rpms/scap-security-guide
7
0
Fork 0
Code Issues Pull Requests Releases Activity
5d623aa88d
scap-security-guide/SOURCES/scap-security-guide-0.1.61-remove_client_alive_max-PR_8197.patch
CentOS Sources c24c37eb20 import scap-security-guide-0.1.57-9.el8_5
2022-04-26 18:09:24 +00:00

81 lines
2.7 KiB
Diff
Raw Blame History

commit 2a3e271027ddfef1b8ebf55f4d02a0c6a8eb445f
Author: Watson Sato <wsato@redhat.com>
Date: Mon Feb 28 11:12:44 2022 +0100
Manual edited patch scap-security-guide-0.1.61-remove_client_alive_max-PR_8197.patch.
diff --git a/products/rhel8/profiles/stig.profile b/products/rhel8/profiles/stig.profile
index 5829039..eb6cf83 100644
--- a/products/rhel8/profiles/stig.profile
+++ b/products/rhel8/profiles/stig.profile
@@ -50,7 +50,7 @@ selections:
- var_password_pam_lcredit=1
- var_password_pam_retry=3
- var_password_pam_minlen=15
- - var_sshd_set_keepalive=0
+ # - var_sshd_set_keepalive=0
- sshd_approved_macs=stig
- sshd_approved_ciphers=stig
- sshd_idle_timeout_value=10_minutes
@@ -168,11 +168,13 @@ selections:
# RHEL-08-010190
- dir_perms_world_writable_sticky_bits
- # RHEL-08-010200
- - sshd_set_keepalive_0
-
- # RHEL-08-010201
- - sshd_set_idle_timeout
+ # These two items don't behave as they used to in RHEL8.6 and RHEL9
+ # anymore. They will be disabled for now until an alternative
+ # solution is found.
+ # # RHEL-08-010200
+ # - sshd_set_keepalive_0
+ # # RHEL-08-010201
+ # - sshd_set_idle_timeout
# RHEL-08-010210
- file_permissions_var_log_messages
diff --git a/tests/data/profile_stability/rhel8/stig.profile b/tests/data/profile_stability/rhel8/stig.profile
index b9eeff5..f181bd9 100644
--- a/tests/data/profile_stability/rhel8/stig.profile
+++ b/tests/data/profile_stability/rhel8/stig.profile
@@ -347,8 +347,6 @@ selections:
- sshd_enable_warning_banner
- sshd_print_last_log
- sshd_rekey_limit
-- sshd_set_idle_timeout
-- sshd_set_keepalive_0
- sshd_use_strong_rng
- sshd_x11_use_localhost
- sssd_certificate_verification
@@ -416,7 +414,6 @@ selections:
- var_password_pam_ucredit=1
- var_password_pam_lcredit=1
- var_password_pam_retry=3
-- var_sshd_set_keepalive=0
- sshd_approved_macs=stig
- sshd_approved_ciphers=stig
- sshd_idle_timeout_value=10_minutes
diff --git a/tests/data/profile_stability/rhel8/stig_gui.profile b/tests/data/profile_stability/rhel8/stig_gui.profile
index 54bf46d..48e7d03 100644
--- a/tests/data/profile_stability/rhel8/stig_gui.profile
+++ b/tests/data/profile_stability/rhel8/stig_gui.profile
@@ -358,8 +358,6 @@ selections:
- sshd_enable_warning_banner
- sshd_print_last_log
- sshd_rekey_limit
-- sshd_set_idle_timeout
-- sshd_set_keepalive_0
- sshd_use_strong_rng
- sshd_x11_use_localhost
- sssd_certificate_verification
@@ -426,7 +424,6 @@ selections:
- var_password_pam_ucredit=1
- var_password_pam_lcredit=1
- var_password_pam_retry=3
-- var_sshd_set_keepalive=0
- sshd_approved_macs=stig
- sshd_approved_ciphers=stig
- sshd_idle_timeout_value=10_minutes
Reference in New Issue View Git Blame Copy Permalink