
-index bf1efbe61..efa5b96a6 100644
---- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
-index f7c7b4379..95781d5ab 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
-index d3f144c89..ae170b802 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
-index 5b08acff4..d1af90b16 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
-index 1daf160b9..0373651ce 100644
+index 4f6bd8a78..17bdc082c 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
      stigid@ol7: OL07-00-010070
      stigid@ol8: OL08-00-020060
@@ -10365,21 +9454,11 @@ index 1daf160b9..0373651ce 100644
      stigid@sle12: SLES-12-010080
      stigid@sle15: SLES-15-010120
      stigid@ubuntu2204: UBTU-22-271025
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
-index 9d034e519..2c45806b4 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
-index 4341b6a35..88da01dd6 100644
+index ae653b81b..81e55548b 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
      stigid@ol7: OL07-00-010110
      stigid@ol8: OL08-00-020031
@@ -10388,21 +9467,11 @@ index 4341b6a35..88da01dd6 100644
      stigid@ubuntu2204: UBTU-22-271025
  
  ocil_clause: 'the screensaver lock delay is missing, or is set to a value greater than {{{ xccdf_value("var_screensaver_lock_delay") }}}'
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
-index d04e6893f..5b9cba007 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
-index 654825af0..015e80773 100644
+index 9e7d71395..6c868e42f 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
-@@ -54,7 +54,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol7: OL07-00-010060
      stigid@ol8: OL08-00-020030,OL08-00-020082
@@ -10411,21 +9480,11 @@ index 654825af0..015e80773 100644
      stigid@sle12: SLES-12-010060
      stigid@sle15: SLES-15-010100
      stigid@ubuntu2004: UBTU-20-010004
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
-index 34ff91ab3..875abf68d 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
-index 2a5e4079a..02c981e1e 100644
+index 633670dbc..a51d504e2 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      pcidss: Req-8.1.8
      srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol7: OL07-00-010062
@@ -10434,41 +9493,11 @@ index 2a5e4079a..02c981e1e 100644
  
  ocil_clause: 'screensaver locking is not locked'
  
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
-index 4dbe2b3c8..7313b6bcd 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
-index 606e00c5f..792db4ca4 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
-index ed7d98843..a41cb7151 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
-index 9cc43aab3..c3b1eef55 100644
+index cfea5c9dd..6c100a046 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
      stigid@ol7: OL07-00-010081
      stigid@ol8: OL08-00-020080
@@ -10477,21 +9506,11 @@ index 9cc43aab3..c3b1eef55 100644
  
  ocil_clause: 'GNOME3 session settings are not locked or configured properly'
  
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
-index c379700ad..6d91cec21 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
-index d0b55e52f..9a20f4f0c 100644
+index b7d93c509..4db15007f 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
      stigid@ol7: OL07-00-010082
      stigid@ol8: OL08-00-020081
@@ -10500,21 +9519,11 @@ index d0b55e52f..9a20f4f0c 100644
      stigid@sle12: SLES-12-010080
      stigid@sle15: SLES-15-010120
  
-diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
-index 9830ea565..c0913adb5 100644
---- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
-index 4c84a707c..9c2a07a78 100644
+index 398837a05..a1e3af64c 100644
 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020231
      stigid@ol8: OL08-00-040171
@@ -10523,56 +9532,24 @@ index 4c84a707c..9c2a07a78 100644
      stigid@ubuntu2004: UBTU-20-010459
      stigid@ubuntu2204: UBTU-22-271030
  
-diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
-index fa4f578ef..f0d0708d1 100644
---- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/group.yml b/linux_os/guide/system/software/gnome/group.yml
-index c7617bc43..7de8de33c 100644
---- a/linux_os/guide/system/software/gnome/group.yml
-+++ b/linux_os/guide/system/software/gnome/group.yml
-@@ -12,7 +12,7 @@ description: |-
-     {{% if 'ol' in product %}}
-     Oracle Linux Graphical environment.
-     {{% else %}}
--    Red Hat Graphical environment.
-+    AlmaLinux Graphical environment.
-     {{% endif %}}
-     


-     For more information on GNOME and the GNOME Project, see {{{ weblink(link="https://www.gnome.org") }}}.
 diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
-index e0b7e6db5..e493211ea 100644
+index 24223598f..eb1db3fa3 100644
 --- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
 +++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
-@@ -4,6 +4,7 @@
+@@ -4,7 +4,7 @@
          The operating system installed on the system is supported by a vendor that provides security patches.
        ") }}}
      
+-      
 +      
        
        
-       
+       
 diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
-index 8b47069e6..5da8ae82c 100644
+index 67c30bb55..396b22f2e 100644
 --- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
 +++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
-@@ -8,6 +8,9 @@ description: |-
- {{% if 'ol' in product %}}
-     Oracle Linux is supported by Oracle Corporation. As the Oracle
-     Linux vendor, Oracle Corporation is responsible for providing security patches.
-+{{% elif product == "almalinux8" %}}
-+    AlmaLinux is supported by AlmaLinux. As the AlmaLinux
-+    vendor, AlmaLinux is responsible for providing security patches.
- {{% elif product in ["sle12", "sle15", "slmicro5"] %}}
-     SUSE Linux Enterprise is supported by SUSE. As the SUSE Linux Enterprise
-     vendor, SUSE is responsible for providing security patches.
-@@ -48,7 +51,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020250
      stigid@ol8: OL08-00-010000
@@ -10582,10 +9559,10 @@ index 8b47069e6..5da8ae82c 100644
      stigid@sle15: SLES-15-010000
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
-index da8686d40..78ac0f50b 100644
+index 8f5d6697f..07e0753c6 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      nist: SC-13,SC-12(2),SC-12(3)
      srg: SRG-OS-000423-GPOS-00187,SRG-OS-000426-GPOS-00190
      stigid@ol8: OL08-00-010020
@@ -10665,10 +9642,10 @@ index dd096ab41..b180ed3b3 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
-index e5b8bd84f..443aae23e 100644
+index 93073191c..9fcd75990 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
-@@ -68,7 +68,7 @@ references:
+@@ -67,7 +67,7 @@ references:
      ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1
      srg: SRG-OS-000396-GPOS-00176,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174
      stigid@ol8: OL08-00-010020
@@ -10810,10 +9787,10 @@ index 9461c3ddd..54a9e50d6 100644
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
-index 55b77f667..19f3893df 100644
+index deecd540d..c0389af8a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      nist: AC-17(2)
      srg: SRG-OS-000250-GPOS-00093,SRG-OS-000423-GPOS-00187
      stigid@ol8: OL08-00-010295
@@ -10867,10 +9844,10 @@ index 3776d35aa..d1c88830e 100644
  configfile=/etc/crypto-policies/back-ends/gnutls.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
-index f7785a436..dce2f358a 100644
+index da3b61ed3..02b0c4c3d 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
-@@ -30,7 +30,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      nist: SC-13,SC-12(2),SC-12(3)
      srg: SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010020
@@ -10912,10 +9889,10 @@ index 4eb5348f2..2437eb0a9 100644
  rm -f /etc/krb5.conf.d/crypto-policies
  ln -s /etc/crypto-policies/back-ends/openssh.config /etc/krb5.conf.d/crypto-policies
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
-index eebc3f626..40cc3e8fb 100644
+index ad4166c4f..905a5213d 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      pcidss: Req-2.2
      srg: SRG-OS-000033-GPOS-00014
      stigid@ol8: OL08-00-010020
@@ -10983,10 +9960,10 @@ index 2863c6102..495d4eab8 100644
  
  cp ipsec.conf /etc
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
-index 20101a46a..65845042a 100644
+index 6a762273e..00278e36a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      pcidss: Req-2.2
      srg: SRG-OS-000250-GPOS-00093
      stigid@ol8: OL08-00-010293
@@ -11051,10 +10028,10 @@ index 1b2ea8d80..085f6172d 100644
  . common.sh
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
-index 189529be0..770a9a9fa 100644
+index 4db3f28bb..12c44fe23 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist: AC-17(2)
      srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174
      stigid@ol8: OL08-00-010294
@@ -11075,38 +10052,38 @@ index 48ccb9b98..8737c085c 100644
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_commented.fail.sh
-index 8d84292b3..596fc1a1d 100644
+index b795b8131..a2c756f08 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_commented.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
+ # remediation = none
  
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_followed_by_incorrect.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
-index 3a17e7865..0628c5a37 100644
+index 29578e8f6..265ce311c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/correct_followed_by_incorrect.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
+ # remediation = none
  
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/empty_policy.fail.sh
-index 209a6bd40..942a24877 100644
+index 98b767a45..0b4d924f7 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/empty_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/empty_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
+ # remediation = none
  
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_followed_by_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
 index 26d67f1e9..5b1007a3e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_followed_by_correct.pass.sh
@@ -11119,32 +10096,32 @@ index 26d67f1e9..5b1007a3e 100644
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_policy.fail.sh
-index a8fb8a6b8..b22446eec 100644
+index 71164c391..ea1d9a6f7 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/incorrect_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
+ # remediation = none
  
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/missing_file.fail.sh
-index 1593ce8ae..948525def 100644
+index 78f3efb8a..d9c6a98e6 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/missing_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/tests/missing_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = multi_platform_fedora,Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
+ # remediation = none
  
  configfile=/etc/crypto-policies/back-ends/opensslcnf.config
- 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
-index d16504f26..e843d36e2 100644
+index 4fa1ebb05..54b6b4f4b 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      pcidss: Req-2.2
      srg: SRG-OS-000250-GPOS-00093
      stigid@ol8: OL08-00-010287
@@ -11628,15 +10605,15 @@ index 6db8f9654..8a986c8c1 100644
  {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
-index 4f2429fec..377144c32 100644
+index a14fe4799..9fef081d0 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
-@@ -31,7 +31,7 @@ references:
+@@ -30,7 +30,7 @@ identifiers:
+ references:
      nist: AC-17(2)
      srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000423-GPOS-00187
-     stigid@ol8: OL08-00-010020
--    stigid@rhel8: RHEL-08-010020
-+    stigid@almalinux8: RHEL-08-010020
+-    stigid@rhel8: RHEL-08-010020,RHEL-08-010296
++    stigid@almalinux8: RHEL-08-010020,RHEL-08-010296
  
  ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
  
@@ -11729,7 +10706,7 @@ index 1a198d67d..28e1f4239 100644
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
-index e83aeb894..b1c1a548e 100644
+index f8359f007..271deab3d 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -11739,7 +10716,7 @@ index e83aeb894..b1c1a548e 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh
-index 365136d0c..b6386ea66 100644
+index 43fed0ef3..91bee459d 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -11749,7 +10726,7 @@ index 365136d0c..b6386ea66 100644
  {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml
-index 41994d946..3fc7c8a03 100644
+index 2677b284e..7ded128b2 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml
 @@ -16,7 +16,7 @@
@@ -11762,7 +10739,7 @@ index 41994d946..3fc7c8a03 100644
      {{%- else -%}}
      ^(?!#).*Ciphers\s+([^\s']+).*$
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
-index 5d5b47d86..e45953b86 100644
+index c31d66b1c..3c605e15b 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
 @@ -31,7 +31,7 @@ references:
@@ -11937,15 +10914,15 @@ index 451da4db3..01f233fc4 100644
  {{{ bash_instantiate_variables("sshd_approved_macs") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
-index 902ef3559..d25a25aca 100644
+index 77e07ee35..cfdee0a41 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -28,7 +28,7 @@ identifiers:
+ references:
      nist: AC-17(2)
      srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093
-     stigid@ol8: OL08-00-010290
--    stigid@rhel8: RHEL-08-010020
-+    stigid@almalinux8: RHEL-08-010020
+-    stigid@rhel8: RHEL-08-010020,RHEL-08-010296
++    stigid@almalinux8: RHEL-08-010020,RHEL-08-010296
  
  ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
  
@@ -12038,7 +11015,7 @@ index 4f335aebc..e50f36bfa 100644
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml
-index 6a0e45947..ee0d1a562 100644
+index 687b5ecd3..65272c06d 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -12048,7 +11025,7 @@ index 6a0e45947..ee0d1a562 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh
-index 18388a11a..44fe61f7c 100644
+index 0c124e624..1466d1689 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -12057,8 +11034,21 @@ index 18388a11a..44fe61f7c 100644
  
  {{{ bash_instantiate_variables("sshd_approved_macs") }}}
  
+diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/oval/shared.xml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/oval/shared.xml
+index acb433170..f1cf7e27a 100644
+--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/oval/shared.xml
++++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/oval/shared.xml
+@@ -16,7 +16,7 @@
+ 
+   
+     {{{ PATH }}}
+-    {{%- if product in ["ol8", "rhel8"] -%}}
++    {{%- if product in ["ol8", "rhel8", "almalinux8"] -%}}
+     ^(?!#).*-oMACs=([^\s']+).*$
+     {{%- else -%}}
+     ^(?!#).*MACs\s+([^\s']+).*$
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
-index d7c054c99..d2b719876 100644
+index 2841d3250..7be55e76f 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
 @@ -29,7 +29,7 @@ references:
@@ -12155,22 +11145,12 @@ index 298c79dc0..d501c7a5b 100644
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
  
  echo "wrong data" > /etc/profile.d/openssl-rand.sh
-diff --git a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
-index 782c94b4d..7a4862443 100644
---- a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
-+++ b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
-index 88d8a4312..dde17fabc 100644
+index 0a1b6cbd2..0e3405504 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
-@@ -33,7 +33,7 @@ references:
-     disa: CCI-001263,CCI-000366
+@@ -32,7 +32,7 @@ identifiers:
+ references:
      nist: SI-2(2)
      srg: SRG-OS-000191-GPOS-00080
 -    stigid@rhel8: RHEL-08-010001
@@ -12179,10 +11159,10 @@ index 88d8a4312..dde17fabc 100644
  
  ocil_clause: 'the package is not installed'
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
-index 187038823..df95eb3df 100644
+index 7cd41cb80..baf9fdd05 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      ospp: FCS_RBG_EXT.1
      srg: SRG-OS-000478-GPOS-00223
      stigid@ol8: OL08-00-010020
@@ -12192,7 +11172,7 @@ index 187038823..df95eb3df 100644
  ocil_clause: 'the Dracut FIPS module is not enabled'
  
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
-index 9c232fc94..f3d71ee21 100644
+index d0a400adf..1f0cf1317 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
 +++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
 @@ -1,6 +1,6 @@
@@ -12200,9 +11180,9 @@ index 9c232fc94..f3d71ee21 100644
  # packages = crypto-policies-scripts
 -# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_ol
 +# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_ol
- 
- fips-mode-setup --enable
- FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
+ {{% if 'rhel' in product %}}
+ # remediation = none
+ {{% endif %}}
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
 index b92e82236..138d2c997 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
@@ -12238,10 +11218,10 @@ index ca46a3606..16261f584 100644
      check="all" check_existence="all_exist"
      comment="FIPS mode is selected in running kernel options">
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
-index 1687fcac9..8d2f9271a 100644
+index 2fb0f36f4..6567fe24d 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
-@@ -59,7 +59,7 @@ references:
+@@ -58,7 +58,7 @@ references:
      ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1,FCS_RBG_EXT.1
      srg: SRG-OS-000478-GPOS-00223,SRG-OS-000396-GPOS-00176
      stigid@ol8: OL08-00-010020
@@ -12250,11 +11230,24 @@ index 1687fcac9..8d2f9271a 100644
  
  ocil_clause: 'FIPS mode is not enabled'
  
+diff --git a/linux_os/guide/system/software/integrity/fips/fips_crypto_subpolicy/rule.yml b/linux_os/guide/system/software/integrity/fips/fips_crypto_subpolicy/rule.yml
+index 476d3d6fd..838837382 100644
+--- a/linux_os/guide/system/software/integrity/fips/fips_crypto_subpolicy/rule.yml
++++ b/linux_os/guide/system/software/integrity/fips/fips_crypto_subpolicy/rule.yml
+@@ -19,7 +19,7 @@ identifiers:
+ 
+ references:
+     srg: SRG-OS-000033-GPOS-00014
+-    stigid@rhel8: RHEL-08-010020
++    stigid@almalinux8: RHEL-08-010020
+ 
+ severity: medium
+ 
 diff --git a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
-index 61093f4b2..4041785ef 100644
+index 9ede74c26..37f1d424f 100644
 --- a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist: SC-12(2),SC-12(3),IA-7,SC-13,CM-6(a),SC-12
      srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000396-GPOS-00176,SRG-OS-000423-GPOS-00187,SRG-OS-000478-GPOS-00223
      stigid@ol8: OL08-00-010020
@@ -12263,21 +11256,11 @@ index 61093f4b2..4041785ef 100644
  
  ocil_clause: 'crypto.fips_enabled is not 1'
  
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
-index b320fccb5..5e1c5b637 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- 
- {{% if 'sle' in product or 'slmicro' in produc %}}
- zypper -q --no-remote ref
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
-index 7cef39f6c..cb13929ea 100644
+index 8585f0c65..679386d76 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
-@@ -62,7 +62,7 @@ references:
+@@ -60,7 +60,7 @@ references:
      srg: SRG-OS-000445-GPOS-00199
      stigid@ol7: OL07-00-020029
      stigid@ol8: OL08-00-010359
@@ -12286,31 +11269,11 @@ index 7cef39f6c..cb13929ea 100644
      stigid@sle12: SLES-12-010499
      stigid@sle15: SLES-15-010419
      stigid@ubuntu2004: UBTU-20-010450
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
-index c78b92690..39bab2902 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
-index eb25eaa3a..1c4e85445 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = false
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
-index 054ccc597..bb33da7f5 100644
+index 55949199a..2a20b9db7 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      nist: AU-9(3),AU-9(3).1
      srg: SRG-OS-000278-GPOS-00108
      stigid@ol8: OL08-00-030650
@@ -12319,75 +11282,11 @@ index 054ccc597..bb33da7f5 100644
      stigid@sle12: SLES-12-010540
      stigid@sle15: SLES-15-030630
      stigid@ubuntu2004: UBTU-20-010205
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
-index 1b0c304be..fe181733a 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = aide
- 
- aide --init
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
-index 236c0cebf..f91dce305 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = aide
- 
- declare -a bins
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
-index 7f422b6b2..efdd460cc 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = aide
- 
- declare -a bins
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
-index d76b93657..35c7a2400 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = aide
- 
- aide --init
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_checking_systemd_timer/tests/aide_timer_weekly.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_checking_systemd_timer/tests/aide_timer_weekly.pass.sh
-index c0d829568..f31f1584d 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_checking_systemd_timer/tests/aide_timer_weekly.pass.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_checking_systemd_timer/tests/aide_timer_weekly.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- #!/bin/bash
- # packages = aide
- 
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
-index dfa5c1b6c..60ac94141 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- 
- {{{ bash_package_install("aide") }}}
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
-index 457b1c08a..c31223f2d 100644
+index 8c2eeb208..0f38762e6 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000363-GPOS-00150,SRG-OS-000446-GPOS-00200,SRG-OS-000447-GPOS-00201
      stigid@ol7: OL07-00-020040
      stigid@ol8: OL08-00-010360
@@ -12396,45 +11295,35 @@ index 457b1c08a..c31223f2d 100644
      stigid@sle12: SLES-12-010510
      stigid@sle15: SLES-15-010570
  
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
-index 34a114520..b22a658da 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- {{{ bash_package_install("aide") }}}
- 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh
-index 62dd8a51e..1d3451837 100644
+index 6c59f7e22..f66a0b4d0 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/tests/correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = aide
--# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Virtualization 4,multi_platform_ol
+-# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_ol,multi_platform_almalinux
++# platform = Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Virtualization 4,multi_platform_ol,multi_platform_almalinux
  
  
  cat >/etc/aide.conf </etc/aide.conf </etc/aide.conf </etc/aide.conf </etc/aide.conf </etc/aide.conf <> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
-index 39ec72b52..a2849d3b4 100644
---- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
-+++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # variables = var_sudo_umask=0027
- 
- echo "Defaults use_pty,umask=0027,noexec" >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.fail.sh b/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.fail.sh
-index 0e5aed5d0..c75edccd5 100644
---- a/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- # Make sure sudo is owned by root group
+ # Package libselinux cannot be uninstalled normally
+ # as it would cause removal of sudo package which is
 diff --git a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
-index c72f29c20..0a8a82e1a 100644
+index 024b1ad5a..4f3a7ea09 100644
 --- a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000373-GPOS-00156,SRG-OS-000373-GPOS-00157,SRG-OS-000373-GPOS-00158
      stigid@ol7: OL07-00-010350
      stigid@ol8: OL08-00-010381
@@ -12705,10 +11422,10 @@ index c72f29c20..0a8a82e1a 100644
      stigid@sle15: SLES-15-010450
  
 diff --git a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
-index 1a68d6454..8d702f3b7 100644
+index 988208bc3..4518188aa 100644
 --- a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000373-GPOS-00156,SRG-OS-000373-GPOS-00157,SRG-OS-000373-GPOS-00158
      stigid@ol7: OL07-00-010340
      stigid@ol8: OL08-00-010380
@@ -12718,10 +11435,10 @@ index 1a68d6454..8d702f3b7 100644
      stigid@sle15: SLES-15-010450
  
 diff --git a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
-index 04d3ad280..38dd80953 100644
+index 493e1c964..4e2a2b604 100644
 --- a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      srg: SRG-OS-000373-GPOS-00156,SRG-OS-000373-GPOS-00157,SRG-OS-000373-GPOS-00158
      stigid@ol7: OL07-00-010343
      stigid@ol8: OL08-00-010384
@@ -12731,10 +11448,10 @@ index 04d3ad280..38dd80953 100644
      stigid@sle15: SLES-15-020102
  
 diff --git a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
-index 6dc971d80..ea823aeed 100644
+index 62a70ca56..05dcab394 100644
 --- a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-010341
      stigid@ol8: OL08-00-010382
@@ -12744,10 +11461,10 @@ index 6dc971d80..ea823aeed 100644
      stigid@sle15: SLES-15-020101
  
 diff --git a/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml b/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
-index 00f7c6b01..3fcee6354 100644
+index 042845272..cabcf26b0 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-010339
      stigid@ol8: OL08-00-010379
@@ -12757,10 +11474,10 @@ index 00f7c6b01..3fcee6354 100644
      stigid@sle15: SLES-15-020099
  
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
-index 4500f23e9..7174bbdd3 100644
+index fc3df90d8..faa905052 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-010342
      stigid@ol8: OL08-00-010383
@@ -12769,113 +11486,13 @@ index 4500f23e9..7174bbdd3 100644
      stigid@sle12: SLES-12-010112
      stigid@sle15: SLES-15-020103
  
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
-index 4cf3ce661..296d0b930 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- echo 'Defaults !targetpw' >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
-index ee448e531..13b381ede 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- touch /etc/sudoers.d/empty
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
-index ef3750b2f..ccef4017d 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- echo 'Defaults !targetpw' >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
-index ebbcef34d..0e3a3d43a 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- echo 'Defaults !targetpw' >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
-index 3794bb647..e8d9bbaa6 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
-@@ -1,4 +1,4 @@
--# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_slmicro
-+# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_slmicro
- # packages = sudo
- 
- echo 'Defaults !targetpw' >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
-index 81b218e1a..b8114e674 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- echo 'Defaults !targetpw' >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
-index 60354bba5..aebe5505f 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- echo 'Defaults !targetpw' >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
-index c8e38ccd0..7955c2d54 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- touch /etc/sudoers.d/empty
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
-index 4454ed38e..97a9346e2 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- touch /etc/sudoers.d/empty
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
-index 1de6b3bbb..06eadc9e9 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- touch /etc/sudoers.d/empty
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
-index 0c9ac75e3..d54c3bf0c 100644
+index 993388175..49b06ce8b 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-ccpp_removed/rule.yml
-@@ -19,7 +19,7 @@ identifiers:
+@@ -18,7 +18,7 @@ identifiers:
+ 
  references:
-     disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
@@ -12883,12 +11500,12 @@ index 0c9ac75e3..d54c3bf0c 100644
  {{{ complete_ocil_entry_package(package="abrt-addon-ccpp") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
-index 2dc267c10..201fae6fc 100644
+index 69a6ab027..aaeceeeff 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-kerneloops_removed/rule.yml
-@@ -19,7 +19,7 @@ identifiers:
+@@ -18,7 +18,7 @@ identifiers:
+ 
  references:
-     disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
@@ -12896,12 +11513,12 @@ index 2dc267c10..201fae6fc 100644
  {{{ complete_ocil_entry_package(package="abrt-addon-kerneloops") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
-index d801538ef..67e739ddc 100644
+index 5c2a4064f..d12eaf1de 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-addon-python_removed/rule.yml
-@@ -15,7 +15,7 @@ severity: low
+@@ -14,7 +14,7 @@ severity: low
+ 
  references:
-     disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
@@ -12909,12 +11526,12 @@ index d801538ef..67e739ddc 100644
  {{{ complete_ocil_entry_package(package="abrt-addon-python") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
-index ba990a148..0be012ec8 100644
+index 011e6e91e..59e5dfd7b 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-cli_removed/rule.yml
-@@ -19,7 +19,7 @@ identifiers:
+@@ -18,7 +18,7 @@ identifiers:
+ 
  references:
-     disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
@@ -12922,12 +11539,12 @@ index ba990a148..0be012ec8 100644
  {{{ complete_ocil_entry_package(package="abrt-cli") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
-index 67e715345..e3e9ad0a5 100644
+index 182812e46..f7adc9da6 100644
 --- a/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_abrt-plugin-sosreport_removed/rule.yml
-@@ -18,7 +18,7 @@ identifiers:
+@@ -17,7 +17,7 @@ identifiers:
+ 
  references:
-     disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
@@ -12935,11 +11552,11 @@ index 67e715345..e3e9ad0a5 100644
  {{{ complete_ocil_entry_package(package="abrt-plugin-sosreport") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
-index a9d20dd50..0b58fe214 100644
+index 105c6a404..46e88852d 100644
 --- a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
-@@ -22,7 +22,7 @@ references:
-     disa: CCI-000366,CCI-000381
+@@ -21,7 +21,7 @@ identifiers:
+ references:
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040370
 -    stigid@rhel8: RHEL-08-040370
@@ -12948,11 +11565,11 @@ index a9d20dd50..0b58fe214 100644
  {{{ complete_ocil_entry_package(package="gssproxy") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
-index 152061a7d..91eb3575f 100644
+index a8112d2d1..2c3bf23d4 100644
 --- a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
-@@ -21,7 +21,7 @@ references:
-     disa: CCI-000366,CCI-000381
+@@ -20,7 +20,7 @@ identifiers:
+ references:
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040380
 -    stigid@rhel8: RHEL-08-040380
@@ -12961,11 +11578,11 @@ index 152061a7d..91eb3575f 100644
  {{{ complete_ocil_entry_package(package="iprutils") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
-index 41d6e72da..7714313fe 100644
+index 107e7d1fb..55a7457b0 100644
 --- a/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
-@@ -22,7 +22,7 @@ references:
-     disa: CCI-000803
+@@ -21,7 +21,7 @@ identifiers:
+ references:
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010162
 -    stigid@rhel8: RHEL-08-010162
@@ -12974,11 +11591,11 @@ index 41d6e72da..7714313fe 100644
  platforms:
  {{%- if "rhel" in product %}}
 diff --git a/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml
-index 810e4f9c6..0ce578488 100644
+index 5f6a44e5f..997aa2d16 100644
 --- a/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_libreport-plugin-logger_removed/rule.yml
-@@ -23,7 +23,7 @@ references:
-     disa: CCI-000381
+@@ -22,7 +22,7 @@ identifiers:
+ references:
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040001
 -    stigid@rhel8: RHEL-08-040001
@@ -12987,12 +11604,12 @@ index 810e4f9c6..0ce578488 100644
  {{{ complete_ocil_entry_package(package="libreport-plugin-logger") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml
-index 55e11e45e..d940adb5e 100644
+index d2ec2ba3e..4b0e79788 100644
 --- a/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_libreport-plugin-rhtsupport_removed/rule.yml
-@@ -18,7 +18,7 @@ identifiers:
+@@ -17,7 +17,7 @@ identifiers:
+ 
  references:
-     disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
@@ -13000,12 +11617,12 @@ index 55e11e45e..d940adb5e 100644
  {{{ complete_ocil_entry_package(package="libreport-plugin-rhtsupport") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
-index 5a020f452..a3769b969 100644
+index cc57db6c7..e07f5babb 100644
 --- a/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_python3-abrt-addon_removed/rule.yml
-@@ -18,7 +18,7 @@ identifiers:
+@@ -17,7 +17,7 @@ identifiers:
+ 
  references:
-     disa: CCI-000381
      srg: SRG-OS-000095-GPOS-00049
 -    stigid@rhel8: RHEL-08-040001
 +    stigid@almalinux8: RHEL-08-040001
@@ -13013,11 +11630,11 @@ index 5a020f452..a3769b969 100644
  {{{ complete_ocil_entry_package(package="python3-abrt-addon") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
-index 400e92922..b3eb3baa9 100644
+index 0fc164a41..ce8bf1459 100644
 --- a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
-@@ -21,7 +21,7 @@ references:
-     disa: CCI-000366
+@@ -20,7 +20,7 @@ identifiers:
+ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010472
 -    stigid@rhel8: RHEL-08-010472
@@ -13026,11 +11643,11 @@ index 400e92922..b3eb3baa9 100644
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
-index 0e6096fd0..155f7e727 100644
+index d9cf8f1af..c580c4d63 100644
 --- a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
-@@ -23,7 +23,7 @@ references:
-     disa: CCI-000366,CCI-000381
+@@ -22,7 +22,7 @@ identifiers:
+ references:
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040390
 -    stigid@rhel8: RHEL-08-040390
@@ -13038,31 +11655,11 @@ index 0e6096fd0..155f7e727 100644
  
  {{{ complete_ocil_entry_package(package="tuned") }}}
  
-diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
-index e25b2e615..5ef42594e 100644
---- a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
-+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
-index 742c2e452..c7fdd0009 100644
---- a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
-+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- 
- {{% if 'sle' in product or 'slmicro' in product %}}
- {{{ bash_replace_or_append('/etc/zypp/zypp.conf', '^solver.upgradeRemoveDroppedPackages', 'true', '%s=%s') }}}
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
-index e247a6762..f0838be22 100644
+index 8248b92e2..c59780d86 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
 +++ b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      srg: SRG-OS-000437-GPOS-00194
      stigid@ol7: OL07-00-020200
      stigid@ol8: OL08-00-010440
@@ -13071,41 +11668,8 @@ index e247a6762..f0838be22 100644
      stigid@sle12: SLES-12-010570
      stigid@sle15: SLES-15-010560
      stigid@ubuntu2004: UBTU-20-010449
-diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
-index 4cba82b3c..1d8495018 100644
---- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
-+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- file={{{ pkg_manager_config_file }}}
- 
-diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
-index 3b3bd71f7..d54501d5c 100644
---- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
-+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- file={{{ pkg_manager_config_file }}}
- 
-diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
-index 8f2e4fac8..20d00061a 100644
---- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
-+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- file={{{ pkg_manager_config_file }}}
- 
 diff --git a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
-index d74db7b2b..b44ee67b3 100644
+index e43ee7994..8b41b5d93 100644
 --- a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -13115,7 +11679,7 @@ index d74db7b2b..b44ee67b3 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
-index ba0c54f3f..1890b7708 100644
+index 1c68a6ec3..fa8f50b84 100644
 --- a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -13124,44 +11688,60 @@ index ba0c54f3f..1890b7708 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
+diff --git a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/ansible/shared.yml b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/ansible/shared.yml
+index af72a7d18..8f5a02c51 100644
+--- a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/ansible/shared.yml
++++ b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # reboot = false
+ # strategy = enable
+ # complexity = low
+diff --git a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/bash/shared.sh b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/bash/shared.sh
+index eb390cd1f..ac318fa9a 100644
+--- a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/bash/shared.sh
++++ b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/bash/shared.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ 
+ function replace_all_gpgcheck {
+     sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/yum.repos.d/*
+diff --git a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/rule.yml b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/rule.yml
+index c0f0ea711..1466ca2f5 100644
+--- a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/rule.yml
++++ b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/rule.yml
+@@ -23,7 +23,7 @@ identifiers:
+ 
+ references:
+     srg: SRG-OS-000366-GPOS-00153
+-    stigid@rhel8: RHEL-08-010370
++    stigid@almalinux8: RHEL-08-010370
+ 
+ ocil_clause: 'GPG checking is disabled'
+ 
 diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
-index add0cd7dd..6a28ad95b 100644
+index add0cd7dd..4182d50d6 100644
 --- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
-@@ -4,7 +4,7 @@
- # complexity = medium
- # disruption = medium
- - name: "Read permission of GPG key directory"
--  ansible.builtin.stat:
-+  stat:
-     path: /etc/pki/rpm-gpg/
-   register: gpg_key_directory_permission
-   check_mode: no
-@@ -13,26 +13,27 @@
+@@ -13,7 +13,7 @@
  
  - name: Read signatures in GPG key
    # According to /usr/share/doc/gnupg2/DETAILS fingerprints are in "fpr" record in field 10
 -  ansible.builtin.command: gpg --show-keys --with-fingerprint --with-colons "/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9"
-+  command: gpg --show-keys --with-fingerprint --with-colons "/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux"
++  ansible.builtin.command: gpg --show-keys --with-fingerprint --with-colons "/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux"
    changed_when: False
    register: gpg_fingerprints
    check_mode: no
- 
- - name: Set Fact - Installed GPG Fingerprints
--  ansible.builtin.set_fact:
-+  set_fact:
-     gpg_installed_fingerprints: "{{ gpg_fingerprints.stdout | regex_findall('^pub.*\n(?:^fpr[:]*)([0-9A-Fa-f]*)', '\\1') | list }}"
- 
- - name: Set Fact - Valid fingerprints
--  ansible.builtin.set_fact:
-+  set_fact:
+@@ -26,13 +26,14 @@
+   ansible.builtin.set_fact:
      gpg_valid_fingerprints:
      - "{{{ release_key_fingerprint }}}"
 +    - "{{{ auxiliary_key_fingerprint }}}"
  
  - name: Import AlmaLinux GPG key
--  ansible.builtin.rpm_key:
-+  rpm_key:
+   ansible.builtin.rpm_key:
      state: present
 -    key: /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 +    key: /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux
@@ -13240,7 +11820,7 @@ index 74481fb18..7c991eeaa 100644
  
  {{% endif %}}
 diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
-index e1c9c1653..6ba48feb4 100644
+index e9c73de58..6108f159c 100644
 --- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
 @@ -5,10 +5,22 @@ title: 'Ensure AlmaLinux GPG Key Installed'
@@ -13270,16 +11850,7 @@ index e1c9c1653..6ba48feb4 100644
  
  rationale: |-
      Changes to software components can have significant effects on the overall
-@@ -24,7 +36,7 @@ references:
-     cjis: 5.10.4.1
-     cobit5: APO01.06,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS06.02
-     cui: 3.4.8
--    disa: CCI-001749
-+    disa: CCI-003992
-     hipaa: 164.308(a)(1)(ii)(D),164.312(b),164.312(c)(1),164.312(c)(2),164.312(e)(2)(i)
-     isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4
-     isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 7.6'
-@@ -42,8 +54,8 @@ ocil: |-
+@@ -41,8 +53,8 @@ ocil: |-
      To ensure that the GPG key is installed, run:
      
$ rpm -q --queryformat "%{SUMMARY}\n" gpg-pubkey

      The command should return the string below:
@@ -13302,20 +11873,11 @@ index 87b82cb01..01721fcba 100644
  
 -rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 +rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
-index 4366d9faa..4a3043290 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- 
- {{{ bash_replace_or_append( pkg_manager_config_file , '^gpgcheck', '1') }}}
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
-index 284bfe13d..a72a4b206 100644
+index f3471ec27..f179ef198 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
-@@ -57,7 +57,7 @@ references:
+@@ -55,7 +55,7 @@ references:
      srg: SRG-OS-000366-GPOS-00153
      stigid@ol7: OL07-00-020050
      stigid@ol8: OL08-00-010370
@@ -13325,10 +11887,10 @@ index 284bfe13d..a72a4b206 100644
      stigid@sle15: SLES-15-010430
  
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
-index 0d38f08a0..3c48a4f53 100644
+index 10afa2cf4..6add5b60c 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      srg: SRG-OS-000366-GPOS-00153
      stigid@ol7: OL07-00-020060
      stigid@ol8: OL08-00-010371
@@ -13337,66 +11899,11 @@ index 0d38f08a0..3c48a4f53 100644
  
  ocil_clause: 'there is no process to validate certificates for local packages that is approved by the organization'
  
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
-index 9fbd9fff2..71782514c 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = enable
- # complexity = low
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
-index fb6361d3c..e27d8c9d5 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- {{% if product in ["sle12", "sle15", "slmicro5"] %}}
- sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/zypp/repos.d/*
- {{% else %}}
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
-index aaba098c7..5e3b5a605 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
-@@ -50,7 +50,7 @@ references:
-     pcidss: Req-6.2
-     srg: SRG-OS-000366-GPOS-00153
-     stigid@ol8: OL08-00-010370
--    stigid@rhel8: RHEL-08-010370
-+    stigid@almalinux8: RHEL-08-010370
- 
- ocil_clause: 'GPG checking is disabled'
- 
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
-index 90ee6e0e0..4e2095f9c 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- 
- {{%- if product in ["sle12", "sle15", "slmicro5"] %}}
-   sed -i 's/gpgcheck\s*=.*/gpgcheck=0/g' /etc/zypp/repos.d/*
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
-index e6dfa5ba5..f90e114cd 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- 
- {{%- if product in ["sle12", "sle15", "slmicro5"] %}}
-   sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/zypp/repos.d/*
 diff --git a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
-index 86d0cb5d3..9cb7152f3 100644
+index 91be9d763..e4488ec89 100644
 --- a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
-@@ -53,7 +53,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      ospp: FPT_TUD_EXT.1,FPT_TUD_EXT.2
      pcidss: Req-6.2
      srg: SRG-OS-000366-GPOS-00153
@@ -13406,22 +11913,10 @@ index 86d0cb5d3..9cb7152f3 100644
  ocil_clause: 'the Red Hat GPG Key is not installed'
  
 diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
-index e77380808..ecda8e8c8 100644
+index c85045a1c..77c5f64d0 100644
 --- a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
 +++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
-@@ -16,6 +16,11 @@ description: |-
-     
$ sudo yum update

-     If the system is not configured to use one of these sources, updates (in the form of RPM packages)
-     can be manually downloaded from the ULN and installed using rpm.
-+{{% elif product in ["almalinux8"] %}}
-+    Run the following command to install updates:
-+    
$ sudo yum update

-+    If the system is not configured to use repos, updates (in the form of RPM packages)
-+    can be manually downloaded from the repos and installed using rpm.
- {{% elif product in ["sle12", "sle15", "slmicro5"] %}}
-     If the system is configured for online updates, invoking the following command will list available
-     security updates:
-@@ -60,7 +65,7 @@ references:
+@@ -64,7 +64,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020260
      stigid@ol8: OL08-00-010010
@@ -13430,19 +11925,6 @@ index e77380808..ecda8e8c8 100644
      stigid@sle12: SLES-12-010010
      stigid@sle15: SLES-15-010010
  
-diff --git a/product_properties/10-grub.yml b/product_properties/10-grub.yml
-index 436c6b492..3d4927544 100644
---- a/product_properties/10-grub.yml
-+++ b/product_properties/10-grub.yml
-@@ -6,7 +6,7 @@ default:
- 
- overrides:
- {{% if "rhel-like" in families and major_version_ordinal <= 8 %}}
--  grub2_uefi_boot_path: "/boot/efi/EFI/redhat"
-+  grub2_uefi_boot_path: "/boot/efi/EFI/almalinux"
- {{% endif %}}
- {{% if "suse" in families %}}
-   grub_helper_executable: "grub2-mkconfig"
 diff --git a/products/almalinux8/CMakeLists.txt b/products/almalinux8/CMakeLists.txt
 new file mode 100644
 index 000000000..511fdc1c4
@@ -15982,10 +14464,10 @@ index 000000000..56dee61a9
 +journald_conf_dir_path: /etc/systemd/journald.conf.d
 diff --git a/products/almalinux8/profiles/anssi_bp28_enhanced.profile b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
 new file mode 100644
-index 000000000..798a9bd81
+index 000000000..882d38cf3
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
-@@ -0,0 +1,53 @@
+@@ -0,0 +1,66 @@
 +documentation_complete: true
 +
 +metadata:
@@ -16012,12 +14494,21 @@ index 000000000..798a9bd81
 +    - var_password_hashing_algorithm=SHA512
 +    - var_password_pam_unix_rounds=65536
 +    - '!timer_logrotate_enabled'
++
 +    # disable R45: Enable AppArmor security profiles
 +    - '!apparmor_configured'
 +    - '!all_apparmor_profiles_enforced'
 +    - '!grub2_enable_apparmor'
 +    - '!package_apparmor_installed'
 +    - '!package_pam_apparmor_installed'
++
++    # An alternative solution for R67 is using nss-pam-ldapd package, in this case ensures SSL and certificate configuration
++    - ldap_client_start_tls
++    - ldap_client_tls_cacertpath
++
++    # Ensure nis is not used for RHEL 8 in R69
++    - no_nis_in_nsswitch
++
 +    # Following rules once had a prodtype incompatible with the rhel8 product
 +    - '!cracklib_accounts_password_pam_minlen'
 +    - '!sysctl_fs_protected_fifos'
@@ -16039,12 +14530,16 @@ index 000000000..798a9bd81
 +    - '!ensure_oracle_gpgkey_installed'
 +    - ensure_almalinux_gpgkey_installed
 +    - '!package_kea_removed'
++    - '!audit_rules_file_deletion_events_renameat2'
++    - '!audit_rules_dac_modification_fchmodat2'
++    - '!package_rsh-server_removed'
++    - '!package_rsh_removed'
 diff --git a/products/almalinux8/profiles/anssi_bp28_high.profile b/products/almalinux8/profiles/anssi_bp28_high.profile
 new file mode 100644
-index 000000000..1255baf6d
+index 000000000..30e251a96
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_high.profile
-@@ -0,0 +1,60 @@
+@@ -0,0 +1,74 @@
 +documentation_complete: true
 +
 +metadata:
@@ -16070,15 +14565,25 @@ index 000000000..1255baf6d
 +    - anssi:all:high
 +    - var_password_hashing_algorithm=SHA512
 +    - var_password_pam_unix_rounds=65536
++
 +    # the following rule renders UEFI systems unbootable
 +    - '!sebool_secure_mode_insmod'
 +    - '!timer_logrotate_enabled'
++
 +    # disable R45: Enable AppArmor security profiles
 +    - '!apparmor_configured'
 +    - '!all_apparmor_profiles_enforced'
 +    - '!grub2_enable_apparmor'
 +    - '!package_apparmor_installed'
 +    - '!package_pam_apparmor_installed'
++
++    # An alternative solution for R67 is using nss-pam-ldapd package, in this case ensures SSL and certificate configuration
++    - ldap_client_start_tls
++    - ldap_client_tls_cacertpath
++
++    # Ensure nis is not used for RHEL 8 in R69
++    - no_nis_in_nsswitch
++
 +    # Following rules once had a prodtype incompatible with the rhel8 product
 +    - '!kernel_config_gcc_plugin_structleak_byref_all'
 +    - '!accounts_passwords_pam_tally2_deny_root'
@@ -16105,12 +14610,16 @@ index 000000000..1255baf6d
 +    - '!ensure_oracle_gpgkey_installed'
 +    - ensure_almalinux_gpgkey_installed
 +    - '!package_kea_removed'
++    - '!audit_rules_file_deletion_events_renameat2'
++    - '!audit_rules_dac_modification_fchmodat2'
++    - '!package_rsh-server_removed'
++    - '!package_rsh_removed'
 diff --git a/products/almalinux8/profiles/anssi_bp28_intermediary.profile b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
 new file mode 100644
-index 000000000..c999bfe36
+index 000000000..d4092bc5e
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
-@@ -0,0 +1,41 @@
+@@ -0,0 +1,51 @@
 +documentation_complete: true
 +
 +metadata:
@@ -16136,6 +14645,14 @@ index 000000000..c999bfe36
 +  - anssi:all:intermediary
 +  - var_password_hashing_algorithm=SHA512
 +  - var_password_pam_unix_rounds=65536
++
++  # An alternative solution for R67 is using nss-pam-ldapd package, in this case ensures SSL and certificate configuration
++  - ldap_client_start_tls
++  - ldap_client_tls_cacertpath
++
++  # Ensure nis is not used for RHEL 8 in R69
++  - no_nis_in_nsswitch
++
 +  # Following rules once had a prodtype incompatible with the rhel8 product
 +  - '!cracklib_accounts_password_pam_minlen'
 +  - '!accounts_passwords_pam_tally2_deny_root'
@@ -16152,12 +14669,14 @@ index 000000000..c999bfe36
 +  - '!ensure_oracle_gpgkey_installed'
 +  - ensure_almalinux_gpgkey_installed
 +  - '!package_kea_removed'
++  - '!package_rsh-server_removed'
++  - '!package_rsh_removed'
 diff --git a/products/almalinux8/profiles/anssi_bp28_minimal.profile b/products/almalinux8/profiles/anssi_bp28_minimal.profile
 new file mode 100644
-index 000000000..e7ce60abb
+index 000000000..ad72e253f
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_minimal.profile
-@@ -0,0 +1,37 @@
+@@ -0,0 +1,39 @@
 +documentation_complete: true
 +
 +metadata:
@@ -16195,6 +14714,8 @@ index 000000000..e7ce60abb
 +  - '!ensure_oracle_gpgkey_installed'
 +  - ensure_almalinux_gpgkey_installed
 +  - '!package_kea_removed'
++  - '!package_rsh-server_removed'
++  - '!package_rsh_removed'
 diff --git a/products/almalinux8/profiles/cis.profile b/products/almalinux8/profiles/cis.profile
 new file mode 100644
 index 000000000..40d3e5ceb
@@ -16325,10 +14846,10 @@ index 000000000..d6e882959
 +    - '!package_dnsmasq_removed'
 diff --git a/products/almalinux8/profiles/cjis.profile b/products/almalinux8/profiles/cjis.profile
 new file mode 100644
-index 000000000..21af964ea
+index 000000000..2887b6872
 --- /dev/null
 +++ b/products/almalinux8/profiles/cjis.profile
-@@ -0,0 +1,146 @@
+@@ -0,0 +1,148 @@
 +documentation_complete: true
 +
 +hidden: true
@@ -16383,7 +14904,9 @@ index 000000000..21af964ea
 +    - audit_rules_dac_modification_removexattr
 +    - audit_rules_dac_modification_setxattr
 +    - audit_rules_login_events
-+    - audit_rules_session_events
++    - audit_rules_session_events_utmp
++    - audit_rules_session_events_btmp
++    - audit_rules_session_events_wtmp
 +    - audit_rules_unsuccessful_file_modification
 +    - audit_rules_privileged_commands
 +    - audit_rules_media_export
@@ -16516,10 +15039,10 @@ index 000000000..54629c569
 +    - var_system_crypto_policy=fips
 diff --git a/products/almalinux8/profiles/default.profile b/products/almalinux8/profiles/default.profile
 new file mode 100644
-index 000000000..9b5d9aa5e
+index 000000000..d816cfb50
 --- /dev/null
 +++ b/products/almalinux8/profiles/default.profile
-@@ -0,0 +1,720 @@
+@@ -0,0 +1,727 @@
 +documentation_complete: true
 +
 +hidden: true
@@ -17240,12 +15763,19 @@ index 000000000..9b5d9aa5e
 +    - package_mcafeetp_installed
 +    - harden_sshd_ciphers_openssh_conf_crypto_policy
 +    - harden_sshd_macs_openssh_conf_crypto_policy
++    - package_quagga_removed
++    - audit_rules_session_events
++    - tftpd_uses_secure_mode
++    - service_rexec_disabled
++    - service_rlogin_disabled
++    - service_zebra_disabled
++    - package_rsh-server_removed
 diff --git a/products/almalinux8/profiles/e8.profile b/products/almalinux8/profiles/e8.profile
 new file mode 100644
-index 000000000..85bf92a59
+index 000000000..7ca0688c5
 --- /dev/null
 +++ b/products/almalinux8/profiles/e8.profile
-@@ -0,0 +1,152 @@
+@@ -0,0 +1,149 @@
 +documentation_complete: true
 +
 +metadata:
@@ -17253,7 +15783,7 @@ index 000000000..85bf92a59
 +        - shaneboulden
 +        - tjbutt58
 +
-+reference: https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers 
++reference: https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers
 +
 +title: 'Australian Cyber Security Centre (ACSC) Essential Eight'
 +
@@ -17269,18 +15799,12 @@ index 000000000..85bf92a59
 +selections:
 +
 +  ### Remove obsolete packages
-+  - package_talk_removed
-+  - package_talk-server_removed
 +  - package_xinetd_removed
 +  - service_xinetd_disabled
 +  - package_ypbind_removed
 +  - package_telnet_removed
 +  - service_telnet_disabled
 +  - package_telnet-server_removed
-+  - package_rsh_removed
-+  - package_rsh-server_removed
-+  - service_zebra_disabled
-+  - package_quagga_removed
 +  - service_avahi-daemon_disabled
 +  - package_squid_removed
 +  - service_squid_disabled
@@ -17357,7 +15881,6 @@ index 000000000..85bf92a59
 +  - audit_rules_login_events_tallylog
 +  - audit_rules_login_events_faillock
 +  - audit_rules_login_events_lastlog
-+  - audit_rules_login_events
 +  - audit_rules_time_adjtimex
 +  - audit_rules_time_clock_settime
 +  - audit_rules_time_watch_localtime
@@ -17371,7 +15894,11 @@ index 000000000..85bf92a59
 +  - audit_rules_execution_seunshare
 +  - audit_rules_sysadmin_actions
 +  - audit_rules_networkconfig_modification
-+  - audit_rules_usergroup_modification
++  - audit_rules_usergroup_modification_group
++  - audit_rules_usergroup_modification_gshadow
++  - audit_rules_usergroup_modification_opasswd
++  - audit_rules_usergroup_modification_passwd
++  - audit_rules_usergroup_modification_shadow
 +  - audit_rules_dac_modification_chmod
 +  - audit_rules_dac_modification_chown
 +  - audit_rules_kernel_module_loading
@@ -17400,10 +15927,10 @@ index 000000000..85bf92a59
 +  - package_rear_installed
 diff --git a/products/almalinux8/profiles/hipaa.profile b/products/almalinux8/profiles/hipaa.profile
 new file mode 100644
-index 000000000..17a5de48d
+index 000000000..05d35bf89
 --- /dev/null
 +++ b/products/almalinux8/profiles/hipaa.profile
-@@ -0,0 +1,166 @@
+@@ -0,0 +1,162 @@
 +documentation_complete: True
 +
 +metadata:
@@ -17424,7 +15951,7 @@ index 000000000..17a5de48d
 +
 +    This profile configures AlmaLinux OS 8 to the HIPAA Security
 +    Rule identified for securing of electronic protected health information.
-+    Use of this profile in no way guarantees or makes claims against legal compliance against the HIPAA Security Rule(s).   
++    Use of this profile in no way guarantees or makes claims against legal compliance against the HIPAA Security Rule(s).
 +
 +selections:
 +    - grub2_password
@@ -17447,18 +15974,12 @@ index 000000000..17a5de48d
 +    - sshd_disable_root_login
 +    - libreswan_approved_tunnels
 +    - no_rsh_trust_files
-+    - package_rsh-server_removed
-+    - package_talk_removed
-+    - package_talk-server_removed
 +    - package_telnet_removed
 +    - package_telnet-server_removed
 +    - package_xinetd_removed
 +    - service_crond_enabled
-+    - service_rexec_disabled
-+    - service_rlogin_disabled
 +    - service_telnet_disabled
 +    - service_xinetd_disabled
-+    - service_zebra_disabled
 +    - use_kerberos_security_all_exports
 +    - var_authselect_profile=sssd
 +    - enable_authselect
@@ -17550,7 +16071,9 @@ index 000000000..17a5de48d
 +    - audit_rules_privileged_commands_umount
 +    - audit_rules_privileged_commands_unix_chkpwd
 +    - audit_rules_privileged_commands_userhelper
-+    - audit_rules_session_events
++    - audit_rules_session_events_utmp
++    - audit_rules_session_events_btmp
++    - audit_rules_session_events_wtmp
 +    - audit_rules_sysadmin_actions
 +    - audit_rules_system_shutdown
 +    - var_audit_failure_mode=panic
@@ -17572,10 +16095,10 @@ index 000000000..17a5de48d
 +    - audit_rules_usergroup_modification_shadow
 diff --git a/products/almalinux8/profiles/ism_o.profile b/products/almalinux8/profiles/ism_o.profile
 new file mode 100644
-index 000000000..8c9b11860
+index 000000000..a39efd13b
 --- /dev/null
 +++ b/products/almalinux8/profiles/ism_o.profile
-@@ -0,0 +1,139 @@
+@@ -0,0 +1,145 @@
 +documentation_complete: true
 +
 +metadata:
@@ -17682,8 +16205,14 @@ index 000000000..8c9b11860
 +  - sshd_print_last_log
 +  - sebool_auditadm_exec_content
 +  - audit_rules_privileged_commands
-+  - audit_rules_session_events
-+  - audit_rules_unsuccessful_file_modification
++  - audit_rules_session_events_utmp
++  - audit_rules_session_events_btmp
++  - audit_rules_session_events_wtmp
++  - audit_rules_usergroup_modification_group
++  - audit_rules_usergroup_modification_gshadow
++  - audit_rules_usergroup_modification_opasswd
++  - audit_rules_usergroup_modification_passwd
++  - audit_rules_usergroup_modification_shadow
 +  - audit_access_failed
 +  - audit_access_success
 +
@@ -18160,10 +16689,10 @@ index 000000000..094c14a62
 +    - zipl_page_poison_argument
 diff --git a/products/almalinux8/profiles/pci-dss.profile b/products/almalinux8/profiles/pci-dss.profile
 new file mode 100644
-index 000000000..7f8014f2b
+index 000000000..5cc9e2b8f
 --- /dev/null
 +++ b/products/almalinux8/profiles/pci-dss.profile
-@@ -0,0 +1,60 @@
+@@ -0,0 +1,65 @@
 +documentation_complete: true
 +
 +metadata:
@@ -18204,6 +16733,8 @@ index 000000000..7f8014f2b
 +    - '!package_talk-server_removed'
 +    - '!package_rsh_removed'
 +    - '!package_rsh-server_removed'
++    # Following rule are excluded since, "so far" no CCEs were defined for them and maybe irrelevant for rhel8
++    - '!enable_dconf_user_profile'
 +    # Following rules once had a prodtype incompatible with the rhel8 product
 +    - '!cracklib_accounts_password_pam_minlen'
 +    - '!nftables_ensure_default_deny_policy'
@@ -18224,6 +16755,9 @@ index 000000000..7f8014f2b
 +    - '!cracklib_accounts_password_pam_retry'
 +    - '!aide_periodic_checking_systemd_timer'
 +    - '!package_cryptsetup-luks_installed'
++    - '!audit_rules_file_deletion_events_renameat2'
++    - '!audit_rules_mac_modification_etc_selinux'
++    - '!audit_rules_dac_modification_fchmodat2'
 diff --git a/products/almalinux8/profiles/rht-ccp.profile b/products/almalinux8/profiles/rht-ccp.profile
 new file mode 100644
 index 000000000..79d0208f5
@@ -18432,14 +16966,14 @@ index 000000000..58025b460
 +    - file_permissions_user_cfg
 diff --git a/products/almalinux8/profiles/stig.profile b/products/almalinux8/profiles/stig.profile
 new file mode 100644
-index 000000000..996691bff
+index 000000000..0492af012
 --- /dev/null
 +++ b/products/almalinux8/profiles/stig.profile
-@@ -0,0 +1,1228 @@
+@@ -0,0 +1,1226 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: V2R2
++    version: V2R3
 +    SMEs:
 +        - mab879
 +        - ggbecker
@@ -18450,7 +16984,7 @@ index 000000000..996691bff
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG for Red Hat Enterprise Linux 8 V2R2.
++    DISA STIG for Red Hat Enterprise Linux 8 V2R3.
 +
 +    In addition to being applicable to Red Hat Enterprise Linux 8, this
 +    configuration baseline is applicable to the operating system tier of
@@ -18538,6 +17072,7 @@ index 000000000..996691bff
 +
 +    # RHEL-08-010020
 +    - sysctl_crypto_fips_enabled
++    - fips_crypto_subpolicy
 +
 +    # RHEL-08-010030
 +    - encrypt_partitions
@@ -18658,6 +17193,12 @@ index 000000000..996691bff
 +    # RHEL-08-010295
 +    - configure_gnutls_tls_crypto_policy
 +
++    # RHEL-08-010296
++    - harden_sshd_macs_openssh_conf_crypto_policy
++
++    # RHEL-08-010297
++    - harden_sshd_ciphers_openssh_conf_crypto_policy
++
 +    # RHEL-08-010300
 +    - file_permissions_binary_dirs
 +
@@ -18696,8 +17237,7 @@ index 000000000..996691bff
 +    - aide_scan_notification
 +
 +    # RHEL-08-010370
-+    - ensure_gpgcheck_globally_activated
-+    - ensure_gpgcheck_never_disabled
++    - enable_gpgcheck_for_all_repositories
 +
 +    # Necessary for package installs after gpgcheck is enabled
 +    - ensure_almalinux_gpgkey_installed
@@ -18761,8 +17301,7 @@ index 000000000..996691bff
 +    - grub2_vsyscall_argument
 +
 +    # RHEL-08-010423
-+    - grub2_slub_debug_argument
-+    - var_slub_debug_options=P
++    - grub2_init_on_free
 +
 +    # RHEL-08-010430
 +    - sysctl_kernel_randomize_va_space
@@ -18773,6 +17312,9 @@ index 000000000..996691bff
 +    # RHEL-08-010450
 +    - selinux_policytype
 +
++    # RHEL-08-010455
++    - selinux_context_elevation_for_sudo
++
 +    # RHEL-08-010460
 +    - no_host_based_files
 +
@@ -18915,6 +17457,7 @@ index 000000000..996691bff
 +    # RHEL-08-010770
 +    - file_permission_user_init_files_root
 +    - var_user_initialization_files_regex=all_dotfiles
++    - rootfiles_configured
 +
 +    # RHEL-08-010780
 +    - no_files_unowned_by_user
@@ -19005,14 +17548,6 @@ index 000000000..996691bff
 +    # RHEL-08-020101
 +    - accounts_password_pam_pwquality_system_auth
 +
-+    # RHEL-08-020102
-+    # This is only required for RHEL8 systems below version 8.4 where the
-+    # retry parameter was not yet available on /etc/security/pwquality.conf.
-+
-+    # RHEL-08-020103
-+    # This is only required for RHEL8 systems below version 8.4 where the
-+    # retry parameter was not yet available on /etc/security/pwquality.conf.
-+
 +    # RHEL-08-020104
 +    - accounts_password_pam_retry
 +
@@ -19409,9 +17944,6 @@ index 000000000..996691bff
 +    # RHEL-08-040004
 +    - grub2_pti_argument
 +
-+    # RHEL-08-040010
-+    - package_rsh-server_removed
-+
 +    # RHEL-08-040020
 +    - kernel_module_uvcvideo_disabled
 +
@@ -19609,7 +18141,7 @@ index 000000000..996691bff
 +    - sysctl_kernel_kptr_restrict
 +
 +    # RHEL-08-040284
-+    - sysctl_user_max_user_namespaces
++    - sysctl_user_max_user_namespaces_no_remediation
 +
 +    # RHEL-08-040285
 +    - sysctl_net_ipv4_conf_all_rp_filter
@@ -19645,7 +18177,7 @@ index 000000000..996691bff
 +    - sshd_use_approved_kex_ordered_stig
 +
 +    # RHEL-08-040350
-+    - tftpd_uses_secure_mode
++    - tftp_uses_secure_mode_systemd
 +
 +    # RHEL-08-040360
 +    - package_vsftpd_removed
@@ -19666,14 +18198,14 @@ index 000000000..996691bff
 +    - package_krb5-server_removed
 diff --git a/products/almalinux8/profiles/stig_gui.profile b/products/almalinux8/profiles/stig_gui.profile
 new file mode 100644
-index 000000000..0f9a28183
+index 000000000..8eb0242fb
 --- /dev/null
 +++ b/products/almalinux8/profiles/stig_gui.profile
-@@ -0,0 +1,51 @@
+@@ -0,0 +1,46 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: V2R2
++    version: V2R3
 +    SMEs:
 +        - mab879
 +        - ggbecker
@@ -19684,7 +18216,7 @@ index 000000000..0f9a28183
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG with GUI for Red Hat Enterprise Linux 8 V2R2.
++    DISA STIG with GUI for Red Hat Enterprise Linux 8 V2R3.
 +
 +    In addition to being applicable to Red Hat Enterprise Linux 8, this
 +    configuration baseline is applicable to the operating system tier of
@@ -19714,11 +18246,6 @@ index 000000000..0f9a28183
 +    # RHEL-08-040001
 +    - '!package_libreport-plugin-rhtsupport_removed'
 +
-+    # RHEL-08-040284
-+    # Limiting user namespaces cause issues with user apps, such as Firefox and Cheese
-+    # https://issues.redhat.com/browse/RHEL-10416
-+    - '!sysctl_user_max_user_namespaces'
-+
 +    # locking of idle sessions is handled by screensaver when GUI is present, the following rule is therefore redundant
 +    - '!logind_session_timeout'
 diff --git a/products/almalinux8/transforms/constants.xslt b/products/almalinux8/transforms/constants.xslt
@@ -19836,7 +18363,7 @@ index 000000000..1d94fd870
 +
 +
 diff --git a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-index f803e8ff0..0d908f044 100644
+index 42b866d3b..8560a7220 100644
 --- a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
 +++ b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
 @@ -16,6 +16,7 @@
@@ -19847,14 +18374,6 @@ index f803e8ff0..0d908f044 100644
  	multi_platform_rhv
  	multi_platform_sle
      multi_platform_slmicro5
-diff --git a/shared/references/disa-stig-almalinux8-v2r2-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v2r2-xccdf-manual.xml
-new file mode 120000
-index 000000000..faa263aeb
---- /dev/null
-+++ b/shared/references/disa-stig-almalinux8-v2r2-xccdf-manual.xml
-@@ -0,0 +1 @@
-+disa-stig-rhel8-v2r2-xccdf-manual.xml
-\ No newline at end of file
 diff --git a/shared/references/disa-stig-almalinux8-v2r2-xccdf-scap.xml b/shared/references/disa-stig-almalinux8-v2r2-xccdf-scap.xml
 new file mode 120000
 index 000000000..b35d1960b
@@ -19863,6 +18382,30 @@ index 000000000..b35d1960b
 @@ -0,0 +1 @@
 +disa-stig-rhel8-v2r2-xccdf-scap.xml
 \ No newline at end of file
+diff --git a/shared/references/disa-stig-almalinux8-v2r3-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v2r3-xccdf-manual.xml
+new file mode 120000
+index 000000000..d3aae96d6
+--- /dev/null
++++ b/shared/references/disa-stig-almalinux8-v2r3-xccdf-manual.xml
+@@ -0,0 +1 @@
++disa-stig-rhel8-v2r3-xccdf-manual.xml
+\ No newline at end of file
+diff --git a/shared/references/disa-stig-almalinux9-v2r4-xccdf-manual.xml b/shared/references/disa-stig-almalinux9-v2r4-xccdf-manual.xml
+new file mode 120000
+index 000000000..1f8134c9a
+--- /dev/null
++++ b/shared/references/disa-stig-almalinux9-v2r4-xccdf-manual.xml
+@@ -0,0 +1 @@
++disa-stig-rhel9-v2r4-xccdf-manual.xml
+\ No newline at end of file
+diff --git a/shared/references/disa-stig-almalinux9-v2r4-xccdf-scap.xml b/shared/references/disa-stig-almalinux9-v2r4-xccdf-scap.xml
+new file mode 120000
+index 000000000..0f5bbc678
+--- /dev/null
++++ b/shared/references/disa-stig-almalinux9-v2r4-xccdf-scap.xml
+@@ -0,0 +1 @@
++disa-stig-rhel9-v2r4-xccdf-scap.xml
+\ No newline at end of file
 diff --git a/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml b/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
 index e83699662..1efabcf62 100644
 --- a/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
@@ -19947,109 +18490,10 @@ index e83699662..1efabcf62 100644
  set superusers="[someuniquestringhere]"
  export superusers
  
-diff --git a/shared/references/disa-stig-ol8-v2r2-xccdf-scap.xml b/shared/references/disa-stig-ol8-v2r2-xccdf-scap.xml
-index 97dac8309..f188cf808 100644
---- a/shared/references/disa-stig-ol8-v2r2-xccdf-scap.xml
-+++ b/shared/references/disa-stig-ol8-v2r2-xccdf-scap.xml
-@@ -2850,7 +2850,7 @@ SHA_CRYPT_MIN_ROUNDS 5000
-             5416
-           
-           CCI-000213
--          Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
-+          Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
-  
- Generate an encrypted grub2 password for the grub superusers account with the following command: 
-  
-@@ -11097,7 +11097,7 @@ The "logind" service must be restarted for the changes to take effect. To restar
-             The OL8 system boots with United Extensable Firmware Interface (UEFI)
-           
-           
--            
-+            
-           
-         
-         
-@@ -11250,11 +11250,11 @@ Passwords need to be protected at all times, and encryption is the standard meth
-             
-             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system.  GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.
-           
--          
--            
-+          
-+            
-             
--              
--              
-+              
-+              
-             
-           
-         
-@@ -11874,7 +11874,7 @@ Configuration settings are the set of parameters that can be changed in hardware
-             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
-           
-           
--            
-+            
-             
-               
-               
-@@ -15425,7 +15425,7 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-         
-           
-         
--        
-+        
-           
-         
-         
-@@ -15479,11 +15479,11 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-           
-           
-         
--        
-+        
-           
-           
-         
--        
-+        
-           
-           
-         
-@@ -17231,8 +17231,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-         
-           gnome-shell
-         
--        
--          /boot/efi/EFI/redhat/grub.cfg
-+        
-+          /boot/efi/EFI/almalinux/grub.cfg
-         
-         
-           /boot/grub2/grub.cfg
-@@ -17308,13 +17308,13 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-           ^\s*SHA_CRYPT_MAX_ROUNDS\s+(\d*)
-           1
-         
--        
--          /boot/efi/EFI/redhat/grub.cfg
-+        
-+          /boot/efi/EFI/almalinux/grub.cfg
-           ^\s*set\s+superusers\s*=\s*"(\w+)"\s*$
-           1
-         
--        
--          /boot/efi/EFI/redhat/user.cfg
-+        
-+          /boot/efi/EFI/almalinux/user.cfg
-           ^\s*GRUB2_PASSWORD=(\S+)\b
-           1
-         
-diff --git a/shared/references/disa-stig-ol8-v2r3-xccdf-manual.xml b/shared/references/disa-stig-ol8-v2r3-xccdf-manual.xml
-index 7e5d2fce0..f4fc7a4be 100644
---- a/shared/references/disa-stig-ol8-v2r3-xccdf-manual.xml
-+++ b/shared/references/disa-stig-ol8-v2r3-xccdf-manual.xml
+diff --git a/shared/references/disa-stig-ol8-v2r4-xccdf-manual.xml b/shared/references/disa-stig-ol8-v2r4-xccdf-manual.xml
+index 3071029bd..41db6bc3c 100644
+--- a/shared/references/disa-stig-ol8-v2r4-xccdf-manual.xml
++++ b/shared/references/disa-stig-ol8-v2r4-xccdf-manual.xml
 @@ -425,7 +425,7 @@ SHA_CRYPT_MIN_ROUNDS 100000SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
-+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "100000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
- 
- Generate an encrypted grub2 password for the grub superusers account with the following command:
- 
-@@ -384,7 +384,7 @@ Confirm password:For systems that use BIOS, this is Not Applicable.
-+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
- 
- Verify that a unique name is set as the "superusers" account:
- 
--$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
-+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
- set superusers="[someuniquestringhere]"
- export superusers
- 
-diff --git a/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml
-index ecdb4b277..9702848cf 100644
---- a/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml
-+++ b/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml
-@@ -3264,7 +3264,7 @@ SHA_CRYPT_MIN_ROUNDS 100000
+diff --git a/shared/references/disa-stig-ol8-v2r4-xccdf-scap.xml b/shared/references/disa-stig-ol8-v2r4-xccdf-scap.xml
+index 3e1d42930..ec0e423c3 100644
+--- a/shared/references/disa-stig-ol8-v2r4-xccdf-scap.xml
++++ b/shared/references/disa-stig-ol8-v2r4-xccdf-scap.xml
+@@ -3389,7 +3389,7 @@ SHA_CRYPT_MIN_ROUNDS 100000
            
            
            CCI-000213
--          Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
-+          Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
- 
- Generate an encrypted grub2 password for the grub superusers account with the following command:
- 
-@@ -12501,8 +12501,8 @@ $ sudo systemctl restart systemd-logind
+-          Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
++          Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
+  
+ Generate an encrypted grub2 password for the grub superusers account with the following command: 
+  
+@@ -12636,8 +12636,8 @@ The "logind" service must be restarted for the changes to take effect. To restar
              
            
            
@@ -20142,2957 +18550,7 @@ index ecdb4b277..9702848cf 100644
            
          
          
-@@ -15447,7 +15447,8 @@ $ sudo systemctl restart systemd-logind
-           
-             The system is RHEL 8.1 or lower
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             
-           
-@@ -15459,7 +15460,8 @@ $ sudo systemctl restart systemd-logind
-           
-             The system is RHEL 8.2 or higher
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             
-           
-@@ -15508,7 +15510,8 @@ $ sudo systemctl restart systemd-logind
-           
-             The system is RHEL 8.3 or lower
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             
-           
-@@ -15520,7 +15523,8 @@ $ sudo systemctl restart systemd-logind
-           
-             The system is RHEL 8.4 or higher
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             
-           
-@@ -15572,7 +15576,8 @@ $ sudo systemctl restart systemd-logind
-           
-             RHEL-08-010000 - RHEL 8 must be a vendor-supported release.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             An operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.
- 
-@@ -15587,7 +15592,8 @@ Note: The life-cycle time spans and dates are subject to adjustment.
-             RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the Federal Government since this provides assurance they have been tested and validated.
- 
-@@ -15605,7 +15611,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPO
-           
-             RHEL-08-010070 - All RHEL 8 remote access methods must be monitored.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Remote access services, such as those providing remote access to network devices and information systems, which lack automated monitoring capabilities, increase risk and make remote user access management difficult at best.
- 
-@@ -15621,7 +15628,8 @@ Automated monitoring of remote access sessions allows organizations to detect cy
-           
-             RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.
- 
-@@ -15637,7 +15645,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
-           
-             RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The system must use a strong hashing algorithm to store the password.
- 
-@@ -15651,7 +15660,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
-           
-             RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The system must use a strong hashing algorithm to store the password. The system must use a sufficient number of hashing rounds to ensure the required level of entropy.
- 
-@@ -15665,7 +15675,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
-           
-             RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
-           
-@@ -15677,7 +15688,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
-           
-             RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
-           
-@@ -15689,7 +15701,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
-           
-             RHEL-08-010151 - RHEL 8 operating systems must require authentication upon booting into rescue mode.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If the system does not require valid root authentication before it boots into emergency or rescue mode, anyone who invokes emergency or rescue mode is granted privileged access to all files on the system.
-           
-@@ -15701,7 +15714,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
-           
-             RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
- 
-@@ -15717,7 +15731,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
-           
-             RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
- 
-@@ -15735,7 +15750,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
-           
-             RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
- 
-@@ -15753,7 +15769,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
-           
-             RHEL-08-010170 - RHEL 8 must use a Linux Security Module configured to enforce limits on system services.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
- 
-@@ -15767,7 +15784,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010171 - RHEL 8 must have policycoreutils package installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
- 
-@@ -15781,7 +15799,8 @@ Policycoreutils contains the policy core utilities that are required for basic o
-           
-             RHEL-08-010200 - RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Terminating an idle SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
- 
-@@ -15799,7 +15818,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
-           
-             RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -15813,7 +15833,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-010220 - The RHEL 8 /var/log/messages file must be owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -15827,7 +15848,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-010230 - The RHEL 8 /var/log/messages file must be group-owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -15841,7 +15863,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-010240 - The RHEL 8 /var/log directory must have mode 0755 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -15855,7 +15878,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-010250 - The RHEL 8 /var/log directory must be owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -15869,7 +15893,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -15883,7 +15908,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-010292 - RHEL 8 must ensure the SSH server uses strong entropy.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.
- 
-@@ -15897,7 +15923,8 @@ The SSH implementation in RHEL8 uses the OPENSSL library, which does not use hig
-           
-             RHEL-08-010294 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the OpenSSL package.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
- 
-@@ -15917,7 +15944,8 @@ Satisfies: SRG-OS-000250-GPOS-00093, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPO
-           
-             RHEL-08-010300 - RHEL 8 system commands must have mode 755 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -15931,7 +15959,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
-           
-             RHEL-08-010310 - RHEL 8 system commands must be owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -15945,7 +15974,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
-           
-             RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -15959,7 +15989,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
-           
-             RHEL-08-010330 - RHEL 8 library files must have mode 755 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -15973,7 +16004,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
-           
-             RHEL-08-010340 - RHEL 8 library files must be owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -15987,7 +16019,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
-           
-             RHEL-08-010350 - RHEL 8 library files must be group-owned by root or a system account.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -16001,7 +16034,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
-           
-             RHEL-08-010370 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
- 
-@@ -16017,7 +16051,8 @@ Verifying the authenticity of the software prior to installation validates the i
-           
-             RHEL-08-010371 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
- 
-@@ -16033,7 +16068,8 @@ Verifying the authenticity of the software prior to installation validates the i
-           
-             RHEL-08-010372 - RHEL 8 must prevent the loading of a new kernel for later execution.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
- 
-@@ -16055,7 +16091,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010373 - RHEL 8 must enable kernel parameters to enforce discretionary access control on symlinks.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
- 
-@@ -16081,7 +16118,8 @@ Satisfies: SRG-OS-000312-GPOS-00122, SRG-OS-000312-GPOS-00123, SRG-OS-000312-GPO
-           
-             RHEL-08-010374 - RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
- 
-@@ -16107,7 +16145,8 @@ Satisfies: SRG-OS-000312-GPOS-00122, SRG-OS-000312-GPOS-00123, SRG-OS-000312-GPO
-           
-             RHEL-08-010375 - RHEL 8 must restrict access to the kernel message buffer.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
- 
-@@ -16133,7 +16172,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010376 - RHEL 8 must prevent kernel profiling by unprivileged users.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
- 
-@@ -16159,7 +16199,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010380 - RHEL 8 must require users to provide a password for privilege escalation.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
- 
-@@ -16175,7 +16216,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
-           
-             RHEL-08-010381 - RHEL 8 must require users to reauthenticate for privilege escalation.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
- 
-@@ -16191,7 +16233,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
-           
-             RHEL-08-010390 - RHEL 8 must have the packages required for multifactor authentication installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Using an authentication device, such as a DoD Common Access Card (CAC) or token that is separate from the information system, ensures that even if the information system is compromised, credentials stored on the authentication device will not be affected.
- 
-@@ -16211,7 +16254,8 @@ This requirement only applies to components where this is specific to the functi
-           
-             RHEL-08-010421 - RHEL 8 must clear the page allocator to prevent use-after-free attacks.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
- 
-@@ -16227,7 +16271,8 @@ Satisfies: SRG-OS-000134-GPOS-00068, SRG-OS-000433-GPOS-00192
-           
-             RHEL-08-010422 - RHEL 8 must disable virtual syscalls.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Syscalls are special routines in the Linux kernel, which userspace applications ask to do privileged tasks.  Invoking a system call is an expensive operation because the processor must interrupt the currently executing task and switch context to kernel mode and then back to userspace after the system call completes.  Virtual Syscalls map into user space a page that contains some variables and the implementation of some system calls.  This allows the system calls to be executed in userspace to alleviate the context switching expense.
- 
-@@ -16243,7 +16288,8 @@ Satisfies: SRG-OS-000134-GPOS-00068, SRG-OS-000433-GPOS-00192
-           
-             RHEL-08-010423 - RHEL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
- 
-@@ -16261,7 +16307,8 @@ Satisfies: SRG-OS-000134-GPOS-00068, SRG-OS-000433-GPOS-00192
-           
-             RHEL-08-010430 - RHEL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
- 
-@@ -16283,7 +16330,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.
-           
-@@ -16295,7 +16343,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
- 
-@@ -16309,7 +16358,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010460 - There must be no shosts.equiv files on the RHEL 8 operating system.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The "shosts.equiv" files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
-           
-@@ -16321,7 +16371,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010470 - There must be no .shosts files on the RHEL 8 operating system.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The ".shosts" files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
-           
-@@ -16333,7 +16384,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010480 - The RHEL 8 SSH public host key files must have mode 0644 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If a public host key file is modified by an unauthorized user, the SSH service may be compromised.
-           
-@@ -16345,7 +16397,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010490 - The RHEL 8 SSH private host key files must have mode 0640 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If an unauthorized user obtains the private SSH host key file, the host could be impersonated.
-           
-@@ -16357,7 +16410,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010500 - The RHEL 8 SSH daemon must perform strict mode checking of home directory configuration files.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If other users have access to modify user-specific SSH configuration files, they may be able to log on to the system as another user.
-           
-@@ -16369,7 +16423,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010520 - The RHEL 8 SSH daemon must not allow authentication using known host’s authentication.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.
-           
-@@ -16381,7 +16436,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010521 - The RHEL 8 SSH daemon must not allow Kerberos authentication, except to fulfill documented and validated mission requirements.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Configuring these settings for the SSH daemon provides additional assurance that remote logon via SSH will not use unused methods of authentication, even in the event of misconfiguration elsewhere.
-           
-@@ -16393,7 +16449,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010540 - RHEL 8 must use a separate file system for /var.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
-           
-@@ -16405,7 +16462,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010541 - RHEL 8 must use a separate file system for /var/log.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
-           
-@@ -16417,7 +16475,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010542 - RHEL 8 must use a separate file system for the system audit data path.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
-           
-@@ -16429,7 +16488,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010543 - A separate RHEL 8 filesystem must be used for the /tmp directory.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
-           
-@@ -16441,7 +16501,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010550 - RHEL 8 must not permit direct logons to the root account using remote access via SSH.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Even though the communications channel may be encrypted, an additional layer of security is gained by extending the policy of not logging on directly as root. In addition, logging on with a user-specific account provides individual accountability of actions performed on the system.
-           
-@@ -16453,7 +16514,8 @@ This requirement applies to operating systems performing security function verif
-           
-             RHEL-08-010561 - The rsyslog service must be running in RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
- 
-@@ -16467,7 +16529,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010570 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that contain user home directories.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
-           
-@@ -16479,7 +16542,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010571 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
-           
-@@ -16491,7 +16555,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010580 - RHEL 8 must prevent special devices on non-root local partitions.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.  The only legitimate location for device files is the /dev directory located on the root partition.
-           
-@@ -16503,7 +16568,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010630 - RHEL 8 must prevent code from being executed on file systems that are imported via Network File System (NFS).
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The "noexec" mount option causes the system not to execute binary files. This option must be used for mounting any file system not containing approved binary as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
-           
-@@ -16515,7 +16581,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010640 - RHEL 8 must prevent special devices on file systems that are imported via Network File System (NFS).
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
-           
-@@ -16527,7 +16594,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010650 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS).
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
-           
-@@ -16539,7 +16607,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010671 - RHEL 8 must disable the kernel.core_pattern.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -16559,7 +16628,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010672 - RHEL 8 must disable acquiring, saving, and processing core dumps.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -16575,7 +16645,8 @@ When the kernel invokes systemd-coredumpt to handle a core dump, it runs in priv
-           
-             RHEL-08-010673 - RHEL 8 must disable core dumps for all users.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -16589,7 +16660,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010674 - RHEL 8 must disable storing core dumps.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -16603,7 +16675,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010675 - RHEL 8 must disable core dump backtraces.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -16617,7 +16690,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010680 - For RHEL 8 systems using Domain Name Servers (DNS) resolution, at least two name servers must be configured.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             To provide availability for name resolution services, multiple redundant name servers are mandated. A failure in name resolution could lead to the failure of security functions requiring name resolution, which may include time synchronization, centralized authentication, and remote system logging.
-           
-@@ -16629,7 +16703,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010720 - All RHEL 8 local interactive users must have a home directory assigned in the /etc/passwd file.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
-           
-@@ -16641,7 +16716,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010730 - All RHEL 8 local interactive user home directories must have mode 0750 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Excessive permissions on local interactive user home directories may allow unauthorized access to user files by other users.
-           
-@@ -16653,7 +16729,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010760 - All RHEL 8 local interactive user accounts must be assigned a home directory upon creation.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
-           
-@@ -16665,7 +16742,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010770 - All RHEL 8 local initialization files must have mode 0740 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Local initialization files are used to configure the user's shell environment upon logon. Malicious modification of these files could compromise accounts upon logon.
-           
-@@ -16677,7 +16755,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010800 - A separate RHEL 8 filesystem must be used for user home directories (such as /home or an equivalent).
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
-           
-@@ -16689,7 +16768,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010820 - Unattended or automatic logon via the RHEL 8 graphical user interface must not be allowed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Failure to restrict system access to authenticated users negatively impacts operating system security.
-           
-@@ -16701,7 +16781,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010830 - RHEL 8 must not allow users to override SSH environment variables.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             SSH environment options potentially allow users to bypass access restriction in some configurations.
-           
-@@ -16713,7 +16794,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-020010 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -16731,7 +16813,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
-           
-             RHEL-08-020011 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -16749,7 +16832,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
-           
-             RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -16767,7 +16851,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
-           
-             RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -16785,7 +16870,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
-           
-             RHEL-08-020014 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -16803,7 +16889,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
-           
-             RHEL-08-020015 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -16821,7 +16908,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
-           
-             RHEL-08-020018 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -16839,7 +16927,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
-           
-             RHEL-08-020019 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -16857,7 +16946,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
-           
-             RHEL-08-020020 - RHEL 8 must log user name information when unsuccessful logon attempts occur.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -16877,7 +16967,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
-           
-             RHEL-08-020021 - RHEL 8 must log user name information when unsuccessful logon attempts occur.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -16895,7 +16986,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
-           
-             RHEL-08-020022 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -16915,7 +17007,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
-           
-             RHEL-08-020023 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -16933,7 +17026,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
-           
-             RHEL-08-020024 - RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Operating system management includes the ability to control the number of users and user sessions that utilize an operating system. Limiting the number of allowed users and sessions per user is helpful in reducing the risks related to DoS attacks.
- 
-@@ -16947,7 +17041,8 @@ This requirement addresses concurrent sessions for information system accounts a
-           
-             RHEL-08-020030 - RHEL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
- 
-@@ -16965,7 +17060,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011
-           
-             RHEL-08-020050 - RHEL 8 must be able to initiate directly a session lock for all connection types using smartcard when the smartcard is removed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
- 
-@@ -16981,7 +17077,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011
-           
-             RHEL-08-020080 - RHEL 8 must prevent a user from overriding the session lock-delay setting for the graphical user interface.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, operating systems need to be able to identify when a user's session has idled and take action to initiate the session lock.
- 
-@@ -17001,7 +17098,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, SRG-OS-000480-GPO
-           
-             RHEL-08-020100 - RHEL 8 must ensure the password complexity module is enabled in the password-auth file.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
- 
-@@ -17017,7 +17115,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. This
-           
-             RHEL-08-020110 - RHEL 8 must enforce password complexity by requiring that at least one uppercase character be used.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -17033,7 +17132,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
-           
-             RHEL-08-020120 - RHEL 8 must enforce password complexity by requiring that at least one lower-case character be used.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -17049,7 +17149,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
-           
-             RHEL-08-020130 - RHEL 8 must enforce password complexity by requiring that at least one numeric character be used.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -17065,7 +17166,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
-           
-             RHEL-08-020140 - RHEL 8 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -17081,7 +17183,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           
-             RHEL-08-020150 - RHEL 8 must require the maximum number of repeating characters be limited to three when passwords are changed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -17097,7 +17200,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           
-             RHEL-08-020160 - RHEL 8 must require the change of at least four character classes when passwords are changed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -17113,7 +17217,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           
-             RHEL-08-020170 - RHEL 8 must require the change of at least 8 characters when passwords are changed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -17129,7 +17234,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           
-             RHEL-08-020180 - RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime restriction in /etc/shadow.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
-           
-@@ -17141,7 +17247,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           
-             RHEL-08-020190 - RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/login.defs.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
-           
-@@ -17153,7 +17260,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           
-             RHEL-08-020200 - RHEL 8 user account passwords must have a 60-day maximum password lifetime restriction.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
-           
-@@ -17165,7 +17273,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           
-             RHEL-08-020210 - RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
-           
-@@ -17177,7 +17286,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           
-             RHEL-08-020230 - RHEL 8 passwords must have a minimum of 15 characters.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
- 
-@@ -17197,7 +17307,8 @@ The DoD minimum password requirement is 15 characters.
-           
-             RHEL-08-020231 - RHEL 8 passwords for new users must have a minimum of 15 characters.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
- 
-@@ -17213,7 +17324,8 @@ The DoD minimum password requirement is 15 characters.
-           
-             RHEL-08-020240 - RHEL 8 duplicate User IDs (UIDs) must not exist for interactive users.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             To ensure accountability and prevent unauthenticated access, interactive users must be identified and authenticated to prevent potential misuse and compromise of the system.
- 
-@@ -17233,7 +17345,8 @@ Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062, SRG-OS-000042-GPO
-           
-             RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
- 
-@@ -17247,7 +17360,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
-           
-             RHEL-08-020280 - All RHEL 8 passwords must contain at least one special character.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -17263,7 +17377,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
-           
-             RHEL-08-020290 - RHEL 8 must prohibit the use of cached authentications after one day.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If cached authentication information is out-of-date, the validity of the authentication information may be questionable.
- 
-@@ -17277,7 +17392,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
-           
-             RHEL-08-020300 - RHEL 8 must prevent the use of dictionary words for passwords.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If RHEL 8 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses, and brute-force attacks.
-           
-@@ -17289,7 +17405,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
-           
-             RHEL-08-020310 - RHEL 8 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Configuring the operating system to implement organization-wide security implementation guides and security checklists verifies compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
- 
-@@ -17303,7 +17420,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-020330 - RHEL 8 must not allow accounts configured with blank or null passwords.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
-           
-@@ -17315,7 +17433,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-020340 - RHEL 8 must display the date and time of the last successful account logon upon logon.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Providing users with feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.
-           
-@@ -17327,7 +17446,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-020350 - RHEL 8 must display the date and time of the last successful account logon upon an SSH logon.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Providing users with feedback on when account accesses via SSH last occurred facilitates user recognition and reporting of unauthorized account use.
-           
-@@ -17339,7 +17459,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-020351 - RHEL 8 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Setting the most restrictive default permissions ensures that when new accounts are created, they do not have unnecessary access.
-           
-@@ -17351,7 +17472,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-030000 - The RHEL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider threats and the advanced persistent threat.
- 
-@@ -17365,7 +17487,8 @@ Satisfies: SRG-OS-000326-GPOS-00126, SRG-OS-000327-GPOS-00127
-           
-             RHEL-08-030020 - The RHEL 8 System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
- 
-@@ -17381,7 +17504,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
-           
-             RHEL-08-030030 - The RHEL 8 Information System Security Officer (ISSO) and System Administrator (SA) (at a minimum) must have mail aliases to be notified of an audit processing failure.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
- 
-@@ -17397,7 +17521,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
-           
-             RHEL-08-030040 - The RHEL 8 System must take appropriate action when an audit processing failure occurs.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
- 
-@@ -17413,7 +17538,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
-           
-             RHEL-08-030060 - The RHEL 8 audit system must take appropriate action when the audit storage volume is full.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is critical that when RHEL 8 is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.
- 
-@@ -17431,7 +17557,8 @@ When availability is an overriding concern, other approved actions in response t
-           
-             RHEL-08-030061 - The RHEL 8 audit system must audit local events.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
- 
-@@ -17445,7 +17572,8 @@ Audit record content that may be necessary to satisfy this requirement includes,
-           
-             RHEL-08-030062 - RHEL 8 must label all off-loaded audit logs before sending them to the central log server.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
- 
-@@ -17463,7 +17591,8 @@ When audit logs are not labeled before they are sent to a central log server, th
-           
-             RHEL-08-030063 - RHEL 8 must resolve audit information before writing to disk.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
- 
-@@ -17479,7 +17608,8 @@ Enriched logging aids in making sense of who, what, and when events occur on a s
-           
-             RHEL-08-030070 - RHEL 8 audit logs must have a mode of 0600 or less permissive to prevent unauthorized read access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -17495,7 +17625,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           
-             RHEL-08-030080 - RHEL 8 audit logs must be owned by root to prevent unauthorized read access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -17511,7 +17642,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           
-             RHEL-08-030090 - RHEL 8 audit logs must be group-owned by root to prevent unauthorized read access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -17527,7 +17659,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           
-             RHEL-08-030100 - RHEL 8 audit log directory must be owned by root to prevent unauthorized read access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -17543,7 +17676,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           
-             RHEL-08-030110 - RHEL 8 audit log directory must be group-owned by root to prevent unauthorized read access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -17559,7 +17693,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           
-             RHEL-08-030120 - RHEL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -17575,7 +17710,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           
-             RHEL-08-030121 - RHEL 8 audit system must protect auditing rules from unauthorized change.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -17593,7 +17729,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           
-             RHEL-08-030122 - RHEL 8 audit system must protect logon UIDs from unauthorized change.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -17611,7 +17748,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           
-             RHEL-08-030130 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17627,7 +17765,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
-           
-             RHEL-08-030140 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17643,7 +17782,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
-           
-             RHEL-08-030150 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17659,7 +17799,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
-           
-             RHEL-08-030160 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17675,7 +17816,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
-           
-             RHEL-08-030170 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17691,7 +17833,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
-           
-             RHEL-08-030171 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17707,7 +17850,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
-           
-             RHEL-08-030172 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17723,7 +17867,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
-           
-             RHEL-08-030180 - The RHEL 8 audit package must be installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
- 
-@@ -17741,7 +17886,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
-           
-             RHEL-08-030190 - Successful/unsuccessful uses of the su command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17759,7 +17905,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030200 - The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17786,7 +17933,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030250 - Successful/unsuccessful uses of the chage command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17804,7 +17952,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030260 - Successful/unsuccessful uses of the chcon command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17822,7 +17971,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030280 - Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17840,7 +17990,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030290 - Successful/unsuccessful uses of the passwd command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17858,7 +18009,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030300 - Successful/unsuccessful uses of the mount command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17876,7 +18028,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030301 - Successful/unsuccessful uses of the umount command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17894,7 +18047,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030302 - Successful/unsuccessful uses of the mount syscall in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -17912,7 +18066,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030310 - Successful/unsuccessful uses of the unix_update in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -17930,7 +18085,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030311 - Successful/unsuccessful uses of postdrop in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -17948,7 +18104,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030312 - Successful/unsuccessful uses of postqueue in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -17966,7 +18123,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -17984,7 +18142,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030314 - Successful/unsuccessful uses of setfiles in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -18002,7 +18161,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030315 - Successful/unsuccessful uses of userhelper in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -18020,7 +18180,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030316 - Successful/unsuccessful uses of setsebool in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -18038,7 +18199,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030317 - Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -18056,7 +18218,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030320 - Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18074,7 +18237,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030330 - Successful/unsuccessful uses of the setfacl command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18092,7 +18256,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18110,7 +18275,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030350 - Successful/unsuccessful uses of the newgrp command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18128,7 +18294,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030360 - Successful/unsuccessful uses of the init_module and finit_module system calls in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18148,7 +18315,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030361 - Successful/unsuccessful uses of the rename, unlink, rmdir, renameat, and unlinkat system calls in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18173,7 +18341,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030370 - Successful/unsuccessful uses of the gpasswd command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18191,7 +18360,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030390 - Successful/unsuccessful uses of the delete_module command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18209,7 +18379,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030400 - Successful/unsuccessful uses of the crontab command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18227,7 +18398,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030410 - Successful/unsuccessful uses of the chsh command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18245,7 +18417,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030420 - Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18270,7 +18443,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030480 - Successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18294,7 +18468,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030490 - Successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18317,7 +18492,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030550 - Successful/unsuccessful uses of the sudo command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18335,7 +18511,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030560 - Successful/unsuccessful uses of the usermod command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18353,7 +18530,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030570 - Successful/unsuccessful uses of the chacl command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18371,7 +18549,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030580 - Successful/unsuccessful uses of the kmod command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18399,7 +18578,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030600 - Successful/unsuccessful modifications to the lastlog file in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18427,7 +18607,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030601 - RHEL 8 must enable auditing of processes that start prior to the audit daemon.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18457,7 +18638,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030602 - RHEL 8 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -18475,7 +18657,8 @@ Allocating an audit_backlog_limit of sufficient size is critical in maintaining
-           
-             RHEL-08-030610 - RHEL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
-           
-@@ -18487,7 +18670,8 @@ Allocating an audit_backlog_limit of sufficient size is critical in maintaining
-           
-             RHEL-08-030620 - RHEL 8 audit tools must have a mode of 0755 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
- 
-@@ -18503,7 +18687,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           
-             RHEL-08-030630 - RHEL 8 audit tools must be owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
- 
-@@ -18521,7 +18706,8 @@ Satisfies: SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPO
-           
-             RHEL-08-030640 - RHEL 8 audit tools must be group-owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
- 
-@@ -18539,7 +18725,8 @@ Satisfies: SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPO
-           
-             RHEL-08-030670 - RHEL 8 must have the packages required for offloading audit logs installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
- 
-@@ -18562,7 +18749,8 @@ Note that a port number was given as there is no standard port for RELP.
-             RHEL-08-030680 - RHEL 8 must have the packages required for encrypting offloaded audit logs installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
- 
-@@ -18585,7 +18773,8 @@ Note that a port number was given as there is no standard port for RELP.
-             RHEL-08-030700 - RHEL 8 must take appropriate action when the internal event queue is full.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
- 
-@@ -18603,7 +18792,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224
-           
-             RHEL-08-030720 - RHEL 8 must authenticate the remote logging server for off-loading audit logs.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
- 
-@@ -18627,7 +18817,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224
-           
-             RHEL-08-030730 - RHEL 8 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.
-           
-@@ -18639,7 +18830,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224
-           
-             RHEL-08-030741 - RHEL 8 must disable the chrony daemon from acting as a server.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
- 
-@@ -18657,7 +18849,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
-           
-             RHEL-08-030742 - RHEL 8 must disable network management of the chrony daemon.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
- 
-@@ -18675,7 +18868,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
-           
-             RHEL-08-040000 - RHEL 8 must not have the telnet-server package installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -18697,7 +18891,8 @@ If a privileged user were to log on using this service, the privileged user pass
-           
-             RHEL-08-040001 - RHEL 8 must not have any automated bug reporting tools installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -18715,7 +18910,8 @@ Verify the operating system is configured to disable non-essential capabilities.
-           
-             RHEL-08-040002 - RHEL 8 must not have the sendmail package installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -18733,7 +18929,8 @@ Verify the operating system is configured to disable non-essential capabilities.
-           
-             RHEL-08-040004 - RHEL 8 must enable mitigations against processor-based vulnerabilities.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -18753,7 +18950,8 @@ Kernel page-table isolation is a kernel feature that mitigates the Meltdown secu
-           
-             RHEL-08-040010 - RHEL 8 must not have the rsh-server package installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -18773,7 +18971,8 @@ Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000074-GPOS-00042
-           
-             RHEL-08-040021 - RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -18789,7 +18988,8 @@ The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data li
-           
-             RHEL-08-040022 - RHEL 8 must disable the controller area network (CAN) protocol.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -18805,7 +19005,8 @@ The Controller Area Network (CAN) is a serial communications protocol, which was
-           
-             RHEL-08-040023 - RHEL 8 must disable the stream control transmission protocol (SCTP).
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -18821,7 +19022,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
-           
-             RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -18837,7 +19039,8 @@ The Transparent Inter-Process Communication (TIPC) protocol is designed to provi
-           
-             RHEL-08-040025 - RHEL 8 must disable mounting of cramfs.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -18853,7 +19056,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
-           
-             RHEL-08-040026 - RHEL 8 must disable IEEE 1394 (FireWire) Support.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -18867,7 +19071,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
-           
-             RHEL-08-040070 - The RHEL 8 file system automounter must be disabled unless required.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Automatically mounting file systems permits easy introduction of unknown devices, thereby facilitating malicious activity.
-           
-@@ -18879,7 +19084,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
-           
-             RHEL-08-040080 - RHEL 8 must be configured to disable USB mass storage.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity.
- 
-@@ -18893,7 +19099,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163
-           
-             RHEL-08-040100 - A firewall must be installed on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             "Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols.
- 
-@@ -18911,7 +19118,8 @@ RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement action if
-           
-             RHEL-08-040111 - RHEL 8 Bluetooth must be disabled.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without protection of communications with wireless peripherals, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read, altered, or used to compromise the RHEL 8 operating system.
- 
-@@ -18927,7 +19135,8 @@ Protecting the confidentiality and integrity of communications with wireless per
-           
-             RHEL-08-040120 - RHEL 8 must mount /dev/shm with the nodev option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -18945,7 +19154,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040121 - RHEL 8 must mount /dev/shm with the nosuid option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -18961,7 +19171,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040122 - RHEL 8 must mount /dev/shm with the noexec option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -18979,7 +19190,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040123 - RHEL 8 must mount /tmp with the nodev option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -18997,7 +19209,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040124 - RHEL 8 must mount /tmp with the nosuid option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -19013,7 +19226,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040125 - RHEL 8 must mount /tmp with the noexec option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -19031,7 +19245,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040126 - RHEL 8 must mount /var/log with the nodev option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -19049,7 +19264,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040127 - RHEL 8 must mount /var/log with the nosuid option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -19067,7 +19283,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040128 - RHEL 8 must mount /var/log with the noexec option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -19085,7 +19302,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040129 - RHEL 8 must mount /var/log/audit with the nodev option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -19103,7 +19321,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040130 - RHEL 8 must mount /var/log/audit with the nosuid option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -19121,7 +19340,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040131 - RHEL 8 must mount /var/log/audit with the noexec option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -19139,7 +19359,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040132 - RHEL 8 must mount /var/tmp with the nodev option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -19157,7 +19378,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040133 - RHEL 8 must mount /var/tmp with the nosuid option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -19175,7 +19397,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040134 - RHEL 8 must mount /var/tmp with the noexec option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -19193,7 +19416,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040135 - The RHEL 8 fapolicy module must be installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -19215,7 +19439,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000370-GPOS-00155, SRG-OS-000480-GPO
-           
-             RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.
- 
-@@ -19231,7 +19456,8 @@ Since version 0.6.0, "firewalld" has incorporated "nftables" as its backend supp
-           
-             RHEL-08-040160 - All RHEL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
- 
-@@ -19249,7 +19475,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
-           
-             RHEL-08-040161 - RHEL 8 must force a frequent session key renegotiation for SSH connections to the server.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
- 
-@@ -19269,7 +19496,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
-           
-             RHEL-08-040170 - The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             A locally logged-on user, who presses Ctrl-Alt-Delete when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
-           
-@@ -19281,7 +19509,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
-           
-             RHEL-08-040171 - The x86 Ctrl-Alt-Delete key sequence in RHEL 8 must be disabled if a graphical user interface is installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             A locally logged-on user, who presses Ctrl-Alt-Delete, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
-           
-@@ -19293,7 +19522,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
-           
-             RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
-           
-@@ -19305,7 +19535,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
-           
-             RHEL-08-040180 - The debug-shell systemd service must be disabled on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The debug-shell requires no authentication and provides root privileges to anyone who has physical access to the machine.  While this feature is disabled by default, masking it adds an additional layer of assurance that it will not be enabled via a dependency in systemd.  This also prevents attackers with physical access from trivially bypassing security on the machine through valid troubleshooting configurations and gaining root access when the system is rebooted.
-           
-@@ -19317,7 +19548,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
-           
-             RHEL-08-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If TFTP is required for operational support (such as the transmission of router configurations) its use must be documented with the Information System Security Officer (ISSO), restricted to only authorized personnel, and have access control rules established.
-           
-@@ -19329,7 +19561,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
-           
-             RHEL-08-040200 - The root account must be the only account having unrestricted access to the RHEL 8 system.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.
-           
-@@ -19341,7 +19574,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
-           
-             RHEL-08-040210 - RHEL 8 must prevent IPv6 Internet Control Message Protocol (ICMP) redirect messages from being accepted.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
- 
-@@ -19361,7 +19595,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040220 - RHEL 8 must not send Internet Control Message Protocol (ICMP) redirects.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
- 
-@@ -19383,7 +19618,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040230 - RHEL 8 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.
- 
-@@ -19404,7 +19640,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040240 - RHEL 8 must not forward IPv6 source-routed packets.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
- 
-@@ -19424,7 +19661,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040250 - RHEL 8 must not forward IPv6 source-routed packets by default.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
- 
-@@ -19444,7 +19682,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040260 - RHEL 8 must not enable IPv6 packet forwarding unless the system is a router.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
- 
-@@ -19464,7 +19703,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040261 - RHEL 8 must not accept router advertisements on all IPv6 interfaces.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
- 
-@@ -19486,7 +19726,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040262 - RHEL 8 must not accept router advertisements on all IPv6 interfaces by default.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
- 
-@@ -19508,7 +19749,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040270 - RHEL 8 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
- 
-@@ -19530,7 +19772,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040280 - RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
- 
-@@ -19550,7 +19793,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040281 - RHEL 8 must disable access to network bpf syscall from unprivileged processes.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -19570,7 +19814,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040282 - RHEL 8 must restrict usage of ptrace to descendant  processes.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -19590,7 +19835,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040283 - RHEL 8 must restrict exposed kernel pointer addresses access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -19610,7 +19856,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040284 - RHEL 8 must disable the use of user namespaces.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -19630,7 +19877,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -19650,7 +19898,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.
-           
-@@ -19662,7 +19911,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040320 - The graphical display manager must not be installed on RHEL 8 unless approved.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.
-           
-@@ -19674,7 +19924,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040330 - RHEL 8 network interfaces must not be in promiscuous mode.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Network interfaces in promiscuous mode allow for the capture of all network traffic visible to the system. If unauthorized individuals can access these applications, it may allow them to collect information such as logon IDs, passwords, and key exchanges between systems.
- 
-@@ -19688,7 +19939,8 @@ If the system is being used to perform a network troubleshooting function, the u
-           
-             RHEL-08-040340 - RHEL 8 remote X connections for interactive users must be disabled unless to fulfill documented and validated mission requirements.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The security risk of using X11 forwarding is that the client's X11 display server may be exposed to attack when the SSH client requests forwarding.  A system administrator may have a stance in which they want to protect clients that may expose themselves to attack by unwittingly requesting X11 forwarding, which can warrant a "no" setting.
- 
-@@ -19704,7 +19956,8 @@ If X11 services are not required for the system's intended function, they should
-           
-             RHEL-08-040341 - The RHEL 8 SSH daemon must prevent remote hosts from connecting to the proxy display.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address.  By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DIPSLAY environment variable to localhost.  This prevents remote hosts from connecting to the proxy display.
-           
-@@ -19716,7 +19969,8 @@ If X11 services are not required for the system's intended function, they should
-           
-             RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Restricting TFTP to a specific directory prevents remote users from copying, transferring, or overwriting system files.
-           
-@@ -19728,7 +19982,8 @@ If X11 services are not required for the system's intended function, they should
-           
-             RHEL-08-040360 - A File Transfer Protocol (FTP) server package must not be installed unless mission essential on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The FTP service provides an unencrypted remote access that does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. SSH or other encrypted file transfer methods must be used in place of this service.
-           
-@@ -19740,7 +19995,8 @@ If X11 services are not required for the system's intended function, they should
-           
-             RHEL-08-040370 - The gssproxy package must not be installed unless mission essential on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -19756,7 +20012,8 @@ The gssproxy package is a proxy for GSS API credential handling and could expose
-           
-             RHEL-08-040380 - The iprutils package must not be installed unless mission essential on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -19772,7 +20029,8 @@ The iprutils package provides a suite of utilities to manage and configure SCSI
-           
-             RHEL-08-040390 - The tuned package must not be installed unless mission essential on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -19788,7 +20046,8 @@ The tuned package contains a daemon that tunes the system settings dynamically.
-           
-             RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
- 
-@@ -19806,7 +20065,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
-           
-             RHEL-08-010382 - RHEL 8 must restrict privilege elevation to authorized personnel.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
-           
-@@ -19818,7 +20078,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
-           
-             RHEL-08-010383 - RHEL 8 must use the invoking user's password for privilege escalation when using "sudo".
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password. 
- For more information on each of the listed configurations, reference the sudoers(5) manual page.
-@@ -19831,7 +20092,8 @@ For more information on each of the listed configurations, reference the sudoers
-           
-             RHEL-08-010384 - RHEL 8 must require re-authentication when using the "sudo" command.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
- 
-@@ -19847,7 +20109,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
-           
-             RHEL-08-010049 - RHEL 8 must display a banner before granting local or remote access to the system via a graphical user logon.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
- 
-@@ -19863,7 +20126,8 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088
-           
-             RHEL-08-010152 - RHEL 8 operating systems must require authentication upon booting into emergency mode.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If the system does not require valid root authentication before it boots into emergency or rescue mode, anyone who invokes emergency or rescue mode is granted privileged access to all files on the system.
-           
-@@ -19875,7 +20139,8 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088
-           
-             RHEL-08-010159 - The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
- 
-@@ -19891,7 +20156,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
-           
-             RHEL-08-010201 - The RHEL 8 SSH daemon must be configured with a timeout interval.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Terminating an idle SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
- 
-@@ -19909,7 +20175,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
-           
-             RHEL-08-010472 - RHEL 8 must have the packages required to use the hardware random number generator entropy gatherer service.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.  
- 
-@@ -19923,7 +20190,8 @@ The rngd service feeds random data from hardware device to kernel random device.
-           
-             RHEL-08-010522 - The RHEL 8 SSH daemon must not allow GSSAPI authentication, except to fulfill documented and validated mission requirements.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.
-           
-@@ -19935,7 +20203,8 @@ The rngd service feeds random data from hardware device to kernel random device.
-           
-             RHEL-08-010544 - RHEL 8 must use a separate file system for /var/tmp.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
-           
-@@ -19947,7 +20216,8 @@ The rngd service feeds random data from hardware device to kernel random device.
-           
-             RHEL-08-010572 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot/efi directory.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
-           
-@@ -19959,7 +20229,8 @@ The rngd service feeds random data from hardware device to kernel random device.
-           
-             RHEL-08-020032 - RHEL 8 must disable the user list at logon for graphical user interfaces.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Leaving the user list enabled is a security risk since it allows anyone with physical access to the system to enumerate known user accounts without authenticated access to the system.
-           
-@@ -19971,7 +20242,8 @@ The rngd service feeds random data from hardware device to kernel random device.
-           
-             RHEL-08-020082 - RHEL 8 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, operating systems need to be able to identify when a user's session has idled and take action to initiate the session lock.
- 
-@@ -19991,7 +20263,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, SRG-OS-000480-GPO
-           
-             RHEL-08-020332 - RHEL 8 must not allow blank or null passwords in the password-auth file.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
-           
-@@ -20003,7 +20276,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, SRG-OS-000480-GPO
-           
-             RHEL-08-030181 - RHEL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
- 
-@@ -20021,7 +20295,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
-           
-             RHEL-08-030731 - RHEL 8 must notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when allocated audit record storage volume 75 percent utilization.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.
-           
-@@ -20033,7 +20308,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
-           
-             RHEL-08-040101 - A firewall must be active on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             "Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols.
- 
-@@ -20050,7 +20326,8 @@ RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement action if
-           
-             RHEL-08-040136 - The RHEL 8 fapolicy module must be enabled.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -20072,7 +20349,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000370-GPOS-00155, SRG-OS-000480-GPO
-           
-             RHEL-08-040139 - RHEL 8 must have the USBGuard installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
- Peripherals include, but are not limited to, such devices as flash drives, external storage, and printers.
-@@ -20088,7 +20366,8 @@ The System Administrator (SA) must work with the site Information System Securit
-           
-             RHEL-08-040141 - RHEL 8 must enable the USBGuard.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
- 
-@@ -20106,7 +20385,8 @@ The System Administrator (SA) must work with the site Information System Securit
-           
-             RHEL-08-040159 - All RHEL 8 networked systems must have SSH installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
- 
-@@ -20124,7 +20404,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
-           
-             RHEL-08-040209 - RHEL 8 must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
- 
-@@ -20144,7 +20425,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040239 - RHEL 8 must not forward IPv4 source-routed packets.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
- 
-@@ -20164,7 +20446,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040249 - RHEL 8 must not forward IPv4 source-routed packets by default.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
- 
-@@ -20184,7 +20467,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040279 - RHEL 8 must ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
- 
-@@ -20204,7 +20488,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040286 - RHEL 8 must enable hardening for the Berkeley Packet Filter Just-in-time compiler.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -20226,7 +20511,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010121 - The RHEL 8 operating system must not have accounts configured with blank or null passwords.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
-           
-@@ -20238,7 +20524,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010331 - RHEL 8 library directories must have mode 755 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -20252,7 +20539,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
-           
-             RHEL-08-010341 - RHEL 8 library directories must be owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -20266,7 +20554,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
-           
-             RHEL-08-010351 - RHEL 8 library directories must be group-owned by root or a system account.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -20280,7 +20569,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
-           
-             RHEL-08-010385 - The RHEL 8 operating system must not be configured to bypass password requirements for privilege escalation.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
- 
-@@ -20296,7 +20586,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
-           
-             RHEL-08-020101 - RHEL 8 must ensure the password complexity module is enabled in the system-auth file.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
- 
-@@ -20312,7 +20603,8 @@ RHEL 8 uses "pwquality" as a mechanism to enforce password complexity. This is s
-           
-             RHEL-08-020102 - RHEL 8 systems below version 8.4 must ensure the password complexity module in the system-auth file is configured for three retries or less.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
- 
-@@ -20330,7 +20622,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-           
-             RHEL-08-020103 - RHEL 8 systems below version 8.4 must ensure the password complexity module in the password-auth file is configured for three retries or less.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
- 
-@@ -20348,7 +20641,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-           
-             RHEL-08-040321 - The graphical display manager must not be the default target on RHEL 8 unless approved.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.
-           
-@@ -20360,7 +20654,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-           
-             RHEL-08-020035 - RHEL 8 must terminate idle user sessions.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux OS 8
-             
-             Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.
-           
-@@ -20423,11 +20718,11 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+@@ -20409,11 +20409,11 @@ By limiting the number of attempts to meet the pwquality module complexity requi
          
            
          
@@ -23106,7 +18564,7 @@ index ecdb4b277..9702848cf 100644
            
            
          
-@@ -22363,12 +22658,12 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+@@ -22349,12 +22349,12 @@ By limiting the number of attempts to meet the pwquality module complexity requi
            1
          
          
@@ -23121,7 +18579,2920 @@ index ecdb4b277..9702848cf 100644
            ^\s*GRUB2_PASSWORD=(\S+)\b
            1
          
-@@ -26048,7 +26343,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+diff --git a/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml
+index bbc44024b..2a616849a 100644
+--- a/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml
+@@ -3134,7 +3134,7 @@ SHA_CRYPT_MIN_ROUNDS 100000
+           
+           
+           CCI-000213
+-          Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++          Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+ 
+ Generate an encrypted grub2 password for the grub superusers account with the following command:
+ 
+@@ -12106,8 +12106,8 @@ $ sudo systemctl restart systemd-logind
+             
+           
+           
+-            
+-            
++            
++            
+           
+         
+         
+@@ -14998,7 +14998,8 @@ $ sudo systemctl restart systemd-logind
+           
+             The system is RHEL 8.1 or lower
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             
+           
+@@ -15010,7 +15011,8 @@ $ sudo systemctl restart systemd-logind
+           
+             The system is RHEL 8.2 or higher
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             
+           
+@@ -15059,7 +15061,8 @@ $ sudo systemctl restart systemd-logind
+           
+             The system is RHEL 8.3 or lower
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             
+           
+@@ -15071,7 +15074,8 @@ $ sudo systemctl restart systemd-logind
+           
+             The system is RHEL 8.4 or higher
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             
+           
+@@ -15123,7 +15127,8 @@ $ sudo systemctl restart systemd-logind
+           
+             RHEL-08-010000 - RHEL 8 must be a vendor-supported release.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             An operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.
+ 
+@@ -15138,7 +15143,8 @@ Note: The life-cycle time spans and dates are subject to adjustment.
+             RHEL-08-010070 - All RHEL 8 remote access methods must be monitored.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Remote access services, such as those providing remote access to network devices and information systems, which lack automated monitoring capabilities, increase risk and make remote user access management difficult at best.
+ 
+@@ -15154,7 +15160,8 @@ Automated monitoring of remote access sessions allows organizations to detect cy
+           
+             RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.
+ 
+@@ -15170,7 +15177,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The system must use a strong hashing algorithm to store the password.
+ 
+@@ -15184,7 +15192,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The system must use a strong hashing algorithm to store the password. The system must use a sufficient number of hashing rounds to ensure the required level of entropy.
+ 
+@@ -15198,7 +15207,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
+           
+@@ -15210,7 +15220,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
+           
+@@ -15222,7 +15233,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010151 - RHEL 8 operating systems must require authentication upon booting into rescue mode.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If the system does not require valid root authentication before it boots into emergency or rescue mode, anyone who invokes emergency or rescue mode is granted privileged access to all files on the system.
+           
+@@ -15234,7 +15246,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -15250,7 +15263,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -15268,7 +15282,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -15286,7 +15301,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010170 - RHEL 8 must use a Linux Security Module configured to enforce limits on system services.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
+ 
+@@ -15300,7 +15316,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010171 - RHEL 8 must have policycoreutils package installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
+ 
+@@ -15314,7 +15331,8 @@ Policycoreutils contains the policy core utilities that are required for basic o
+           
+             RHEL-08-010200 - RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Terminating an idle SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
+ 
+@@ -15332,7 +15350,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
+           
+             RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -15346,7 +15365,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010220 - The RHEL 8 /var/log/messages file must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -15360,7 +15380,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010230 - The RHEL 8 /var/log/messages file must be group-owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -15374,7 +15395,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010240 - The RHEL 8 /var/log directory must have mode 0755 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -15388,7 +15410,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010250 - The RHEL 8 /var/log directory must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -15402,7 +15425,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -15416,7 +15440,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010292 - RHEL 8 must ensure the SSH server uses strong entropy.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.
+ 
+@@ -15430,7 +15455,8 @@ The SSH implementation in RHEL8 uses the OPENSSL library, which does not use hig
+           
+             RHEL-08-010294 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the OpenSSL package.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
+ 
+@@ -15450,7 +15476,8 @@ Satisfies: SRG-OS-000250-GPOS-00093, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPO
+           
+             RHEL-08-010300 - RHEL 8 system commands must have mode 755 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -15464,7 +15491,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010310 - RHEL 8 system commands must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -15478,7 +15506,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -15492,7 +15521,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010330 - RHEL 8 library files must have mode 755 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -15506,7 +15536,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010340 - RHEL 8 library files must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -15520,7 +15551,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010350 - RHEL 8 library files must be group-owned by root or a system account.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -15534,7 +15566,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010370 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
+ 
+@@ -15550,7 +15583,8 @@ Verifying the authenticity of the software prior to installation validates the i
+           
+             RHEL-08-010371 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
+ 
+@@ -15566,7 +15600,8 @@ Verifying the authenticity of the software prior to installation validates the i
+           
+             RHEL-08-010372 - RHEL 8 must prevent the loading of a new kernel for later execution.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
+ 
+@@ -15588,7 +15623,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010373 - RHEL 8 must enable kernel parameters to enforce discretionary access control on symlinks.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
+ 
+@@ -15614,7 +15650,8 @@ Satisfies: SRG-OS-000312-GPOS-00122, SRG-OS-000312-GPOS-00123, SRG-OS-000312-GPO
+           
+             RHEL-08-010374 - RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
+ 
+@@ -15640,7 +15677,8 @@ Satisfies: SRG-OS-000312-GPOS-00122, SRG-OS-000312-GPOS-00123, SRG-OS-000312-GPO
+           
+             RHEL-08-010375 - RHEL 8 must restrict access to the kernel message buffer.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
+ 
+@@ -15666,7 +15704,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010376 - RHEL 8 must prevent kernel profiling by unprivileged users.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
+ 
+@@ -15692,7 +15731,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010380 - RHEL 8 must require users to provide a password for privilege escalation.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
+ 
+@@ -15708,7 +15748,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
+           
+             RHEL-08-010381 - RHEL 8 must require users to reauthenticate for privilege escalation.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
+ 
+@@ -15724,7 +15765,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
+           
+             RHEL-08-010390 - RHEL 8 must have the packages required for multifactor authentication installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Using an authentication device, such as a DoD Common Access Card (CAC) or token that is separate from the information system, ensures that even if the information system is compromised, credentials stored on the authentication device will not be affected.
+ 
+@@ -15744,7 +15786,8 @@ This requirement only applies to components where this is specific to the functi
+           
+             RHEL-08-010430 - RHEL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
+ 
+@@ -15766,7 +15809,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.
+           
+@@ -15778,7 +15822,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
+ 
+@@ -15792,7 +15837,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010460 - There must be no shosts.equiv files on the RHEL 8 operating system.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The "shosts.equiv" files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
+           
+@@ -15804,7 +15850,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010470 - There must be no .shosts files on the RHEL 8 operating system.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The ".shosts" files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
+           
+@@ -15816,7 +15863,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010480 - The RHEL 8 SSH public host key files must have mode 0644 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If a public host key file is modified by an unauthorized user, the SSH service may be compromised.
+           
+@@ -15828,7 +15876,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010490 - The RHEL 8 SSH private host key files must have mode 0640 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If an unauthorized user obtains the private SSH host key file, the host could be impersonated.
+           
+@@ -15840,7 +15889,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010500 - The RHEL 8 SSH daemon must perform strict mode checking of home directory configuration files.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If other users have access to modify user-specific SSH configuration files, they may be able to log on to the system as another user.
+           
+@@ -15852,7 +15902,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010520 - The RHEL 8 SSH daemon must not allow authentication using known host’s authentication.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.
+           
+@@ -15864,7 +15915,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010521 - The RHEL 8 SSH daemon must not allow Kerberos authentication, except to fulfill documented and validated mission requirements.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Configuring these settings for the SSH daemon provides additional assurance that remote logon via SSH will not use unused methods of authentication, even in the event of misconfiguration elsewhere.
+           
+@@ -15876,7 +15928,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010540 - RHEL 8 must use a separate file system for /var.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -15888,7 +15941,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010541 - RHEL 8 must use a separate file system for /var/log.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -15900,7 +15954,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010542 - RHEL 8 must use a separate file system for the system audit data path.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -15912,7 +15967,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010543 - A separate RHEL 8 filesystem must be used for the /tmp directory.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -15924,7 +15980,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010550 - RHEL 8 must not permit direct logons to the root account using remote access via SSH.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Even though the communications channel may be encrypted, an additional layer of security is gained by extending the policy of not logging on directly as root. In addition, logging on with a user-specific account provides individual accountability of actions performed on the system.
+           
+@@ -15936,7 +15993,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010561 - The rsyslog service must be running in RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
+ 
+@@ -15950,7 +16008,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010570 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that contain user home directories.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -15962,7 +16021,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010571 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -15974,7 +16034,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010580 - RHEL 8 must prevent special devices on non-root local partitions.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.  The only legitimate location for device files is the /dev directory located on the root partition.
+           
+@@ -15986,7 +16047,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010630 - RHEL 8 must prevent code from being executed on file systems that are imported via Network File System (NFS).
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The "noexec" mount option causes the system not to execute binary files. This option must be used for mounting any file system not containing approved binary as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -15998,7 +16060,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010640 - RHEL 8 must prevent special devices on file systems that are imported via Network File System (NFS).
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -16010,7 +16073,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010650 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS).
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -16022,7 +16086,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010671 - RHEL 8 must disable the kernel.core_pattern.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -16042,7 +16107,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010672 - RHEL 8 must disable acquiring, saving, and processing core dumps.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -16058,7 +16124,8 @@ When the kernel invokes systemd-coredumpt to handle a core dump, it runs in priv
+           
+             RHEL-08-010673 - RHEL 8 must disable core dumps for all users.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -16072,7 +16139,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010674 - RHEL 8 must disable storing core dumps.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -16086,7 +16154,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010675 - RHEL 8 must disable core dump backtraces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -16100,7 +16169,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010680 - For RHEL 8 systems using Domain Name Servers (DNS) resolution, at least two name servers must be configured.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             To provide availability for name resolution services, multiple redundant name servers are mandated. A failure in name resolution could lead to the failure of security functions requiring name resolution, which may include time synchronization, centralized authentication, and remote system logging.
+           
+@@ -16112,7 +16182,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010720 - All RHEL 8 local interactive users must have a home directory assigned in the /etc/passwd file.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
+           
+@@ -16124,7 +16195,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010730 - All RHEL 8 local interactive user home directories must have mode 0750 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Excessive permissions on local interactive user home directories may allow unauthorized access to user files by other users.
+           
+@@ -16136,7 +16208,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010760 - All RHEL 8 local interactive user accounts must be assigned a home directory upon creation.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
+           
+@@ -16148,7 +16221,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010770 - All RHEL 8 local initialization files must have mode 0740 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Local initialization files are used to configure the user's shell environment upon logon. Malicious modification of these files could compromise accounts upon logon.
+           
+@@ -16160,7 +16234,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010800 - A separate RHEL 8 filesystem must be used for user home directories (such as /home or an equivalent).
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -16172,7 +16247,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010820 - Unattended or automatic logon via the RHEL 8 graphical user interface must not be allowed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Failure to restrict system access to authenticated users negatively impacts operating system security.
+           
+@@ -16184,7 +16260,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010830 - RHEL 8 must not allow users to override SSH environment variables.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             SSH environment options potentially allow users to bypass access restriction in some configurations.
+           
+@@ -16196,7 +16273,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-020010 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16214,7 +16292,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020011 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16232,7 +16311,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16250,7 +16330,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16268,7 +16349,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020014 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16286,7 +16368,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020015 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16304,7 +16387,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020018 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16322,7 +16406,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020019 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16340,7 +16425,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020020 - RHEL 8 must log user name information when unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16360,7 +16446,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020021 - RHEL 8 must log user name information when unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16378,7 +16465,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020022 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16398,7 +16486,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020023 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16416,7 +16505,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020024 - RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Operating system management includes the ability to control the number of users and user sessions that utilize an operating system. Limiting the number of allowed users and sessions per user is helpful in reducing the risks related to DoS attacks.
+ 
+@@ -16430,7 +16520,8 @@ This requirement addresses concurrent sessions for information system accounts a
+           
+             RHEL-08-020030 - RHEL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
+ 
+@@ -16448,7 +16539,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011
+           
+             RHEL-08-020050 - RHEL 8 must be able to initiate directly a session lock for all connection types using smartcard when the smartcard is removed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
+ 
+@@ -16464,7 +16556,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011
+           
+             RHEL-08-020080 - RHEL 8 must prevent a user from overriding the session lock-delay setting for the graphical user interface.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, operating systems need to be able to identify when a user's session has idled and take action to initiate the session lock.
+ 
+@@ -16484,7 +16577,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, SRG-OS-000480-GPO
+           
+             RHEL-08-020100 - RHEL 8 must ensure the password complexity module is enabled in the password-auth file.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
+ 
+@@ -16500,7 +16594,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. This
+           
+             RHEL-08-020110 - RHEL 8 must enforce password complexity by requiring that at least one uppercase character be used.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -16516,7 +16611,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
+           
+             RHEL-08-020120 - RHEL 8 must enforce password complexity by requiring that at least one lower-case character be used.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -16532,7 +16628,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
+           
+             RHEL-08-020130 - RHEL 8 must enforce password complexity by requiring that at least one numeric character be used.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -16548,7 +16645,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+           
+             RHEL-08-020140 - RHEL 8 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -16564,7 +16662,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020150 - RHEL 8 must require the maximum number of repeating characters be limited to three when passwords are changed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -16580,7 +16679,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020160 - RHEL 8 must require the change of at least four character classes when passwords are changed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -16596,7 +16696,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020170 - RHEL 8 must require the change of at least 8 characters when passwords are changed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -16612,7 +16713,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020180 - RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime restriction in /etc/shadow.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
+           
+@@ -16624,7 +16726,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020190 - RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/login.defs.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
+           
+@@ -16636,7 +16739,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020200 - RHEL 8 user account passwords must have a 60-day maximum password lifetime restriction.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
+           
+@@ -16648,7 +16752,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020210 - RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
+           
+@@ -16660,7 +16765,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020230 - RHEL 8 passwords must have a minimum of 15 characters.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
+ 
+@@ -16680,7 +16786,8 @@ The DoD minimum password requirement is 15 characters.
+           
+             RHEL-08-020231 - RHEL 8 passwords for new users must have a minimum of 15 characters.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
+ 
+@@ -16696,7 +16803,8 @@ The DoD minimum password requirement is 15 characters.
+           
+             RHEL-08-020240 - RHEL 8 duplicate User IDs (UIDs) must not exist for interactive users.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             To ensure accountability and prevent unauthenticated access, interactive users must be identified and authenticated to prevent potential misuse and compromise of the system.
+ 
+@@ -16716,7 +16824,8 @@ Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062, SRG-OS-000042-GPO
+           
+             RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
+ 
+@@ -16730,7 +16839,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
+           
+             RHEL-08-020280 - All RHEL 8 passwords must contain at least one special character.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -16746,7 +16856,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+           
+             RHEL-08-020290 - RHEL 8 must prohibit the use of cached authentications after one day.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If cached authentication information is out-of-date, the validity of the authentication information may be questionable.
+ 
+@@ -16760,7 +16871,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
+           
+             RHEL-08-020300 - RHEL 8 must prevent the use of dictionary words for passwords.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If RHEL 8 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses, and brute-force attacks.
+           
+@@ -16772,7 +16884,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
+           
+             RHEL-08-020310 - RHEL 8 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Configuring the operating system to implement organization-wide security implementation guides and security checklists verifies compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
+ 
+@@ -16786,7 +16899,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-020330 - RHEL 8 must not allow accounts configured with blank or null passwords.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
+           
+@@ -16798,7 +16912,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-020340 - RHEL 8 must display the date and time of the last successful account logon upon logon.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Providing users with feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.
+           
+@@ -16810,7 +16925,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-020350 - RHEL 8 must display the date and time of the last successful account logon upon an SSH logon.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Providing users with feedback on when account accesses via SSH last occurred facilitates user recognition and reporting of unauthorized account use.
+           
+@@ -16822,7 +16938,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-020351 - RHEL 8 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Setting the most restrictive default permissions ensures that when new accounts are created, they do not have unnecessary access.
+           
+@@ -16834,7 +16951,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-030000 - The RHEL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider threats and the advanced persistent threat.
+ 
+@@ -16848,7 +16966,8 @@ Satisfies: SRG-OS-000326-GPOS-00126, SRG-OS-000327-GPOS-00127
+           
+             RHEL-08-030020 - The RHEL 8 System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
+ 
+@@ -16864,7 +16983,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+           
+             RHEL-08-030030 - The RHEL 8 Information System Security Officer (ISSO) and System Administrator (SA) (at a minimum) must have mail aliases to be notified of an audit processing failure.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
+ 
+@@ -16880,7 +17000,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+           
+             RHEL-08-030040 - The RHEL 8 System must take appropriate action when an audit processing failure occurs.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
+ 
+@@ -16896,7 +17017,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+           
+             RHEL-08-030060 - The RHEL 8 audit system must take appropriate action when the audit storage volume is full.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is critical that when RHEL 8 is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.
+ 
+@@ -16914,7 +17036,8 @@ When availability is an overriding concern, other approved actions in response t
+           
+             RHEL-08-030061 - The RHEL 8 audit system must audit local events.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -16928,7 +17051,8 @@ Audit record content that may be necessary to satisfy this requirement includes,
+           
+             RHEL-08-030062 - RHEL 8 must label all off-loaded audit logs before sending them to the central log server.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -16946,7 +17070,8 @@ When audit logs are not labeled before they are sent to a central log server, th
+           
+             RHEL-08-030063 - RHEL 8 must resolve audit information before writing to disk.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -16962,7 +17087,8 @@ Enriched logging aids in making sense of who, what, and when events occur on a s
+           
+             RHEL-08-030070 - RHEL 8 audit logs must have a mode of 0600 or less permissive to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -16978,7 +17104,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030080 - RHEL 8 audit logs must be owned by root to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -16994,7 +17121,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030090 - RHEL 8 audit logs must be group-owned by root to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -17010,7 +17138,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030100 - RHEL 8 audit log directory must be owned by root to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -17026,7 +17155,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030110 - RHEL 8 audit log directory must be group-owned by root to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -17042,7 +17172,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030120 - RHEL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -17058,7 +17189,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030121 - RHEL 8 audit system must protect auditing rules from unauthorized change.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -17076,7 +17208,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030122 - RHEL 8 audit system must protect logon UIDs from unauthorized change.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -17094,7 +17227,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030130 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17110,7 +17244,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030140 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17126,7 +17261,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030150 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17142,7 +17278,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030160 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17158,7 +17295,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030170 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17174,7 +17312,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030171 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17190,7 +17329,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030172 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17206,7 +17346,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030180 - The RHEL 8 audit package must be installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -17224,7 +17365,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
+           
+             RHEL-08-030190 - Successful/unsuccessful uses of the su command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17242,7 +17384,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030200 - The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17269,7 +17412,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030250 - Successful/unsuccessful uses of the chage command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17287,7 +17431,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030260 - Successful/unsuccessful uses of the chcon command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17305,7 +17450,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030280 - Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17323,7 +17469,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030290 - Successful/unsuccessful uses of the passwd command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17341,7 +17488,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030300 - Successful/unsuccessful uses of the mount command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17359,7 +17507,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030301 - Successful/unsuccessful uses of the umount command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17377,7 +17526,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030302 - Successful/unsuccessful uses of the mount syscall in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17395,7 +17545,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030310 - Successful/unsuccessful uses of the unix_update in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -17413,7 +17564,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030311 - Successful/unsuccessful uses of postdrop in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -17431,7 +17583,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030312 - Successful/unsuccessful uses of postqueue in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -17449,7 +17602,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -17467,7 +17621,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030314 - Successful/unsuccessful uses of setfiles in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -17485,7 +17640,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030315 - Successful/unsuccessful uses of userhelper in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -17503,7 +17659,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030316 - Successful/unsuccessful uses of setsebool in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -17521,7 +17678,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030317 - Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -17539,7 +17697,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030320 - Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17557,7 +17716,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030330 - Successful/unsuccessful uses of the setfacl command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17575,7 +17735,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17593,7 +17754,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030350 - Successful/unsuccessful uses of the newgrp command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17611,7 +17773,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030360 - Successful/unsuccessful uses of the init_module and finit_module system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17631,7 +17794,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030361 - Successful/unsuccessful uses of the rename, unlink, rmdir, renameat, and unlinkat system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17656,7 +17820,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030370 - Successful/unsuccessful uses of the gpasswd command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17674,7 +17839,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030390 - Successful/unsuccessful uses of the delete_module command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17692,7 +17858,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030400 - Successful/unsuccessful uses of the crontab command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17710,7 +17877,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030410 - Successful/unsuccessful uses of the chsh command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17728,7 +17896,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030420 - Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17753,7 +17922,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030480 - Successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17777,7 +17947,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030490 - Successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17800,7 +17971,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030550 - Successful/unsuccessful uses of the sudo command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17818,7 +17990,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030560 - Successful/unsuccessful uses of the usermod command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17836,7 +18009,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030570 - Successful/unsuccessful uses of the chacl command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17854,7 +18028,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030580 - Successful/unsuccessful uses of the kmod command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17882,7 +18057,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030600 - Successful/unsuccessful modifications to the lastlog file in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17910,7 +18086,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030610 - RHEL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+           
+@@ -17922,7 +18099,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030620 - RHEL 8 audit tools must have a mode of 0755 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
+ 
+@@ -17938,7 +18116,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+           
+             RHEL-08-030630 - RHEL 8 audit tools must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
+ 
+@@ -17956,7 +18135,8 @@ Satisfies: SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPO
+           
+             RHEL-08-030640 - RHEL 8 audit tools must be group-owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
+ 
+@@ -17974,7 +18154,8 @@ Satisfies: SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPO
+           
+             RHEL-08-030670 - RHEL 8 must have the packages required for offloading audit logs installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -17997,7 +18178,8 @@ Note that a port number was given as there is no standard port for RELP.
+             RHEL-08-030680 - RHEL 8 must have the packages required for encrypting offloaded audit logs installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -18020,7 +18202,8 @@ Note that a port number was given as there is no standard port for RELP.
+             RHEL-08-030700 - RHEL 8 must take appropriate action when the internal event queue is full.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -18038,7 +18221,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224
+           
+             RHEL-08-030720 - RHEL 8 must authenticate the remote logging server for off-loading audit logs.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -18062,7 +18246,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224
+           
+             RHEL-08-030730 - RHEL 8 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.
+           
+@@ -18074,7 +18259,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224
+           
+             RHEL-08-030741 - RHEL 8 must disable the chrony daemon from acting as a server.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
+ 
+@@ -18092,7 +18278,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
+           
+             RHEL-08-030742 - RHEL 8 must disable network management of the chrony daemon.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
+ 
+@@ -18110,7 +18297,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
+           
+             RHEL-08-040000 - RHEL 8 must not have the telnet-server package installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18132,7 +18320,8 @@ If a privileged user were to log on using this service, the privileged user pass
+           
+             RHEL-08-040001 - RHEL 8 must not have any automated bug reporting tools installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18150,7 +18339,8 @@ Verify the operating system is configured to disable non-essential capabilities.
+           
+             RHEL-08-040002 - RHEL 8 must not have the sendmail package installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18168,7 +18358,8 @@ Verify the operating system is configured to disable non-essential capabilities.
+           
+             RHEL-08-040010 - RHEL 8 must not have the rsh-server package installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18188,7 +18379,8 @@ Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000074-GPOS-00042
+           
+             RHEL-08-040021 - RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18204,7 +18396,8 @@ The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data li
+           
+             RHEL-08-040022 - RHEL 8 must disable the controller area network (CAN) protocol.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18220,7 +18413,8 @@ The Controller Area Network (CAN) is a serial communications protocol, which was
+           
+             RHEL-08-040023 - RHEL 8 must disable the stream control transmission protocol (SCTP).
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18236,7 +18430,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
+           
+             RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18252,7 +18447,8 @@ The Transparent Inter-Process Communication (TIPC) protocol is designed to provi
+           
+             RHEL-08-040025 - RHEL 8 must disable mounting of cramfs.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18268,7 +18464,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
+           
+             RHEL-08-040026 - RHEL 8 must disable IEEE 1394 (FireWire) Support.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18282,7 +18479,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
+           
+             RHEL-08-040070 - The RHEL 8 file system automounter must be disabled unless required.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Automatically mounting file systems permits easy introduction of unknown devices, thereby facilitating malicious activity.
+           
+@@ -18294,7 +18492,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
+           
+             RHEL-08-040080 - RHEL 8 must be configured to disable USB mass storage.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity.
+ 
+@@ -18308,7 +18507,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163
+           
+             RHEL-08-040100 - A firewall must be installed on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             "Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols.
+ 
+@@ -18326,7 +18526,8 @@ RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement action if
+           
+             RHEL-08-040111 - RHEL 8 Bluetooth must be disabled.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without protection of communications with wireless peripherals, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read, altered, or used to compromise the RHEL 8 operating system.
+ 
+@@ -18342,7 +18543,8 @@ Protecting the confidentiality and integrity of communications with wireless per
+           
+             RHEL-08-040120 - RHEL 8 must mount /dev/shm with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18360,7 +18562,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040121 - RHEL 8 must mount /dev/shm with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18376,7 +18579,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040122 - RHEL 8 must mount /dev/shm with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18394,7 +18598,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040123 - RHEL 8 must mount /tmp with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18412,7 +18617,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040124 - RHEL 8 must mount /tmp with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18428,7 +18634,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040125 - RHEL 8 must mount /tmp with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18446,7 +18653,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040126 - RHEL 8 must mount /var/log with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18464,7 +18672,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040127 - RHEL 8 must mount /var/log with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18482,7 +18691,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040128 - RHEL 8 must mount /var/log with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18500,7 +18710,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040129 - RHEL 8 must mount /var/log/audit with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18518,7 +18729,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040130 - RHEL 8 must mount /var/log/audit with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18536,7 +18748,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040131 - RHEL 8 must mount /var/log/audit with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18554,7 +18767,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040132 - RHEL 8 must mount /var/tmp with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18572,7 +18786,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040133 - RHEL 8 must mount /var/tmp with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18590,7 +18805,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040134 - RHEL 8 must mount /var/tmp with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18608,7 +18824,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040135 - The RHEL 8 fapolicy module must be installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18630,7 +18847,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000370-GPOS-00155, SRG-OS-000480-GPO
+           
+             RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.
+ 
+@@ -18646,7 +18864,8 @@ Since version 0.6.0, "firewalld" has incorporated "nftables" as its backend supp
+           
+             RHEL-08-040160 - All RHEL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+ 
+@@ -18664,7 +18883,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
+           
+             RHEL-08-040161 - RHEL 8 must force a frequent session key renegotiation for SSH connections to the server.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+ 
+@@ -18684,7 +18904,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040170 - The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             A locally logged-on user, who presses Ctrl-Alt-Delete when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
+           
+@@ -18696,7 +18917,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040171 - The x86 Ctrl-Alt-Delete key sequence in RHEL 8 must be disabled if a graphical user interface is installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             A locally logged-on user, who presses Ctrl-Alt-Delete, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
+           
+@@ -18708,7 +18930,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
+           
+@@ -18720,7 +18943,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040180 - The debug-shell systemd service must be disabled on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The debug-shell requires no authentication and provides root privileges to anyone who has physical access to the machine.  While this feature is disabled by default, masking it adds an additional layer of assurance that it will not be enabled via a dependency in systemd.  This also prevents attackers with physical access from trivially bypassing security on the machine through valid troubleshooting configurations and gaining root access when the system is rebooted.
+           
+@@ -18732,7 +18956,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If TFTP is required for operational support (such as the transmission of router configurations) its use must be documented with the Information System Security Officer (ISSO), restricted to only authorized personnel, and have access control rules established.
+           
+@@ -18744,7 +18969,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040200 - The root account must be the only account having unrestricted access to the RHEL 8 system.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.
+           
+@@ -18756,7 +18982,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040210 - RHEL 8 must prevent IPv6 Internet Control Message Protocol (ICMP) redirect messages from being accepted.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+ 
+@@ -18776,7 +19003,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040220 - RHEL 8 must not send Internet Control Message Protocol (ICMP) redirects.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
+ 
+@@ -18798,7 +19026,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040230 - RHEL 8 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.
+ 
+@@ -18819,7 +19048,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040240 - RHEL 8 must not forward IPv6 source-routed packets.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
+ 
+@@ -18839,7 +19069,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040250 - RHEL 8 must not forward IPv6 source-routed packets by default.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
+ 
+@@ -18859,7 +19090,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040260 - RHEL 8 must not enable IPv6 packet forwarding unless the system is a router.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
+ 
+@@ -18879,7 +19111,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040261 - RHEL 8 must not accept router advertisements on all IPv6 interfaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
+ 
+@@ -18901,7 +19134,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040262 - RHEL 8 must not accept router advertisements on all IPv6 interfaces by default.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
+ 
+@@ -18923,7 +19157,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040270 - RHEL 8 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
+ 
+@@ -18945,7 +19180,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040280 - RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+ 
+@@ -18965,7 +19201,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040281 - RHEL 8 must disable access to network bpf syscall from unprivileged processes.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18985,7 +19222,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040282 - RHEL 8 must restrict usage of ptrace to descendant  processes.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19005,7 +19243,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040283 - RHEL 8 must restrict exposed kernel pointer addresses access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19025,7 +19264,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040284 - RHEL 8 must disable the use of user namespaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19045,7 +19285,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19065,7 +19306,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.
+           
+@@ -19077,7 +19319,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040320 - The graphical display manager must not be installed on RHEL 8 unless approved.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.
+           
+@@ -19089,7 +19332,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040330 - RHEL 8 network interfaces must not be in promiscuous mode.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Network interfaces in promiscuous mode allow for the capture of all network traffic visible to the system. If unauthorized individuals can access these applications, it may allow them to collect information such as logon IDs, passwords, and key exchanges between systems.
+ 
+@@ -19103,7 +19347,8 @@ If the system is being used to perform a network troubleshooting function, the u
+           
+             RHEL-08-040340 - RHEL 8 remote X connections for interactive users must be disabled unless to fulfill documented and validated mission requirements.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The security risk of using X11 forwarding is that the client's X11 display server may be exposed to attack when the SSH client requests forwarding.  A system administrator may have a stance in which they want to protect clients that may expose themselves to attack by unwittingly requesting X11 forwarding, which can warrant a "no" setting.
+ 
+@@ -19119,7 +19364,8 @@ If X11 services are not required for the system's intended function, they should
+           
+             RHEL-08-040341 - The RHEL 8 SSH daemon must prevent remote hosts from connecting to the proxy display.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address.  By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DIPSLAY environment variable to localhost.  This prevents remote hosts from connecting to the proxy display.
+           
+@@ -19131,7 +19377,8 @@ If X11 services are not required for the system's intended function, they should
+           
+             RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Restricting TFTP to a specific directory prevents remote users from copying, transferring, or overwriting system files.
+           
+@@ -19143,7 +19390,8 @@ If X11 services are not required for the system's intended function, they should
+           
+             RHEL-08-040360 - A File Transfer Protocol (FTP) server package must not be installed unless mission essential on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The FTP service provides an unencrypted remote access that does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. SSH or other encrypted file transfer methods must be used in place of this service.
+           
+@@ -19155,7 +19403,8 @@ If X11 services are not required for the system's intended function, they should
+           
+             RHEL-08-040370 - The gssproxy package must not be installed unless mission essential on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19171,7 +19420,8 @@ The gssproxy package is a proxy for GSS API credential handling and could expose
+           
+             RHEL-08-040380 - The iprutils package must not be installed unless mission essential on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19187,7 +19437,8 @@ The iprutils package provides a suite of utilities to manage and configure SCSI
+           
+             RHEL-08-040390 - The tuned package must not be installed unless mission essential on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19203,7 +19454,8 @@ The tuned package contains a daemon that tunes the system settings dynamically.
+           
+             RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -19221,7 +19473,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010382 - RHEL 8 must restrict privilege elevation to authorized personnel.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
+           
+@@ -19233,7 +19486,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010383 - RHEL 8 must use the invoking user's password for privilege escalation when using "sudo".
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password. 
+ For more information on each of the listed configurations, reference the sudoers(5) manual page.
+@@ -19246,7 +19500,8 @@ For more information on each of the listed configurations, reference the sudoers
+           
+             RHEL-08-010384 - RHEL 8 must require re-authentication when using the "sudo" command.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
+ 
+@@ -19262,7 +19517,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+           
+             RHEL-08-010049 - RHEL 8 must display a banner before granting local or remote access to the system via a graphical user logon.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
+ 
+@@ -19278,7 +19534,8 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088
+           
+             RHEL-08-010152 - RHEL 8 operating systems must require authentication upon booting into emergency mode.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If the system does not require valid root authentication before it boots into emergency or rescue mode, anyone who invokes emergency or rescue mode is granted privileged access to all files on the system.
+           
+@@ -19290,7 +19547,8 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088
+           
+             RHEL-08-010159 - The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -19306,7 +19564,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010201 - The RHEL 8 SSH daemon must be configured with a timeout interval.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Terminating an idle SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
+ 
+@@ -19324,7 +19583,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
+           
+             RHEL-08-010472 - RHEL 8 must have the packages required to use the hardware random number generator entropy gatherer service.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.  
+ 
+@@ -19338,7 +19598,8 @@ The rngd service feeds random data from hardware device to kernel random device.
+           
+             RHEL-08-010522 - The RHEL 8 SSH daemon must not allow GSSAPI authentication, except to fulfill documented and validated mission requirements.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.
+           
+@@ -19350,7 +19611,8 @@ The rngd service feeds random data from hardware device to kernel random device.
+           
+             RHEL-08-010544 - RHEL 8 must use a separate file system for /var/tmp.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -19362,7 +19624,8 @@ The rngd service feeds random data from hardware device to kernel random device.
+           
+             RHEL-08-010572 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot/efi directory.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -19374,7 +19637,8 @@ The rngd service feeds random data from hardware device to kernel random device.
+           
+             RHEL-08-020032 - RHEL 8 must disable the user list at logon for graphical user interfaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Leaving the user list enabled is a security risk since it allows anyone with physical access to the system to enumerate known user accounts without authenticated access to the system.
+           
+@@ -19386,7 +19650,8 @@ The rngd service feeds random data from hardware device to kernel random device.
+           
+             RHEL-08-020082 - RHEL 8 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, operating systems need to be able to identify when a user's session has idled and take action to initiate the session lock.
+ 
+@@ -19406,7 +19671,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, SRG-OS-000480-GPO
+           
+             RHEL-08-020332 - RHEL 8 must not allow blank or null passwords in the password-auth file.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
+           
+@@ -19418,7 +19684,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, SRG-OS-000480-GPO
+           
+             RHEL-08-030181 - RHEL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -19436,7 +19703,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
+           
+             RHEL-08-030731 - RHEL 8 must notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when allocated audit record storage volume 75 percent utilization.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.
+           
+@@ -19448,7 +19716,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
+           
+             RHEL-08-040101 - A firewall must be active on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             "Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols.
+ 
+@@ -19465,7 +19734,8 @@ RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement action if
+           
+             RHEL-08-040136 - The RHEL 8 fapolicy module must be enabled.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19487,7 +19757,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000370-GPOS-00155, SRG-OS-000480-GPO
+           
+             RHEL-08-040139 - RHEL 8 must have the USBGuard installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
+ Peripherals include, but are not limited to, such devices as flash drives, external storage, and printers.
+@@ -19503,7 +19774,8 @@ The System Administrator (SA) must work with the site Information System Securit
+           
+             RHEL-08-040141 - RHEL 8 must enable the USBGuard.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
+ 
+@@ -19521,7 +19793,8 @@ The System Administrator (SA) must work with the site Information System Securit
+           
+             RHEL-08-040159 - All RHEL 8 networked systems must have SSH installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+ 
+@@ -19539,7 +19812,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
+           
+             RHEL-08-040209 - RHEL 8 must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+ 
+@@ -19559,7 +19833,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040239 - RHEL 8 must not forward IPv4 source-routed packets.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
+ 
+@@ -19579,7 +19854,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040249 - RHEL 8 must not forward IPv4 source-routed packets by default.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
+ 
+@@ -19599,7 +19875,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040279 - RHEL 8 must ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+ 
+@@ -19619,7 +19896,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040286 - RHEL 8 must enable hardening for the Berkeley Packet Filter Just-in-time compiler.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19641,7 +19919,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010121 - The RHEL 8 operating system must not have accounts configured with blank or null passwords.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
+           
+@@ -19653,7 +19932,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010331 - RHEL 8 library directories must have mode 755 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -19667,7 +19947,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010341 - RHEL 8 library directories must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -19681,7 +19962,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010351 - RHEL 8 library directories must be group-owned by root or a system account.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -19695,7 +19977,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010385 - The RHEL 8 operating system must not be configured to bypass password requirements for privilege escalation.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
+ 
+@@ -19711,7 +19994,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
+           
+             RHEL-08-020101 - RHEL 8 must ensure the password complexity module is enabled in the system-auth file.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
+ 
+@@ -19727,7 +20011,8 @@ RHEL 8 uses "pwquality" as a mechanism to enforce password complexity. This is s
+           
+             RHEL-08-040321 - The graphical display manager must not be the default target on RHEL 8 unless approved.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.
+           
+@@ -19739,7 +20024,8 @@ RHEL 8 uses "pwquality" as a mechanism to enforce password complexity. This is s
+           
+             RHEL-08-020035 - RHEL 8 must terminate idle user sessions.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux OS 8
+             
+             Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.
+           
+@@ -19802,11 +20088,11 @@ RHEL 8 uses "pwquality" as a mechanism to enforce password complexity. This is s
+         
+           
+         
+-        
++        
+           
+           
+         
+-        
++        
+           
+           
+         
+@@ -21745,12 +22031,12 @@ RHEL 8 uses "pwquality" as a mechanism to enforce password complexity. This is s
+           1
+         
+         
+-          /boot/efi/EFI/redhat/grub.cfg
++          /boot/efi/EFI/almalinux/grub.cfg
+           ^\s*set\s+superusers\s*=\s*"(\w+)"\s*$
+           1
+         
+         
+-          /boot/efi/EFI/redhat/user.cfg
++          /boot/efi/EFI/almalinux/user.cfg
+           ^\s*GRUB2_PASSWORD=(\S+)\b
+           1
+         
+@@ -25379,7 +25665,8 @@ RHEL 8 uses "pwquality" as a mechanism to enforce password complexity. This is s
            
              RHEL 8 is installed
              
@@ -23131,6 +21502,42 @@ index ecdb4b277..9702848cf 100644
              
              
              RHEL 8 is installed
+diff --git a/shared/references/disa-stig-rhel8-v2r3-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v2r3-xccdf-manual.xml
+index 7fa5cfb17..4024119f2 100644
+--- a/shared/references/disa-stig-rhel8-v2r3-xccdf-manual.xml
++++ b/shared/references/disa-stig-rhel8-v2r3-xccdf-manual.xml
+@@ -370,7 +370,7 @@ SHA_CRYPT_MIN_ROUNDS 100000SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "100000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+ 
+ Generate an encrypted grub2 password for the grub superusers account with the following command:
+ 
+@@ -380,7 +380,7 @@ Confirm password:For systems that use BIOS, this is Not Applicable.
++$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
+ 
+ Verify that a unique name is set as the "superusers" account:
+ 
+-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
++$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
+ set superusers="[someuniquestringhere]"
+ export superusers
+ 
 diff --git a/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh b/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
 index 8c002663d..c8d3ff1a4 100644
 --- a/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
@@ -23166,7 +21573,7 @@ index c5051bcf7..846c0e661 100644
  # strategy = restrict
  # complexity = medium
 diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
-index 4c25b2d95..26100fc4e 100644
+index 4cc696340..7dcfe8e61 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
 +++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
 @@ -1,6 +1,6 @@
@@ -23176,7 +21583,7 @@ index 4c25b2d95..26100fc4e 100644
 +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
  # packages = grub2,grubby
  
- source common.sh
+ {{%- if ARG_VARIABLE %}}
 diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_and_not_referenced.pass.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_and_not_referenced.pass.sh
 index 59d4ddd5d..f47ce4d8b 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_and_not_referenced.pass.sh
@@ -23190,7 +21597,7 @@ index 59d4ddd5d..f47ce4d8b 100644
  
  {{%- if ARG_VARIABLE %}}
 diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_but_referenced.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_but_referenced.fail.sh
-index 98da43833..d41cbe4c2 100644
+index 4b5e13062..9a372e44c 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_but_referenced.fail.sh
 +++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_but_referenced.fail.sh
 @@ -1,6 +1,6 @@
@@ -23199,10 +21606,10 @@ index 98da43833..d41cbe4c2 100644
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
  # packages = grub2,grubby
- 
- source common.sh
+ {{%- if ARG_VARIABLE %}}
+ # variables = {{{ ARG_VARIABLE }}}=correct_value
 diff --git a/shared/templates/grub2_bootloader_argument/tests/correct_value_grubenv_only.pass.sh b/shared/templates/grub2_bootloader_argument/tests/correct_value_grubenv_only.pass.sh
-index 1a955c392..cbce6c60e 100644
+index 6ebffb8f5..59af25b6a 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/correct_value_grubenv_only.pass.sh
 +++ b/shared/templates/grub2_bootloader_argument/tests/correct_value_grubenv_only.pass.sh
 @@ -1,6 +1,6 @@
@@ -23211,10 +21618,10 @@ index 1a955c392..cbce6c60e 100644
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
  # packages = grub2,grubby
- 
- source common.sh
+ {{%- if ARG_VARIABLE %}}
+ # variables = {{{ ARG_VARIABLE }}}=correct_value
 diff --git a/shared/templates/grub2_bootloader_argument/tests/correct_value_mix_entries_and_grubenv.pass.sh b/shared/templates/grub2_bootloader_argument/tests/correct_value_mix_entries_and_grubenv.pass.sh
-index 888445d23..d97a32fb5 100644
+index 0a5a8be0d..041d3fae4 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/correct_value_mix_entries_and_grubenv.pass.sh
 +++ b/shared/templates/grub2_bootloader_argument/tests/correct_value_mix_entries_and_grubenv.pass.sh
 @@ -1,6 +1,6 @@
@@ -23223,10 +21630,10 @@ index 888445d23..d97a32fb5 100644
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
  # packages = grub2,grubby
- 
- source common.sh
+ {{%- if ARG_VARIABLE %}}
+ # variables = {{{ ARG_VARIABLE }}}=correct_value
 diff --git a/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh b/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
-index 0ee7a41ca..a31c37bc4 100644
+index b875737f2..9685f6abd 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
 +++ b/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
 @@ -1,6 +1,6 @@
@@ -23235,10 +21642,10 @@ index 0ee7a41ca..a31c37bc4 100644
 -# platform = multi_platform_fedora,multi_platform_rhel
 +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
  # packages = grub2,grubby
- 
- source common.sh
+ {{%- if ARG_VARIABLE %}}
+ # variables = {{{ ARG_VARIABLE }}}=correct_value
 diff --git a/shared/templates/grub2_bootloader_argument/tests/wrong_value_grubenv.fail.sh b/shared/templates/grub2_bootloader_argument/tests/wrong_value_grubenv.fail.sh
-index 75c487299..0143d91e3 100644
+index a366cc06e..7d595fcb2 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/wrong_value_grubenv.fail.sh
 +++ b/shared/templates/grub2_bootloader_argument/tests/wrong_value_grubenv.fail.sh
 @@ -1,6 +1,6 @@
@@ -23248,7 +21655,7 @@ index 75c487299..0143d91e3 100644
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux OS 8
  # packages = grub2,grubby
  
- source common.sh
+ {{%- if ARG_VARIABLE %}}
 diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
 index fc3db8ccd..a12bef4b2 100644
 --- a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
@@ -23336,7 +21743,7 @@ index be0fc1de8..8284a5711 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/package_removed/bootc.template b/shared/templates/package_removed/bootc.template
-index 9e3535578..f0a418432 100644
+index eef498941..255ac57a1 100644
 --- a/shared/templates/package_removed/bootc.template
 +++ b/shared/templates/package_removed/bootc.template
 @@ -1,4 +1,4 @@
@@ -23346,7 +21753,7 @@ index 9e3535578..f0a418432 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/package_removed/kickstart.template b/shared/templates/package_removed/kickstart.template
-index 486ebbbdc..963412bac 100644
+index 99f5e33b9..a0b930444 100644
 --- a/shared/templates/package_removed/kickstart.template
 +++ b/shared/templates/package_removed/kickstart.template
 @@ -1,4 +1,4 @@
@@ -23392,29 +21799,31 @@ index b5d27377a..31f2fe7c6 100644
  {{{ tests_init_faillock_vars("correct") }}}
  
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
-index d900ff868..9b72a395b 100644
+index f44b6cfc8..654003187 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
+@@ -1,7 +1,7 @@
  #!/bin/bash
+ {{{ tests_init_faillock_vars("lenient_high") }}}
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 +# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  
- {{{ tests_init_faillock_vars("lenient_high") }}}
  
+ authselect select sssd --force
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
-index bcb8d1002..727fd4321 100644
+index 82e81365a..3c29614a0 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
+@@ -1,7 +1,7 @@
  #!/bin/bash
+ {{{ tests_init_faillock_vars("lenient_low") }}}
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 +# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux OS 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  
- {{{ tests_init_faillock_vars("lenient_low") }}}
  
+ authselect select sssd --force
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 index 56f9acccc..63364cc0e 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
@@ -23500,7 +21909,7 @@ index e14d59dfc..1b236a130 100644
  # Correct BLS option using grubby, which is a thin wrapper around BLS operations
  grubby --update-kernel=ALL --args="{{{ ARG_NAME }}}={{{ ARG_VALUE }}}"
 diff --git a/ssg/constants.py b/ssg/constants.py
-index cf58db6a1..30b8e5076 100644
+index a0265a9d9..f35214c13 100644
 --- a/ssg/constants.py
 +++ b/ssg/constants.py
 @@ -40,7 +40,7 @@ SSG_REF_URIS = {
@@ -23512,7 +21921,7 @@ index cf58db6a1..30b8e5076 100644
      'anolis8',
      'anolis23',
      'al2023',
-@@ -204,7 +204,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
+@@ -211,7 +211,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
  FULL_NAME_TO_PRODUCT_MAPPING = {
      "Alibaba Cloud Linux 2": "alinux2",
      "Alibaba Cloud Linux 3": "alinux3",
@@ -23521,7 +21930,7 @@ index cf58db6a1..30b8e5076 100644
      "Anolis OS 8": "anolis8",
      "Anolis OS 23": "anolis23",
      "Amazon Linux 2023": "al2023",
-@@ -295,7 +295,7 @@ MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
+@@ -302,7 +302,7 @@ MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
  
  MULTI_PLATFORM_MAPPING = {
      "multi_platform_alinux": ["alinux2", "alinux3"],
@@ -23531,10 +21940,10 @@ index cf58db6a1..30b8e5076 100644
      "multi_platform_debian": ["debian11", "debian12"],
      "multi_platform_example": ["example"],
 diff --git a/tests/data/product_stability/ol7.yml b/tests/data/product_stability/ol7.yml
-index eb1005de9..6c1f3517b 100644
+index 27cf93dcc..16fc52311 100644
 --- a/tests/data/product_stability/ol7.yml
 +++ b/tests/data/product_stability/ol7.yml
-@@ -29,7 +29,7 @@ groups:
+@@ -30,7 +30,7 @@ groups:
    dedicated_ssh_keyowner:
      name: ssh_keys
  grub2_boot_path: /boot/grub2
@@ -23544,10 +21953,10 @@ index eb1005de9..6c1f3517b 100644
  init_system: systemd
  major_version_ordinal: 7
 diff --git a/tests/data/product_stability/ol8.yml b/tests/data/product_stability/ol8.yml
-index ec49ad45f..67008023e 100644
+index 169cd1991..f694d28f5 100644
 --- a/tests/data/product_stability/ol8.yml
 +++ b/tests/data/product_stability/ol8.yml
-@@ -29,7 +29,7 @@ groups:
+@@ -30,7 +30,7 @@ groups:
    dedicated_ssh_keyowner:
      name: ssh_keys
  grub2_boot_path: /boot/grub2
@@ -23557,10 +21966,10 @@ index ec49ad45f..67008023e 100644
  init_system: systemd
  major_version_ordinal: 8
 diff --git a/tests/data/product_stability/rhel8.yml b/tests/data/product_stability/rhel8.yml
-index cec14308a..b7e6596bf 100644
+index 8f764c4d1..0cc1d40ec 100644
 --- a/tests/data/product_stability/rhel8.yml
 +++ b/tests/data/product_stability/rhel8.yml
-@@ -80,7 +80,7 @@ groups:
+@@ -81,7 +81,7 @@ groups:
    dedicated_ssh_keyowner:
      name: ssh_keys
  grub2_boot_path: /boot/grub2
@@ -23606,11 +22015,11 @@ index 849ab06f6..1a4927eec 100644
  export superusers
  
 diff --git a/tests/shared/grub2.sh b/tests/shared/grub2.sh
-index d11a2ea48..2a0d14294 100644
+index 42abeb78e..fb99e71f2 100644
 --- a/tests/shared/grub2.sh
 +++ b/tests/shared/grub2.sh
-@@ -7,10 +7,10 @@ function set_grub_uefi_root {
- 		if grep VERSION /etc/os-release | grep -q '9\.0'; then
+@@ -11,10 +11,10 @@ function set_grub_uefi_root {
+ 		if grep VERSION /etc/os-release | grep -q '9\.'; then
  			GRUB_CFG_ROOT=/boot/grub2
  		else
 -			GRUB_CFG_ROOT=/boot/efi/EFI/redhat
@@ -23619,9 +22028,9 @@ index d11a2ea48..2a0d14294 100644
  	elif grep NAME /etc/os-release | grep -iq "Oracle"; then
 -		GRUB_CFG_ROOT=/boot/efi/EFI/redhat
 +		GRUB_CFG_ROOT=/boot/efi/EFI/almalinux
+ 	elif grep NAME /etc/os-release | grep -iq "Ubuntu"; then
+ 		GRUB_CFG_ROOT=/boot/grub
  	fi
- }
- 
 diff --git a/tests/unit/ssg-module/data/product.yml b/tests/unit/ssg-module/data/product.yml
 index 540ab0181..191dde4ec 100644
 --- a/tests/unit/ssg-module/data/product.yml
@@ -23791,14 +22200,15 @@ index 5a2bc1005..c3dfe6dce 100644
  # check = oval
  # remediation = none
 diff --git a/utils/ansible_playbook_to_role.py b/utils/ansible_playbook_to_role.py
-index e3c4bc4ae..5c2e3176e 100755
+index e3c4bc4ae..bb39a939f 100755
 --- a/utils/ansible_playbook_to_role.py
 +++ b/utils/ansible_playbook_to_role.py
-@@ -65,6 +65,7 @@ yaml.add_constructor(_mapping_tag, dict_constructor)
+@@ -65,6 +65,8 @@ yaml.add_constructor(_mapping_tag, dict_constructor)
  PRODUCT_ALLOWLIST = set([
      "rhel8",
      "rhel9",
 +    "almalinux8",
++    "almalinux9",
  ])
  
  PROFILE_ALLOWLIST = set([
diff --git a/SPECS/scap-security-guide.spec b/SPECS/scap-security-guide.spec
index 9b4f7cb..b9aa21b 100644
--- a/SPECS/scap-security-guide.spec
+++ b/SPECS/scap-security-guide.spec
@@ -5,7 +5,7 @@
 # global _default_patch_fuzz 2  # Normally shouldn't be needed as patches should apply cleanly
 
 Name:		scap-security-guide
-Version:	0.1.76
+Version:	0.1.77
 Release:	1%{?dist}.alma.1
 Summary:	Security guidance and baselines in SCAP formats
 License:	BSD-3-Clause
@@ -18,9 +18,8 @@ Source1:	%{_static_rhel6_content}.tar.bz2
 Source2:	%{_static_rhel7_content}.tar.bz2
 Patch0: fix_scap_delta_tailoring.patch
 
-
-# AlmaLinux patches
-Patch1001:		0001-Add-AlmaLinux-8-support.patch
+# AlmaLinux Patch
+Patch1001: scap-security-guide-add-almalinux8-product.patch
 
 BuildArch:	noarch
 
@@ -57,18 +56,21 @@ The %{name}-doc package contains HTML formatted documents containing
 hardening guidances that have been generated from XCCDF benchmarks
 present in %{name} package.
 
-%package	rule-playbooks
-Summary:	Ansible playbooks per each rule.
-Group:		System Environment/Base
-Requires:	%{name} = %{version}-%{release}
+%package  rule-playbooks
+Summary:  Ansible playbooks per each rule.
+Group:    System Environment/Base
+Requires: %{name} = %{version}-%{release}
 
-%description	rule-playbooks
+%description  rule-playbooks
 The %{name}-rule-playbooks package contains individual ansible playbooks per rule.
 
 %prep
 %setup -q -b1 -b2
 %patch -P 0 -p1
 
+# Applying AlmaLinux Patch
+%patch -P 1001 -p1 -b .scap-security-guide-add-almalinux8-product
+
 %define cmake_defines_common -DSSG_SEPARATE_SCAP_FILES_ENABLED=OFF -DSSG_BASH_SCRIPTS_ENABLED=OFF -DSSG_PRODUCT_FIREFOX:BOOLEAN=true -DSSG_PRODUCT_JRE:BOOLEAN=TRUE
 %define cmake_defines_specific %{nil}
 %if 0%{?rhel}
@@ -78,11 +80,9 @@ The %{name}-rule-playbooks package contains individual ansible playbooks per rul
 %define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_RHEL%{centos}:BOOLEAN=TRUE -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=ON
 %endif
 %if 0%{?almalinux}
-%define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_ALMALINUX%{rhel}:BOOLEAN=TRUE -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_ANSIBLE_PLAYBOOKS_PER_RULE_ENABLED:BOOL=ON
+%define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_ALMALINUX%{almalinux}:BOOLEAN=TRUE -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_ANSIBLE_PLAYBOOKS_PER_RULE_ENABLED:BOOL=ON
 %endif
 
-%patch1001 -p1
-
 %build
 mkdir -p %{_vpath_builddir}
 cd %{_vpath_builddir}
@@ -114,6 +114,7 @@ ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefo
 %{_datadir}/xml/scap/ssg/content
 %{_datadir}/%{name}/kickstart
 %{_datadir}/%{name}/ansible
+%{_datadir}/%{name}/bash
 %{_datadir}/%{name}/tailoring
 %lang(en) %{_mandir}/man8/scap-security-guide.8.*
 %doc %{_docdir}/%{name}/LICENSE
@@ -130,9 +131,13 @@ ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefo
 %{_datadir}/%{name}/ansible/rule_playbooks
 
 %changelog
-* Thu Apr 24 2025 Andrew Lukoshko  - 0.1.76-1.alma.1
+* Tue Jul 15 2025 Andrew Lukoshko  - 0.1.77-1.alma.1
 - Add AlmaLinux support
 
+* Tue Jun 03 2025 Matthew Burket  - 0.1.77-1
+- Rebase scap-security-guide to the latest upstream version 0.1.76 (RHEL-94802)
+- STIG: do not remediate rule disabling user namespaces (RHEL-76750)
+
 * Tue Feb 25 2025 Vojtech Polasek  - 0.1.76-1
 - rebase scap-security-guide to the latest upstream version 0.1.76 (RHEL-74241)
 
@@ -164,6 +169,7 @@ ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefo
 
 * Fri Feb 16 2024 Marcus Burghardt  - 0.1.72-2
 - Unlist profiles no longer maintained in RHEL8.
+
 * Wed Feb 14 2024 Marcus Burghardt  - 0.1.72-1
 - Rebase to a new upstream release 0.1.72 (RHEL-25250)
 - Increase CIS standards coverage regarding SSH and cron (RHEL-1314)
@@ -227,6 +233,7 @@ ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefo
 
 * Wed Aug 17 2022 Watson Sato  - 0.1.63-4
 - Fix check of enable_fips_mode on s390x (RHBZ#2070564)
+
 * Mon Aug 15 2022 Watson Sato  - 0.1.63-3
 - Fix Ansible partition conditional (RHBZ#2032403)