103 lines
6.2 KiB
Diff
103 lines
6.2 KiB
Diff
From 04459c1b82cc495af2bfcaac301a3805ec0addf6 Mon Sep 17 00:00:00 2001
|
|
From: Matthew Burket <mburket@redhat.com>
|
|
Date: Wed, 3 Aug 2022 07:42:59 -0500
|
|
Subject: [PATCH 5/8] Merge pull request #9282 from
|
|
yuumasato/rhel_align_aide_check_tools
|
|
|
|
Patch-name: scap-security-guide-0.1.64-aide_check_rsyslogd-PR_9282.patch
|
|
Patch-status: Add rsyslogd to the list of tools checked by aide
|
|
---
|
|
.../aide/aide_check_audit_tools/ansible/shared.yml | 1 +
|
|
.../aide/aide_check_audit_tools/bash/shared.sh | 3 +--
|
|
.../aide/aide_check_audit_tools/oval/shared.xml | 2 +-
|
|
.../aide/aide_check_audit_tools/tests/correct.pass.sh | 2 +-
|
|
.../aide_check_audit_tools/tests/correct_with_selinux.pass.sh | 2 +-
|
|
.../aide/aide_check_audit_tools/tests/not_config.fail.sh | 2 +-
|
|
6 files changed, 6 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
|
|
index 9d1b7b675c..5905ea8d0e 100644
|
|
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
|
|
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
|
|
@@ -22,6 +22,7 @@
|
|
- /usr/sbin/aureport
|
|
- /usr/sbin/ausearch
|
|
- /usr/sbin/autrace
|
|
+ {{% if product == 'ol8' or 'rhel' in product %}}- /usr/sbin/rsyslogd{{% endif %}}
|
|
|
|
- name: Ensure existing AIDE configuration for audit tools are correct
|
|
lineinfile:
|
|
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
|
|
index d0a1ba2522..a81e25c395 100644
|
|
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
|
|
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
|
|
@@ -18,12 +18,11 @@
|
|
{{% set auditfiles = auditfiles + ["/usr/sbin/audispd"] %}}
|
|
{{% endif %}}
|
|
|
|
-{{% if product == 'ol8' %}}
|
|
+{{% if product == 'ol8' or 'rhel' in product %}}
|
|
{{% set auditfiles = auditfiles + ["/usr/sbin/rsyslogd"] %}}
|
|
{{% endif %}}
|
|
|
|
{{% for file in auditfiles %}}
|
|
-
|
|
if grep -i '^.*{{{file}}}.*$' {{{ aide_conf_path }}}; then
|
|
sed -i "s#.*{{{file}}}.*#{{{file}}} {{{ aide_string() }}}#" {{{ aide_conf_path }}}
|
|
else
|
|
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/oval/shared.xml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/oval/shared.xml
|
|
index 6ce56c1137..ca9bf4f94d 100644
|
|
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/oval/shared.xml
|
|
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/oval/shared.xml
|
|
@@ -11,7 +11,7 @@
|
|
{{% if 'rhel' not in product and product != 'ol8' %}}
|
|
<criterion comment="audispd is checked in {{{ aide_conf_path }}}" test_ref="test_aide_verify_audispd" />
|
|
{{% endif %}}
|
|
- {{% if product == 'ol8' %}}
|
|
+ {{% if product == 'ol8' or 'rhel' in product %}}
|
|
<criterion comment="rsyslogd is checked in {{{ aide_conf_path }}}" test_ref="test_aide_verify_rsyslogd" />
|
|
{{% endif %}}
|
|
<criterion comment="augenrules is checked in {{{ aide_conf_path }}}" test_ref="test_aide_verify_augenrules" />
|
|
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
|
|
index 756b88d8a2..071dde1329 100644
|
|
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
|
|
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
|
|
@@ -7,7 +7,7 @@ aide --init
|
|
|
|
|
|
declare -a bins
|
|
-bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace')
|
|
+bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd')
|
|
|
|
for theFile in "${bins[@]}"
|
|
do
|
|
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
|
|
index f3a2a126d3..cb9bbfa735 100644
|
|
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
|
|
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
|
|
@@ -4,7 +4,7 @@
|
|
yum -y install aide
|
|
|
|
declare -a bins
|
|
-bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace')
|
|
+bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd')
|
|
|
|
for theFile in "${bins[@]}"
|
|
do
|
|
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
|
|
index 4315cef207..a22aecb000 100644
|
|
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
|
|
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
|
|
@@ -6,7 +6,7 @@ yum -y install aide
|
|
aide --init
|
|
|
|
declare -a bins
|
|
-bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace')
|
|
+bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd')
|
|
|
|
for theFile in "${bins[@]}"
|
|
do
|
|
--
|
|
2.37.1
|
|
|